Monthly Archives: December 2014

In Syria ‘the revolution is now sleeping’

The New York Times reports: It was a victory that President Bashar al-Assad’s opponents had dreamed of: Insurgents seized a key army base in northern Syria after more than a year of trying. But the mood in this Turkish border town, flooded with Syrians who have fled both government bombings and extremist insurgents, was more bitter than celebratory.

The assault this month was led by the Nusra Front, Al Qaeda’s arm in Syria, which claimed the spoils. By contrast, many of the first Syrians to rise up against Mr. Assad in 2011 — civilian demonstrators and army defectors alike — followed the battle from the sidelines here, unable to enter Syria under threat of death from the extremists of Nusra and its rival group, the Islamic State.

As Syria’s war heads toward its fourth year, the complex battleground is increasingly divided between the government and the extremists, leaving many Syrians feeling that the revolution on which they gambled their lives and livelihoods has failed.

Different insurgent groups battle one another, even as they fight against Mr. Assad’s forces and his allies, foreign Shiite militias. A chaotic stalemate reigns in a war that has killed more than 200,000 people and wounded one million.

In northern and eastern Syria, where Mr. Assad’s opponents won early victories and once dreamed of building self-government, the nationalist rebel groups calling themselves the Free Syrian Army are forced to operate under the extremists’ umbrellas, to go underground or to flee, according to Syrian insurgents, activists and two top commanders of the American-financed F.S.A. groups. [Continue reading…]

Facebooktwittermail

Pope Francis ready to confront political challenge of tackling climate change

The Guardian reports: He has been called the “superman pope”, and it would be hard to deny that Pope Francis has had a good December. Cited by President Barack Obama as a key player in the thawing relations between the US and Cuba, the Argentinian pontiff followed that by lecturing his cardinals on the need to clean up Vatican politics. But can Francis achieve a feat that has so far eluded secular powers and inspire decisive action on climate change?

It looks as if he will give it a go. In 2015, the pope will issue a lengthy message on the subject to the world’s 1.2 billion Catholics, give an address to the UN general assembly and call a summit of the world’s main religions.

The reason for such frenetic activity, says Bishop Marcelo Sorondo, chancellor of the Vatican’s Pontifical Academy of Sciences, is the pope’s wish to directly influence next year’s crucial UN climate meeting in Paris, when countries will try to conclude 20 years of fraught negotiations with a universal commitment to reduce emissions.

“Our academics supported the pope’s initiative to influence next year’s crucial decisions,” Sorondo told Cafod, the Catholic development agency, at a meeting in London. “The idea is to convene a meeting with leaders of the main religions to make all people aware of the state of our climate and the tragedy of social exclusion.”

Following a visit in March to Tacloban, the Philippine city devastated in 2012 by typhoon Haiyan, the pope will publish a rare encyclical on climate change and human ecology. Urging all Catholics to take action on moral and scientific grounds, the document will be sent to the world’s 5,000 Catholic bishops and 400,000 priests, who will distribute it to parishioners.

According to Vatican insiders, Francis will meet other faith leaders and lobby politicians at the general assembly in New York in September, when countries will sign up to new anti-poverty and environmental goals.

In recent months, the pope has argued for a radical new financial and economic system to avoid human inequality and ecological devastation. In October he told a meeting of Latin American and Asian landless peasants and other social movements: “An economic system centred on the god of money needs to plunder nature to sustain the frenetic rhythm of consumption that is inherent to it.

“The system continues unchanged, since what dominates are the dynamics of an economy and a finance that are lacking in ethics. It is no longer man who commands, but money. Cash commands.

“The monopolising of lands, deforestation, the appropriation of water, inadequate agro-toxics are some of the evils that tear man from the land of his birth. Climate change, the loss of biodiversity and deforestation are already showing their devastating effects in the great cataclysms we witness,” he said. [Continue reading…]

Facebooktwittermail

ISIS is failing at being a state

The Washington Post reports: The Islamic State’s vaunted exercise in state-building appears to be crumbling as living conditions deteriorate across the territories under its control, exposing the shortcomings of a group that devotes most of its energies to fighting battles and enforcing strict rules.

Services are collapsing, prices are soaring, and medicines are scarce in towns and cities across the “caliphate” proclaimed in Iraq and Syria by the Islamic State, residents say, belying the group’s boasts that it is delivering a model form of governance for Muslims.

Slick Islamic State videos depicting functioning government offices and the distribution of aid do not match the reality of growing deprivation and disorganized, erratic leadership, the residents say. A trumpeted Islamic State currency has not materialized, nor have the passports the group promised. Schools barely function, doctors are few, and disease is on the rise.

In the Iraqi city of Mosul, the water has become undrinkable because supplies of chlorine have dried up, said a journalist living there, who spoke on the condition of anonymity to protect his safety. Hepatitis is spreading, and flour is becoming scarce, he said. “Life in the city is nearly dead, and it is as though we are living in a giant prison,” he said.

In the Syrian city of Raqqa, the group’s self-styled capital, water and electricity are available for no more than three or four hours a day, garbage piles up uncollected, and the city’s poor scavenge for scraps on streets crowded with sellers hawking anything they can find, residents say. [Continue reading…]

Facebooktwittermail

Hamas leader Mashaal endorses Turkish leaders in surprise speech

Hurriyet Daily News reports: Khaled Mashaal, the head of Hamas’ political bureau, has made a surprise appearance at an event of Turkey’s ruling party, endorsing the Turkish leaders and voicing his hope to “liberate Palestine and Jerusalem” together with them in the future.

“A strong Turkey means a strong Palestine … Inshallah, God is with us and with you on the road to victory,” Mashaal said in his address to the Justice and Development Party’s (AKP) annual congress in the Konya province on Dec. 27.

Turkish Prime Minister Ahmet Davutoğlu, whose hometown is Konya, personally presented Mashaal to the audience. “Konya, the city of heroes! You give birth to your leaders,” Mashaal said, congratulating the Turkish people “for having Davutoğlu and President Recep Tayyip Erdoğan.”

Mashaal’s brief speech was interrupted by slogans including “God is great” and “Down with Israel” several times by AKP supporters in the sports hall who waved Turkish and Palestinian flags. [Continue reading…]

Facebooktwittermail

Hamas said concerned by Egypt-Qatar thaw

The Times of Israel reports: Hamas fears its ties with Qatar will be hindered by the reported reconciliation efforts between Doha and Egypt, London-based Arab paper Rai al-Youm reported Saturday, according to Israel Radio.

According to the report, Hamas leader Khaled Mashaal, who has been hosted by Qatar since leaving war-torn Syria in 2012, has reached out to Qatari leaders to receive clarifications on the matter, and has been assured that the amended ties with Cairo would not affect Doha’s relations with Hamas. [Continue reading…]

Facebooktwittermail

Cyber bomb threats and the hacking of geopolitics

The Soufan Group IntelBrief: The capability of nations and advanced criminal groups to engage in sophisticated cyber espionage and theft is nothing new; and the capability of these actors to impact components of critical infrastructure is also nothing new (the 2012 Saudi Aramco attack comes to mind). What is new is their willingness to actually launch attacks not for intelligence or commercial gain but to impact corporate or geopolitical decisions. Whether it’s having its data stolen or even held hostage via malicious encryption, or having its operations and personnel threatened with physical violence and damage, corporations and governments will find the Age of the Cyber Bomb Threat to be as costly and frustrating as the age of counterterrorism and counter-violent extremism.

Much as in terrorism, cyber conflict runs the spectrum of ideology and motivation. And as with terrorism, cyber conflict’s impact goes far beyond the point of attack. The ubiquity of the Internet means that anyone and everyone is a potential target—which is the point of all forms of terrorism. On December 21, 2014, unidentified attackers (assumed, rightly or wrongly, to be associated with North Korea) hacked into the non-operational computer systems of a functioning nuclear power plant in South Korea. The operator of the plant, Korea Hydro and Nuclear Power (KHNP), stated that at no time were plant operations at risk since those are on a closed and independent system, but that sensitive personnel and plant design data were stolen. In what will become the standard modus operandi for cyber bomb threats, the attackers threatened to destroy the plant if it wasn’t shut down. The threat of additional cyber attacks will be paired with threats of physical attacks.

While North Korea could very well be behind the nuclear reactor hack as well as the Sony hack, so could a range of other actors, given that the malware tools are available online to anyone with sufficient expertise and knowledge of where to look. It is the lack of true certainty that makes cyber attacks so difficult to respond to with counter-attacks. IP addresses are misleading and the tools and the capabilities are widespread enough that “the usual suspects” are now too large to count. With the stakes so high and the public and private players so poorly accounted for, the risks of attacks once thought unlikely will increase with cascading repercussions. [Continue reading…]

Facebooktwittermail

South Korea says North may be behind nuclear plant cyber-attack; three workers later die in construction accident

Bloomberg reports: South Korea is investigating the possible involvement of North Korea in the recent hacking attack on its nuclear power network, Justice Minister Hwang Kyo Ahn said yesterday during a session of the National Assembly.

His remarks came after investigators said an IP address of a suspected hacker was traced to Shenyang city in China, a known location of North Korean computer experts, according to a report in the Chosun Ilbo newspaper today.

“We are investigating without ruling out the possibility that North Korea may be behind the attack,” Minister Ahn said.

The leaks of partial blueprints and operating manuals for South Korean reactors began last week on a blog and were later posted to a Twitter account under the profile “president of anti-nuclear reactor group.” The group also demanded Korea Hydro & Nuclear Power Co., the nation’s nuclear plant operator, halt three facilities by today. The latest postings on Twitter were on Dec. 23. [Continue reading…]

The Associated Press reports: Three South Korean workers died Friday after apparently inhaling toxic gas at a construction site for a nuclear plant being built by South Korea’s monopoly nuclear power company, which has come under recent threats by hackers, a company official said.

The accident at the construction site in the southeastern city of Ulsan came as the state-run Korea Hydro and Nuclear Power Co. was on high alert over a series of threats by hackers who claim they can disable the control systems of its plants. Choi Hee-ye, a company spokeswoman, said there was no reason to believe that Friday’s accident was linked to the cyberattack threats.

The victims were working at the construction site when they fell unconscious and were taken to a hospital, where they later died, Choi said. [Continue reading…]

Facebooktwittermail

Chinese viewers mostly give thumbs up for The Interview

The New York Times: Even before Americans began flocking to theaters on Christmas Eve to see “The Interview” — Sony Pictures’ comedy about a C.I.A. plot to kill the North Korean leader, Kim Jong-un — Chinese film fans by the thousands were downloading mostly pirated versions of the movie on domestic video-sharing websites. By midday on Friday, more than 300,000 people had seen the film and the reviews, by and large, were favorable.

“Perfect, the greatest film in history, all hail Sony,” read one online comment. Said another, “Their ability to amuse is out of this galaxy,” referring to the film’s stars, Seth Rogen and James Franco.

In one sign of the enthusiasm for the film, whose theatrical release was initially held up after a hacking attack on the studio, “The Interview” scored an 8.0 rating on the Chinese Internet movie database Douban, with more than 10,000 people posting reviews. In their comments, some people acknowledged having not seen the film, but wanted to show their support for what many approvingly described as an act of subversion against North Korea. [Continue reading…]

Facebooktwittermail

The Sony hack, fearless journalism and conflicts of interest

Given that The Intercept is a publication that trumpets its commitment to fearless journalism, you’d think they’d be all over the Sony hack story. National security threats, hacking, corporate power, cyberattacks — aren’t these more than enough ingredients for some hard-hitting investigative journalism?

Apparently not.

Instead we get Jana Winter (who before moving to The Intercept was a reporter at FoxNews.com for six years) recycling an old narrative about governmental negligence: “FBI warned Year Ago of impending Malware Attacks — But Didn’t Share Info with Sony.”

Nearly one year before Sony was hacked, the FBI warned that U.S. companies were facing potentially crippling data destruction malware attacks, and predicted that such a hack could cause irreparable harm to a firm’s reputation, or even spell the end of the company entirely. The FBI also detailed specific guidance for U.S. companies to follow to prepare and plan for such an attack.

But the FBI never sent Sony the report.

The Dec. 13, 2013 FBI Intelligence Assessment, “Potential Impacts of a Data-Destruction Malware Attack on a U.S. Critical Infrastructure Company’s Network,” warned that companies “must become prepared for the increasing possibility they could become victim to a data destruction cyber attack.”

How could Sony have been adequately prepared to meet this threat if the FBI had neglected to send them their report?!

Urrr… maybe Sony’s global chief information security officer Philip Reitinger knew something about the risks of a data destruction cyber attack. After all, directly before moving to Sony in 2011, Reitinger had been Deputy Under Secretary of the National Protection and Programs Directorate (NPPD) and Director of the National Cyber Security Center (NCSC) at the United States Department of Homeland Security. It seems likely that one way or another, Reitinger saw the FBI report.

Winter closes her “report” by quoting a source within the “information security industry” who said: “The question is, who dropped the ball?”

The Intercept in its headline and paragraph two doesn’t hesitate to answer that “question”: The FBI.

This is really a bizarrely irrelevant narrative to be spinning, given that there has already been so much reporting on Sony’s own negligence in handling cyber-security.

Winter makes the dubious assertion that in the eyes of the U.S. government, Sony is part of this nation’s “critical infrastructure” — the implication apparently being that the FBI is responsible for safeguarding the company’s cyber-security standards.

For The Intercept to want to portray the Sony story as a story about the failings of the U.S. government, is perhaps to be expected, given the ideological straightjacket inside which the publication remains trapped.

But maybe I’m just being cynical in thinking that there might be another explanation: that Glenn Greenwald hasn’t abandoned all hope Sony will produce his Snowden movie — even though a leaked November 14 email from Sony executive Doug Belgrad wrote that the Greenwald project “is unlikely to happen” — and so doesn’t want to embarrass his commercial partner.

Even if the Snowden movie has no bearing here, there is a deeper philosophical problem that the Sony hack story presents to The Intercept and everyone with a visceral fear of government.

American companies, fully aware of the government’s data collection capabilities want to see a more proactive partnership between the public and private sectors to improve information security and thwart cyberattacks. At the same time, libertarians and much of the public at large want to see these capabilities reined in, and businesses themselves don’t want to be burdened by overregulation.

Much as free-market economics promotes a myth of a self-balancing system that functions most efficiently by suffering the least governmental interference, the information economy sustains similar myths about its ability to self-organize.

But on the cyber frontier, threats from the likes of North Korea are probably smaller than those posed by agents whose identities remain forever concealed and whose motives may be as difficult to discern.

This year, hackers caused “massive damage” to a steel factory in Germany by gaining access to control systems that would have generally been expected to be physically separated from the internet, yet the emerging Internet of Things in which as many as 30 billion devices are expected to be connected by the end of the decade, suggests that physically destructive cyberattacks are destined to become much more commonplace.

The politics of information security right now favors an approach in which everyone is expected to maintain their own systems of fortification and yet the protection of collective interests may demand that we live in a world where there is much greater data transparency.

As things stand right now on the information highways, none of the vehicles are licensed, no one has insurance, most of the drivers are robots, and most of the robots are employed by crooks.

Facebooktwittermail

Was the FBI wrong on North Korea?

CBS News reports: Cybersecurity experts are questioning the FBI’s claim that North Korea is responsible for the hack that crippled Sony Pictures. Kurt Stammberger, a senior vice president with cybersecurity firm Norse, told CBS News his company has data that doubts some of the FBI’s findings.

While Norse is not involved in the Sony case, it has done its own investigation.

“We are very confident that this was not an attack master-minded by North Korea and that insiders were key to the implementation of one of the most devastating attacks in history,” said Stammberger.

He says Norse data is pointing towards a woman who calls herself “Lena” and claims to be connected with the so-called “Guardians of Peace” hacking group. Norse believes it’s identified this woman as someone who worked at Sony in Los Angeles for ten years until leaving the company this past May. [Continue reading…]

The New York Times adds: A number of private security researchers are increasingly voicing doubts that the hack of Sony’s computer systems was the work of North Korea.

President Obama and the F.B.I. last week accused North Korea of targeting Sony and pledged a “proportional response” just hours before North Korea’s Internet went dark without explanation. But security researchers remain skeptical, with some even likening the government’s claims to those of the Bush administration in the build-up to the Iraq war.

Fueling their suspicions is the fact that the government based its findings, in large part, on evidence that it will not release, citing the “need to protect sensitive sources and methods.” The government has never publicly acknowledged doing so, but the National Security Agency has begun a major effort to penetrate North Korean computer networks.

Because attributing the source of a cyberattack is so difficult, the government has been reluctant to do so except in the rarest of circumstances. So the decision to have President Obama charge that North Korea was behind the Sony hack suggested there is some form of classified evidence that is more conclusive than the indicators that the F.B.I. made public on Friday. “It’s not a move we made lightly,” one senior administration official said after Mr. Obama spoke.

Still, security researchers say they need more proof. “Essentially, we are being left in a position where we are expected to just take agency promises at face value,” Marc Rogers, a security researcher at CloudFlare, the mobile security company, wrote in a post Wednesday. “In the current climate, that is a big ask.”

Mr. Rogers, who doubles as the director of security operations for DefCon, an annual hacker convention, and others like Bruce Schneier, a prominent cryptographer and blogger, have been mining the meager evidence that has been publicly circulated, and argue that it is hardly conclusive. [Continue reading…]

Facebooktwittermail

No, North Korea didn’t hack Sony

Marc Rogers writes: All the evidence leads me to believe that the great Sony Pictures hack of 2014 is far more likely to be the work of one disgruntled employee facing a pink slip.

I may be biased, but, as the director of security operations for DEF CON, the world’s largest hacker conference, and the principal security researcher for the world’s leading mobile security company, Cloudflare, I think I am worth hearing out.

The FBI was very clear in its press release about who it believed was responsible for the attack: “The FBI now has enough information to conclude that the North Korean government is responsible for these actions,” they said in their December 19 statement, before adding, “the need to protect sensitive sources and methods precludes us from sharing all of this information”.

With that disclaimer in mind, let’s look at the evidence that the FBI are able to tell us about. [Continue reading…]

Facebooktwittermail

U.S. puts new focus on fortifying cyber defenses

The Wall Street Journal reports: The Obama administration is increasingly concerned about a wave of digital extortion copycats in the aftermath of the cyberattack on Sony Pictures Entertainment, as the government and companies try to navigate unfamiliar territory to fortify defenses against further breaches.

About 300 theaters on Thursday screened the movie that apparently triggered the hacking attack, a comedy about the assassination of North Korean leader Kim Jong Un, after Sony reversed its initial decision to acquiesce to hacker demands that the film be shelved.

Still, the threat to Sony — allegedly by North Korea—marked “a real crossing of a threshold” in cybersecurity, given its unusually destructive and coercive nature, said Michael Daniel, the cybersecurity coordinator for the White House National Security Council.

“It really is a new thing we’re seeing here in the United States,” Mr. Daniel said. “You could see more of this kind of activity as countries like North Korea and other malicious actors see it in their interest to try and use that cyber tool.” [Continue reading…]

Countries like North Korea is arguably a category of one. “Other malicious actors” is the group to be more concerned about — a category in which governments may still be in the minority. It’s a group that includes disgruntled employees, hackers, hactivists, criminal organizations, and corporate competitors.

Facebooktwittermail

In photos: 48 hours under siege by ISIS militants in Kobane

Vice News: On December 19, VICE News entered the besieged Syrian Kurdish city of Kobane with the help of smugglers and the Syrian Kurdish militia, known as the People’s Protection Units (YPG). The city was preparing to enter its 100th day of fighting a fierce siege by the Islamic State (IS). Fighters with IS had been pushed back by a combination of US airstrikes and heavy artillery from a small contingency of Iraqi Kurdish Peshmerga fighters. Surrounded by IS on three sides, and a Turkish military hostile to Kurdish forces on the fourth, Kobane has become a symbol of resistance for those fighting IS. YPG fighters now estimate they control approximately 75 percent of the city, and US military sources say over 1,000 IS militants have been killed. [Continue reading…]

Facebooktwittermail

Court releases schoolboy arrested for ‘insulting’ Erdogan

AFP reports: A Turkish court on Friday freed a 16-year-old high school pupil arrested for “insulting” President Recep Tayyip Erdogan, amid accusations his detention was the latest sign of a lurch to authoritarianism under the strongman leader.

The boy, Mehmet Emin Altunses, was released following a complaint by his lawyer, but he still faces trial in the future, the official Anatolia news agency reported.

Altunses was met by his parents as he left the main courthouse building in the city and immediately fell into the arms of his mother, Turkish television pictures showed.

But the teen defiantly declared his political activism would continue, saying he was not a terrorist but a “soldier” of modern Turkey’s secular founder Mustafa Kemal Ataturk.

“There is no question of taking a step back from our path, we will continue along this road,” he said.

Altunses had delivered a speech on Wednesday in the central Turkish city of Konya, a bastion of the ruling Islamic-rooted Justice and Development Party (AKP), where he accused Erdogan and the ruling party of corruption. [Continue reading…]

Facebooktwittermail

Tunisia is still a ray of hope for the Middle East

Berny Sèbe writes: Let’s face it: once a term laden with hope for the Middle East, the idea of an “Arab Spring” has become merely depressing.

Assorted humanitarian disasters have followed in its wake – think of the unspeakable violence by the so-called Islamic State, or the disintegration of Libya’s social and political fabric. In Egypt, the die-hard habit of letting the army choose the country’s rulers has returned. Elsewhere, as in Bahrain, revolts nipped in the bud – or repressed with the help of muscular police forces – have been silenced for good.

And yet, the cradle of the Arab Spring is once again leading the way. With the peaceful election of Beji Caid Essebsi, Tunisia, the first Arab country where popular protests proved to be enough to get rid of an autocrat, has just shown the world that an orderly management of a revolution was always an option on the table.

In four short years, Tunisia has gone through the entire cycle of ousting an apparently lifelong president, electing a constituent assembly, producing a new constitution, and organising a round of fully democratic legislative and presidential elections.

It has successfully navigated the murky waters of post-revolutionary instability, when the future of a country becomes so open that the temptation to use political violence can be much stronger than the discipline needed to bow to the verdict of ballot boxes. [Continue reading…]

Facebooktwittermail

Saudi women drivers to be tried in terrorism court

BBC News reports: Two Saudi women who were detained for defying a ban on female drivers are to be tried in a terrorism court, activists say.

Loujain al-Hathloul, 25, and Maysa al-Amoudi, 33, have been in detention for nearly a month.

The women’s cases had reportedly been transferred over comments they had made on social media – rather than for their driving, according to activists.

Saudi Arabia is the world’s only country to forbid women from driving. [Continue reading…]

Facebooktwittermail