InSecurityWatch: Bombers, hacks, spooks, zones


Today’s InSecurityWatch opens with another crack at the ol’ Pottery Barn Rule.

First the prextext, via the Christian Science Monitor:

Islamic State persecution of Yazidi minority amounts to genocide, UN says

Tens of thousands of Yazidis have taken refuge on a mountain in Sinjar province after Islamic State fighters overran their town and other areas, pushing out Kurdish paramilitary forces.

Sunni Arab militants in northern Iraq are hunting down and killing large numbers of minority Yazidis, acts which amount to genocide, according to a senior United Nations official.

On Sunday, fighters from the self-declared Islamic State overran the city of Sinjar, part of a widening offensive that on Thursday saw IS take control of other Christian and Yzedi towns on the Nineveh plains. According to UN officials and Yazidi elders, the militants have killed hundreds of Yazidis, a secretive faith with pre-Islamic roots. Others have been taken as slaves. Tens of thousands have taken refuge on Sinjar Mountain, their traditional refuge over centuries of persecution, and are appealing for emergency aid.

Unlike Christians, who have been told they must either pay a religious tax or convert to Islam to avoid death, the Yazidis are considered by Sunni militants to be infidels who deserve extermination.

And the response, via the Los Angeles Times:

U.S. will use airstrikes to avert genocide in Iraq, Obama says

President Obama, saying that he was acting to avert a threatened genocide, announced that he had authorized airstrikes against Sunni militants who have advanced quickly across northern Iraq, driving tens of thousands of people out of their towns and villages.

In addition to the threat of airstrikes, Obama said U.S. cargo planes had dropped supplies to the refugees in the area of Mt. Sinjar, who he said faced the risk of imminent starvation.

“Today, America is coming to help,” Obama said. But he repeated his vow that no American combat troops would be sent back to Iraq.

And another country invaded, another lingering blowback, via the McClatchy Washington Bureau:

‘Green-on-blue’ killings in Afghanistan raise tough questions about U.S. strategy

In the hours after a suspected coalition-trained Afghan soldier opened fire at Afghanistan’s national defense university, killing an American two-star general and injuring more than a dozen others, a question that has plagued U.S. efforts arose again in quiet murmurs at coalition bases and camps across that country:

How are we supposed to train people who often want to kill us?

Attacks by Afghan forces on their coalition partners _ the Long Wars Journal has counted 87 since 2008 _ reached a peak in 2012. That’s when the U.S. military imposed security and education measures intended to protect coalition troops from the very people they are supposed to help. Until Tuesday’s attack, those measures were thought to have been successful; it had been six months since a uniformed Afghan had attacked American soldiers.

And from the newly issued World Drug Report [PDF] of the United Nations Office of Drug and Crime, another Afghan invasion result. Click on the chart to embiggen:

BLOG Smack

And some good news for America’s leaker-in-exile via Al Jazeera English:

Snowden gets three-year residence in Russia

  • NSA whistleblower granted asylum allowing him to move about freely and travel abroad.

Edward Snowden, the former US intelligence contractor turned whistleblower, has been granted a three-year residence permit to remain in Russia.

Snowden’s lawyer, Anatoly Kucherena, told reporters on Thursday that Snowden had been granted asylum allowing him to move about freely and travel abroad.

“The request was accepted and accordingly Edward Snowden was given a three-year residence permit,” Kucherena said.

Techdirt raises an interesting question:

As DOJ Hunts For ‘Second Leaker,’ Will It Also Explore Who Leaked The Intercept’s Story To The AP?

  • from the questions-to-ponder dept

Earlier this week, Tim Cushing wrote about The Intercept’s latest scoop, concerning the makeup of the US government’s federal terrorist watchlist, and the fact that a large chunk of it isn’t affiliated with any terrorist groups. While most of the article focused on that point, he made two other notes in passing — the first was that it was obvious that this release was from a second leaker, not Snowden, and the second was about how the government “leaked” the story in a “friendlier” manner to the AP in order to beat The Intercept. We thought both of these asides were interesting, but they’ve both turned into big stories on their own.

CNN later confirmed that US government officials are now searching for the second leaker (though “second” may not be accurate either…), more or less confirming what many people had been suspecting. Meanwhile, the “scoop spoiling” by the federal government actually resulted in a semi-apology from the National Counterterrorism Center (NCTC) who gave the scoop to the AP. The NCTC claimed it had been working with the AP on a story for a while, and after seeing what The Intercept was doing, felt it needed to give them the heads up, though it also says it could have handled the situation better. Of course, this also makes it more likely that The Intercept won’t bother giving the government much time (if any) to respond on future stories. Why risk the chance of having the government spoil the scoop again?

From the Dept. Of We Say So, via Defense One:

The CIA Can’t Hack Senate Computers Because They Own Them, Experts Say

CIA personnel probably didn’t commit a hacking crime by rummaging through congressional computers used to research the agency’s torture activities, former federal attorneys and scholars say.

Some lawmakers are calling for a criminal probe into new findings by a CIA inspector general that the agency improperly searched Senate intelligence committee files about its detention and interrogation program. Committee staff has been compiling a report condemning the program.

Under an agreement, only CIA information technology employees were allowed to access the system, says committee Chairwoman Sen. Dianne Feinstein, D-Calif. The CIA violated that agreement by removing about 920 agency items and searching through the committee’s own internal work, she maintains.

SecurityWeek covers turnabout:

Attackers Used Multiple Zero-Days to Hit Spy Agencies in Cyber-Espionage Campaign

Kaspersky Lab said that it has discovered how victims of an ongoing massive cyber espionage campaign were infected, shedding light on questions previously left unanswered in earlier research.

The campaign, called Epic Turla, targeted intelligence agencies, government institutions, embassies, military groups, education institutions, and research and pharmaceutical companies in more than 45 countries, the security firm said on Thursday.

Turla, also known as Snake or Uroburos, is considered by researchers to be one of the most sophisticated ongoing cyber-espionage campaigns. Earlier research by G-Data published in February of this year on Turla/Snake didn’t address how victims were getting infected in the first place, or the role Epic Turla/Tavdig played in the infection path.

From Wired threat level, let’s make a deal:

CIA Insider: U.S. Should Buy All Security Exploits, Then Disclose Them

To increase the security of the internet and computers, the government should corner the market on zero-day vulnerabilities and exploits, offering top-dollar to force out all other buyers. At least, that’s what Dan Geer thinks, and his opinion matters. Geer is chief information security officer at the CIA’s venture capital arm In-Q-Tel, which invests in technologies that help the intelligence community.

Geer, an icon in the world of computer security, delivered his controversial stance during a keynote at the Black Hat security conference in Las Vegas today. His talk, entitled “Cybersecurity as Realpolitik” was provocative throughout, including advocating that software companies make their unsupported products open source to keep them secure. He even quoted the Code of Hammurabi (circa 1700 B.C.) while suggesting that product liability be applied to source code. “If a builder builds a house for someone, and does not construct it properly, and the house which he built falls in and kills its owner, then the builder shall be put to death,” he said. While the death penalty may be a little severe for software makers who fail to adequately secure their products, criminal and civil liability isn’t, he suggests.

But the highlight of Geer’s talk was definitely his suggestion that the U.S. government own the zero-day market. Zero-day vulnerabilities are security holes in software that are yet unknown to software makers or to antivirus firms. They’re unpatched and unprotected, leaving them open to exploit by spy agencies, criminal hackers, and others.

From Reuters, color them embarrassed:

U.S. Homeland Security contractor reports computer breach

A company that performs background checks for the U.S. Department of Homeland Security said on Wednesday it was the victim of a cyber attack, adding in a statement that “it has all the markings of a state-sponsored attack.”

The computer breach at Falls Church, Virginia-based US Investigations Services (USIS) probably involved the theft of personal information about DHS employees, according to the Washington Post, which first reported the story.

DHS said it had suspended all work with the company amid an investigation by the FBI. A “multi-agency cyber response team is working with the company to identify the scope of the intrusion,” DHS spokesman Peter Boogaard said in a statement.

The Sacramento Bee covers another major embarrassment:

Homeland Security official arrested in sting involving sordid Sacramento Craigslist ad

A Homeland Security employee has been arrested in connection with a sting that alleges he used a Craigslist ad in an effort to get a mother and an underage daughter to have sex with him.

George Hristovski, 54, of Elverta, was booked into Sacramento County Jail on Monday after his arrest by the Federal Bureau of Investigation. His LinkedIn posting identifies him as an inspector for the U.S. Department of Homeland Security.

A federal court filing requesting an arrest warrant for Hristovski said that Placer County Sheriff’s Department detectives noticed an ad on Craigslist on July 14 in the “Casual Encounters” section of the Sacramento area part of the website.

The person who placed the ad sought a mother who wanted a man to teach a daughter about sex. Detectives, posing as a mother and a 13-year-old daughter, corresponded via e-mails with the person who took out the ad.

And from the Guardian, yet another embarrassment:

‘Jedi Council’ sex ring: 171 Australian Defence Force staff disciplined

  • Ten soldiers were sacked and another 161 received censures, warnings, performance counselling or punishment

More than 170 defence personnel were sacked or disciplined over the allegations around the creation and distribution of explicit and degrading emails, including images of a woman having sex which were taken without her knowledge.

In June 2013 the chief of army, Lieutenant General David Morrison, revealed the Australian Defence Force (ADF) was investigating a large number of military personnel who had allegedly created or shared the “explicit, derogatory, demeaning and repugnant” emails. A number of ADF personnel were sacked over the incident, and several were referred to police.

The army has since terminated the service of 10 soldiers ranked from lance corporal to major – six of them in November last year – in response to the ADF investigation into the allegations, and another 161 officers and noncommissioned officers were identified as involved.

From Greek Reporter, austerity blowback:

Greek Armed Forces Protest Merging of Pensions; Prepare For Strike

Members of the Greek armed forces protested in Athens on Wednesday morning against the Greek government’s plans to merge their auxiliary pension funds with others.

According to the president of the Panhellenic Federation of Police Officers, Christos Fotopoulos, Greek police officers are considering going on strike.

“If our demands, which are absolutely reasonable, are not met, the members of Greek armed forces will take the next step” he said during the Greek police officers protest in central Athens on August 6.

And yet another embarrassment, via Bloomberg News:

TSA Checkpoints Vulnerable to Hacks Through Backdoors

The Transportation Security Administration, that guardian of airports for whom we have all shed shoes, jackets, and loose change, has a worrisome safety issue of its own, according to a cyber researcher for Qualys.

Two devices that may be used at airport and other security checkpoints have “backdoors”—usernames and passwords hard-coded into the equipment that a hacker could use to get into the machines, says Billy Rios, in findings he discussed yesterday at the Black Hat security conference in Las Vegas.

Why would a manufacturer create that kind of risk? It’s actually quite common—usually for ease of maintenance, so technicians can get in and service the machine.

From RT, another hack attack:

Smartphone hack: Malware able to steal anything infects 500,000+ devices

Banks should look for new – secure – ways of exchanging information with their clients after the emergence of malicious software which allows criminals to steal passwords and text message security codes from people’s phones, security firm Group-IB warned.

More than 541,000 smartphones running on Android in Russia, Europe and the US are already infected with malware which grants the perpetrators full access to people’s mobile devices, a report by the Moscow-based company said.

The hostile program is distributed through “massive spam on the SMS-messages,” Nikita Kislitsin, head of botnet intelligence at Group-IB, told RT.

And another one from Wired threat level:

Hacker Redirects Traffic From 19 Internet Providers to Steal Bitcoins

Among all the scams and thievery in the bitcoin economy, one recent hack sets a new bar for brazenness: Stealing an entire chunk of raw internet traffic from more than a dozen internet service providers, then shaking it down for as many bitcoins as possible.

Researchers at Dell’s SecureWorks security division say they’ve uncovered a series of incidents in which a bitcoin thief redirected a portion of online traffic from no less than 19 Internet service providers, including data from the networks of Amazon and other hosting services like DigitalOcean and OVH, with the goal of stealing cryptocurrency from a group of bitcoin users. Though each redirection lasted just 30 second or so, the thief was able to perform the attack 22 times, each time hijacking and gaining control of the processing power of a group of bitcoin miners, the users who expend processing power to add new coins to the currency’s network.

The attacker specifically targeted a collection of bitcoin mining “pools”–bitcoin-producing cooperatives in which users contribute their computers’ processing power and are rewarded with a cut of the resulting cryptocurrency the pool produces.

From TheLocal.it, really?:

‘Jail pro-anorexia web writers’: Italian MPs

A group of Italian MPs has proposed jail terms and hefty fines for people encouraging eating disorders, an idea rejected as criminalizing mental illness by one organization.

The law put forward would make it a crime to “incite practicing a diet which causes anorexia and bulimia,” Tgcom24 reported.

The multiparty proposal has been put forward by MPs including Michela Marzano, from the ruling Democratic Party (PD), Forza Italia’s Mara Carfagna and Valentina Vezzali from Civic Choice (Scelta Civica).

From TheLocal.it again, isn’t this more worthy of their zeal?:

Italy’s journalists live in fear of mafia threat

Journalists in parts of Italy are being forced to live in fear due to an increase in mafia intimidation of the press, with one journalist in Calabria telling The Local that he was recently given state protection due to “very violent threats” from the mafia.

Journalists in Calabria, the stronghold of the ‘Ndrangheta mafia clan, are most at risk, with 89 out of the every 1,000 members registered with the Order of Journalists, receiving “verbal and physical threats”, according to a study by the research group, Istituto Demoskopika.

The next most under threat are journalists in Basilicata, Sicily, the home of the Camorra, and Campania.

The Independent answers that Cui Bono?:

Google removes links to notorious criminals’ Wikipedia pages

Some of Europe’s most notorious criminals are among those to have successfully sanitised their past, after Google agreed to remove links to content on Wikipedia, it has emerged.

New information released by the Wikimedia Foundation, the organisation behind Wikipedia, today reveals that Google has deleted 50 links to information on the website. It comes in the wake of a controversial European court ruling earlier this year granting people the right to be forgotten.

One of the latest beneficiaries of the ruling is Renato Vallanzasca, a former crime boss who has committed seven murders, three kidnappings and scores of armed robberies. A link to the gang he led in Italy, Banda della Comasina, has also been removed.

And the Telegraph trumpets support:

Information Commissioner defends ‘right to be forgotten’

  • The UK’s data protection watchdog insists that the EU’s Right to be Forgotten legislation is working

The UK’s data protection watchdog has defended the EU’s Right to be Forgotten legislation, claiming that the House of Lords’ criticism of the judgment as “unworkable” is misplaced.

Last month the House of Lords EU Committee published a report claiming that the EU’s Right to be Forgotten is “unworkable and wrong”, and that it is based on out-dated principles.

“We do not believe that individuals should have a right to have links to accurate and lawfully available information about them removed, simply because they do not like what is said,” it said.

After the jump, the latest form Asia, including a texting crackdown, spy busts, and the latest escalations — including some biggies — in the Game of Zones, plus a couple of headlines indicating the End is Nigh. . .

From China Daily, anonymity denied:

Real names now required for WeChat and other IMS

Users of instant messaging tools, including WeChat, must in future register with their real names and unlicensed public accounts are banned from publishing or forwarding political news, China’s top cyber watchdog ordered on Thursday.

The State Internet Information Office listed 10 regulations to tighten management of instant messaging in a bid to clean up the online environment and rein in rumormongers.

Only public accounts operated by news agencies and news websites, some non-journalism institutes with online news and information service licenses, can publish and forward political news. Other public accounts must not publish or forward political news without authorization.

Global Times covers a bust:

Student detained for selling intelligence info

A graduate student in Harbin, Northeast China’s Heilongjiang Province, was detained on Tuesday for collecting and selling intelligence information to foreigners.

The student, surnamed Chang, has reportedly made more than 200,000 yuan ($32,000) through trading more than 60 pieces of intelligence information with foreigners on over 50 occasions from October 2012 to this June, the Xinhua News Agency reported Wednesday.

The report said Chang, a graduate student in an aerospace related major at a university in Harbin, was first reached by “foreign personnel” through the contact information Chang left on a job-ad website. Chang was doing a part-time job to reduce financial burdens, Xinhua said.

From intelNews, taking a bite out of the Apple:

China stops using some Apple products, fearing US espionage

Authorities in China have removed Apple products from a government procurement list because of fears that they are susceptible to electronic espionage by the United States.

Citing “government officials familiar with the matter”, Bloomberg News said on Wednesday that 10 Apple products have been removed from the list, including the iPad and iPad Mini, as well as MacBook Air and MacBook Pro products —though interestingly the inventory of removed items does not include Apple smartphone products.

The surprise removal of Apple products from the list follows a report aired by Beijing’s state-owned China Central Television in July, which claimed that security weaknesses in Apple software could cause the theft of sensitive state secrets. Apple vigorously rejected the claims made in the television report.

Want China Times gets ready:

Assessing China’s airborne early warning and control systems

China has successfully developed it own airborne early warning and control (AEW&C) system, with the KJ-2000 and the KJ-200, reported overseas Chinese news outlet Duowei on Aug. 4.

After China’s initial attempts to develop its own system in the 1970s, the nation looked to Russia but the price was too high and the functionality fell short of China’s expectations. An attempt to import the Israeli A-501 in the mid-1990s was blocked by the US and eventually fell through. In 2002, China stopped importing Russian AEW&C systems and developed its own, the KJ-2000 and KJ-200 which served as the lead aircraft in the military parade of the 2009 National Day.

The KJ-2000, based on the Russian Ilyushin IL-76, is equipped with domestically designed radar and active electronically scanned array (AESA). Unlike the traditional rotating mechanical radars used by the US and Russia, AESA is immobile. It scans electronically through lifting and position gauging. The KJ-2000 is the first AWE&C system in the world to adopt AESA.

Want China Times again, with another arrow in the quiver:

3rd anti-satellite missile test launch in China: report

China’s successful anti-missile test launch on July 23 has been described as the nation’s third anti-satellite test by various defense experts and officials of the Pentagon according to Wendell Minnick in his article written for the Washington-based Defense News.

Once China is fully capable of operating its anti-satellite interceptor, Minnick said that the United States may no longer be able to protect its surveillance, navigation and communications satellites. China’s first two anti-satellite tests involving the SC-19 design, based on the DF-21 ballistic missile, took place in 2007 and 2010. However, only the first test was launched directly against a weather satellite. The other two tests were against ballistic missiles.

Minnick said China is trying to avoid creating a debris field that would endanger other nations’ space platforms operating at that level of orbit. This is the reason why it chose to shoot down ballistic missile instead of obsolete satellites. “This latest space interceptor test demonstrates a potential PLA aspiration to restrict freedom of space flight over China,” said Mark Stokes, a China missile specialist at the Project 2049 Institute.

From Global Times, Japan crosses the line:

Japanese military planes enter China’s ADIZ: spokesman

Several Japanese aircraft entered China’s Air Defense Identification Zone (ADIZ) over the East China Sea on Wednesday and carried out extensive reconnaissance, according to the Chinese Air Force.

Chinese planes conducted necessary tracking and monitoring of the foreign military planes, said Chinese Air Force spokesman Shen Jinke on Thursday.

The Japanese F-15 aircraft twice attempted to approach Chinese planes that were conducting a routine patrol in the ADIZ, and the Chinese planes took “reasonable, proper and restrained” measures to cope with the threat in the airspace, Shen said.

Jiji Press makes a adds to its own arsenal:

Japan to Build 2 Aegis Destroyers

Japan’s Defense Ministry plans to allocate money to build two Aegis destroyers with ballistic missile defense capabilities in its fiscal 2015 budget request, informed sources said Thursday.

The ministry plans to increase the number of Aegis destroyers from the current six to eight by the end of fiscal 2020.

Of the current six Aegis destroyers, the ministry also plans to refit two ships without missile defense systems, the sources said.

While the Japan Times extends an olive twig:

Kishida looking to hold talks with China, North Korea this weekend

Foreign Minister Fumio Kishida plans to hold informal talks with his Chinese and North Korean counterparts on the sidelines of a ministerial meeting of the ASEAN Regional Forum this weekend in Myanmar’s capital of Naypyitaw, government sources said.

It is not known whether Kishida will hold talks with South Korean Foreign Minister Yun Byung-se, though a trilateral meeting involving Kishida, Yun and U.S. Secretary of State John Kerry is likely to take place, with discussion of Pyongyang’s nuclear and missile programs top of the agenda.

Tokyo’s relations with Beijing and Seoul have soured in recent months amid ongoing territorial disputes as well as differing perceptions of Japan’s wartime history.

Want China Times makes a demand:

Beijing demands Manila protect rights of jailed fishermen

China on Wednesday demanded the Philippines guarantee the legitimate rights of 12 Chinese fishermen who were handed long prison terms for illegal fishing in the Philippines.

“Since they were caught in the Philippine waters in April last year, China has been urging the Philippine side to deal with the case in a just way according to law, and ensure their legitimate rights and a humanitarian treatment,” Foreign Ministry spokeswoman Hua Chunying said in a statement.

A court in Palawan province in the western Philippines on Tuesday convicted the 12 Chinese fishermen of illegal fishing and sentenced the boat captain to 12 years in prison and each crew member to six to 10 years. They were also fined US$100,000 each.

From Vanity Fair, a real class ap:

New App Aims to Help You Avoid “Sketchy” Areas

There’s a new app in town, and this one wants to help you avoid finding yourself in dangerous situations. Actually, the app wants to help you avoid areas that you or other smartphone users might think are “sketchy.”

SketchFactor is, according to Crain’s New York, “a Manhattan-based navigation app that crowdsources user experiences along with publicly available data to rate the relative ‘sketchiness’ of certain areas in major cities.” Allison McGuire, a co-founder who was born in Los Angeles and now lives in New York City’s West Village, told Crain’s that the app was originally born in Washington D.C., where she worked at an undisclosed non-profit.

And for our final item, via Mashable, proof that we’ve passed the point of no return:

A Fish Is Playing Pokemon on Twitch, and 20,000 People Are Watching

About these ads

One response to “InSecurityWatch: Bombers, hacks, spooks, zones

  1. Reblogged this on Citizens, not serfs and commented:
    Most interesting comment near end. Google sanitising the past of known criminals.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s