The United States last week charged two Russian intelligence agents and two criminal hackers with masterminding the 2014 theft of 500 million Yahoo accounts in a move that marks the first time that the US government has criminally charged Russian spies with cyber offenses.
The 47-count Justice Department indictments on Wednesday 15 March included charges of conspiracy, computer fraud and abuse, economic espionage, theft of trade secrets, wire fraud, access device fraud and aggravated identify theft. The charges also paint a picture of the Russian security services as working hand-in-hand with cyber criminals, who helped spies further their intelligence goals in exchange for using the same exploits to make money. Speaking at a press conference to announce the charges, Acting Assistant Attorney General Mary McCord disclosed that the criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBIs point of contact in Moscow on cyber crime matters, is beyond the pale. Russias Federal Security Service (FSB) is the successor to the KGB. McCord further disclosed that the hacking campaign was awarded by the FSB in order to collect intelligence but that the two hackers used the collected information as an opportunity to line their pockets.
The indictment named the FSB officers involved as Dmitry Dokuchaev and his superior, Igor Sushchin, both of whom are in Russia. According to Russian news agency Interfax, Dokuchaev was arrested for treason in December. According to the Justice Department, the alleged criminals involved in the scheme include Alexsey Belan, who is amongst the FBIs most-wanted cyber criminals and was arrested in Europe in June 2013 however he escaped to Russia before he could be extradited to the US. Karim Baratov, who was born in Kazakhstan but also has Canadian citizenship, was also named in the indictment. The Justice Department disclosed that Baratov was arrested in Canada on 14 March. Officials in Toronto have confirmed the arrest. The US does not have an extradition treat with Russia, with McCord stating that she was hopeful that Russian authorities would cooperate in bringing criminals to justice. The US often charges cyber criminals with the intent of deterring future state-sponsored activity.
The charges announced last week are not related to the hacking of Democratic Party emails during the 2016 US presidential election. US intelligence agencies have stated that they were carried out by Russian spy services, including the FSB, in order to help the campaign of Republican candidate Donald Trump.
Yahoo disclosed when it announced the then-unprecedented breach last September, that it believed that the attack was state-sponsored. On Wednesday, the company stated that the indictment unequivocally shows that to be the case.
According to the indictment, in the 2014 breach, at least thirty million of the Yahoo accounts were the most seriously affected, with Belan being able to burrow deep into their accounts and taking user contact lists that were later used for a financially motivated spam campaign. The indictment went on to say that Belan also stole financial information, such as credit card numbers and gift cards. Yahoo had previously stated that about 32 million accounts had fallen victim to the deeper attack, which it said leveraged forged browser cookies to access accounts without the need for a password. According to Wednesdays indictment, FSB officers Sushchin and Dokuchaev also directed Baratov to use the information gained in the Yahoo breach to hack specific targets who possessed email accounts with other service providers, including Google. The incitement charged that when Baratov was successful, Dokuchaev would reward him with a bounty.
In December 2016, Yahoo announced another breach that occurred in 2013 and which affected 1 billion accounts. At the time, Special Agent Jack Bennett of the FBIs San Francisco Division disclosed that the 2013 breach is unrelated and that an investigation of that incident is ongoing. The hacks forced Yahoo to accept a discount of US $350 million in what had been a US $4.83 billion deal to sell its main assets of Verizon Communications Inc.
The charges come amidst a number of controversies relating to alleged Kremlin-backed hacking of the 2016 US presidential election and the possible links between Russian figures and associates of US President Donald Trump, as well as uncertainty about whether President Trump is willing to respond forcefully to aggression from Moscow in cyberspace and elsewhere.
Canadian Prime Minister Justin Trudeau is opting a low-key approach to dealing with United States President Donald Trump – seeking to avoid clashes while indirectly signalling the two leaders’ difference to a domestic audience.
Insiders have acknowledged that the cautious strategy could anger progressives whose support helped bring Mr Trudeau to power in 2015, however they say that for now, he has no choice but to maintain a low key approach, as Canada sends 75 percent of its exports to the US and could suffer if it were to be targeted by Trump’s administration.
While Mr Trudeau maintained a close friendship with former President Barack Obama, Canadian prime ministers have not always had close ties with US presidents. Insiders however have noted that few in Ottawa have experienced anything like Mr Trump. While Canada regards the US as its closest ally, Mr Trudeau has yet to visit Washington to meet with Mr Trump. According to people familiar with the matter, a visit tentatively scheduled at the beginning of this month was cancelled after a shooter killed six Muslims in a Quebec mosque. No new date has been set.
According to Michael Kergin, a former Canadian ambassador to Washington, Mr Trudeau’s caution has been wise, stating “he’s been playing it pretty well by restraining the temptation to be publicly critical of the president.” Kergin went on to say that Mr Trudeau was also right not to follow British Prime Minister Theresa May in rushing to Washington to push for closer ties only to watch President Trump make an unpopular move on immigration after she left.
Mr Trudeau however has taken indirect shots – when Mr Trump signed orders banning people from seven Muslim-majority countries, Mr Trudeau tweeted that Canada was open to those fleeing war. Furthermore, while his chief spokeswoman blasted US network Fox News late last month for a tweet falsely claiming that the Quebec gunman was of Moroccan origin, she said nothing publicly when Trump’s spokesman said that the attack on Muslims showed why it was important to suspend immigration from Muslim nations. This approach however has angered many in Canada, including the opposition New Democrats, who have called on the Prime Minister to denounce Mr Trump’s “racist” immigration policy. In turn, members of Mr Trudeau’s team have acknowledged that over time, the Liberals could lose support before a 2019 election if the prime minister is deemed not tot be standing up for Canadian values, such as inclusiveness.
On 14 May, regional and western powers gathered in Nigeria to attend talks on quelling the threat from Boko Haram.
Speaking to reporters shortly after meeting with Nigerian President Muhammadu Buhari in Abuja, French President Francois Hollande stated that “impressive” gains has been made against the Islamists by greater cooperation, warning however that “this terrorist group nevertheless remains a threat.” The Nigerian leader has invited leaders from Benin, Cameroon, Chad and Niger, whose troops will make up a new regional force against Boko Haram, which has been pushed to northeastern Nigeria’s borders around Lake Chad. The 8,500-member force, which has African Union (AU) backing and which is based in Chad’s capital, N’Djamena under a Nigerian general, was supposed to have deployed July 2015. Plugging gaps and improving coordination between the armies that are currently operating largely independently is seen as vital in the remote region where borders are known to be porous. Saturday’s summit, which comes two years after a first such high-level gathering in Paris, also comes as Nigeria’s military pushes deep into Boko Haram’s Sambisa Forest stronghold after recapturing swathes of territory. While President Buhari has vowed to defeat Boko Haram before the end of his first year in office later this month, and the army portraying the Islamists as being in disarray, there have been warnings against any premature declaration of victory. Deputy US Secretary of State Anthony Blinking disclosed in Washington, which is flying surveillance drones over northeastern Nigeria from a base in northern Cameroon, that he did not see Boko Haram as defeated. However he conceded that “they have been degraded,” adding that the US was “extremely vigilant” about the connections, amidst reports of Boko Haram rebels fighting in lawless Libya and the group’s ties to al-Qaeda affiliates in the wider Sahel region. Speaking to reporters on Friday, he disclosed that “this is against something we are looking at very, very carefully because we want to cut it off.” British Foreign Secretary Philip Hammond has also warned about Boko Haram’s ties to the so-called Islamic State (IS) group, stating that progress was being made against the group with help from London, Paris and Washington. He added in his statement that “…we must maintain the momentum to win the war, and build the right conditions for post-conflict stability in the region.” With Boko Haram now on the back foot, attention has increasingly started to turn towards the plight of those that have been displaced by the ongoing insurgency. Two million Nigerians have been internally displaced and are now living in host communities or camps. The government of Borno State, which has been the worst-hit by the violence, has stated that the displaced face a “food crisis” and US $5.9 billion was needed to rebuild shattered infrastructure. United States Ambassador to the United Nations Samantha Power, who visited northeastern Nigeria and northern Cameroon last month, has indicated that 9.2 million people in the wider region were affected by the conflict.
The final communiqué disclosed that a “global approach” was required, comprising of hard and soft power in order to end the threat. Britain’s Foreign Secretary Philip Hammond characterized the fight against extremist ideology as “a generational struggle against an evil that will destroy us if we do not destroy it.” He further told the gathering that “we must sustain this fight until evil is defeated and good prevails,” and called for countries affected to win the “hears and minds of those terrorized by Boko Haram.” US Deputy Secretary of State Anthony Blinken also disclosed that respect for human rights was essential, after repeated accusations of military abuses against civilians and Bok Haram suspects. He further warned that not addressing the drivers of extremism – poverty, deprivation, lack of opportunity and education, would create “Bok Haram 2.0” even if the group were defeated militarily.
In light of last year’s Snowden intelligence leaks, United States President Barack Obama is expected to order the National Security Agency (NSA) to stop storing data from Americans’ phones. After initially defending the US surveillance programme, in August, the president announced that the US “can and must be more transparent” about its intelligence gathering.
Reports in Washington have indicated that during a speech set for Friday, which is scheduled to take place at the Department of Justice at 11:00 (1600 GMT), President Obama will request Congress to arrange how data is stored and how the US Intelligence Community (IC) will have access to it. The storing of phone data is just the first in a number of planned changes to the intelligence system that the president is due to announce. The proposed changes within the IC and how the community gathers its intelligence stem from former intelligence worker Edward Snowden’s continued leaks of information pertaining to the NSA’s spying programme. The latest revelations made by Mr Snowden, who is wanted for espionage in the US and now lives in exile in Russia, claim that US intelligence agencies have collected and stored 200 million text messages every day across the globe. According to Mr Snowden, an NSA programme, known as Dishfire, was responsible for extracting and storing data from SMS messages in order to gather location information, contacts and financial data. The information was later shared with the United Kingdom’s spy agency GCHQ. While both agencies have defended their activities, stating that they operate within the constraints of the law, many advocates and civil rights groups have called on greater transparency.
President Obama is expected to approve a number of recommendations put forth by a panel that the White House commissioned last year. If approved, the centrepiece of reforms will be an order to stop the NSA from storing Americans’ phone records. Storage of such data will instead fall to firms or another third party where it can be queried, however under limited conditions. In terms of how this will be implemented, the president is expected to leave this decision to Congress and the IC.
Amongst the other proposals that are likely to be approved is the creation of a public advocate position at the Foreign Intelligence Surveillance Court (FISC), where government agencies request permission for mass spying programmes. Currently, only the US government is represented in front of FISC judges. In turn, Mr Obama is also expected to extend some privacy protections for foreigners, increase oversight of how the US monitors foreign leaders and limit how long some data can be stored.
According to White House spokesman Jay Carney, the aim of these proposals and changes is to make intelligence activities “more transparent,” adding that this would “give the public more confidence about the problems and the oversight of the programmes.” However while in the wake of the Snowden leaks, civil rights groups have been requesting significant reductions to powers that government agencies have with respect to the collection of data, many believe that these latest proposals appear to be structured in a manner of broad rules, effectively meaning that they will do little to limit the intelligence-gathering activities of the US IC.
Edward Snowden and the Leaks that Exposed US Intelligence Programme
In May 2013, Edward Snowden, a former contractor of the Central Intelligence Agency (CIA) left the US shortly after leaking to the media details of extensive internet and phone surveillance carried out by the US IC. Mr Snowden, who has been granted temporary asylum in Russia, faces espionage charges in the US over his action.
By early June, the scandal of the US spy programme broke when the UK Guardian newspaper reported that the NSA was collecting telephone records of tens of millions of Americans. At the time, the newspaper published the secret court order, which directed telecommunications company Verizon to hand over all its telephone data to the NSA on an “on going daily basis.” The newspaper report was later followed by revelations in both the Guardian and Washington Post that the NSA had tapped directly into the servers of nine Internet firms, including Google, Yahoo, Facebook and Microsoft. This was done in order to track online communication through a surveillance programme known as Prism. At the time, Britain’s GCHQ was also accused of having gathered information on Internet companies through Prism.
Several days later, it was revealed that Mr Snowden, a former CIA systems analyst, was behind the leaks pertaining to the US and UK surveillance programmes. He was later charged by US authorities with theft of government property, unauthorized communication of national defence information and wilful communication of classified communications intelligence.
The spy scandal continued to develop when on 21 June, the Guardian reported that officials at GCHQ were taping fibre-optic cables, responsible for carrying global communications, and sharing vast amounts of data with the NSA. At the time, the paper also revealed that it had obtained documents from Mr Snowden, which indicated that the GCHQ operation, codenamed Tempora, had already been running for eighteen months. According to reports, GCHQ was able to monitor up to 600 million communications every day throughout that period, with information gathered from the Internet and phone use allegedly being stored for a period of thirty days where it would be sifted and analysed.
A week later, on 29 June, claims by Germany’s Der Spiegel magazine emerged that the NSA has also spied on European Union (EU) officials in the US and in Europe. At the time, the magazine reported that it had seen leaked NSA documents confirming that the US had spied on EU internal computer networks in Washington and at the 27-member bloc’s UN office in New York. The files, all provided by Mr Snowden, also allegedly suggested that the NSA had conducted an electronic eavesdropping operation in a building in Brussels, where the EU Council of Ministers and the European Council were located. While it remains unknown as to what information the US IC may have obtained in the operation, reports have suggested that details pertaining to European positions on trade and military matters may have been obtained.
On 24 October, Italian weekly L’Espresso reported that the NSA and GCHQ had been eavesdropping on Italian phone calls and Internet traffic. The revelations were later sourced to Mr Snowden. It is alleged that three undersea cables with terminals in Italy were targeted in the operation. That same day, the German government summoned the US ambassador after German media reported that the NSA had eavesdropped on Chancellor Angela Merkel’s mobile phone.
French President Francois Hollande also expressed alarm at reports that millions of French calls had been monitored by the US. In all, the Guardian later reported that the NSA had monitored the phone calls of thirty-five world leaders. In turn, according to a secret file leaked to the Guardian, a total of thirty-eight embassies and missions had been the “targets” of US spying operations. On 1 July, it was reported that amongst those countries targeted by the operations were France, Italy, Greece, Japan, South Korea and India. EU embassies and missions both in Washington and New York were also reported to be under surveillance.
On 10 July, it was revealed by Brazil’s O Globo newspaper that the NSA had ran a continent-wide surveillance programme. At the time, the newspaper had cited leaked documents which indicated that at least until 2002, the NSA had ran the operation from a base in Brasilia, seizing web traffic and details of phone calls from around the region. The newspaper further indicated that US agents worked with Brazilian telecoms firms in order to eavesdrop on oil and energy firms, foreign visitors to Brazil and major players in Mexico’s drug wars. By September, specific claims that the emails and phone calls of the presidents of Brazil and Mexico had been intercepted were revealed. This prompted Brazilian President Dilma Rousseff to cancel a state visit to the US, the first high-profile diplomatic move since the scandal unfolded.
By mid-August, documents leaked to the Washington Post revealed that the NSA broke US privacy laws hundreds of times every year. Later that month, the Washington Post reported that the US IC had a “black budget” for secret operations, which in 2013 had amounted to US $53 billion.
After fleeing to Hong Kong, Edward Snowden confirmed to the South China Morning Post that the NSA had led more than 61,000 hacking operations worldwide, which included many operations in Hong Kong and mainland China. He indicated that targets in Hong Kong had included the Chinese University along with public officials and businesses.
Beginning yesterday, the Loya Jirga, a council of Afghan tribal elders and other influential individuals, is currently considering the proposed pact between the United States and Hamid Karzai’s government regarding the future of foreign troops in Afghanistan. While the Loya Jirga is widely expected to approve the pact, negotiations over the security arrangement have exposed the serious divides and tensions between the US and the Afghan government. Similar issues torpedoed the proposed pact between the US and Iraq, leading to the eventual withdrawal of all foreign combat troops in 2012.
The Loya Jirga consists of 2500 senior Afghan figures, including tribal elders, politicians, civil servants and NGO representatives. While its decision is not normally binding, President Karzai has announced that the security pact will only be signed if ratified by both the Loya Jirga and the Afghan parliament. The meeting will continue for four days, after which the delegates will vote. Currently, the delegates have split into many smaller sections to discuss and debate the pact. Reports from the scene suggest that while some of these debates are peaceful, others are extremely heated, and a small number of delegates have left the Loya Jirga in protest already. Nevertheless, the Loya Jirga is still expected to approve the decision, and subsequently the Afghan parliament will likely rubber stamp the pact. A rejection of the pact would likely see the complete withdrawal of ISAF forces at the end of 2014.
President Karzai appears have called the Loya Jirga in an effort to shift responsibility for the decision away from himself – the continuing presence of foreign troops in Afghanistan is extremely unpopular with significant sections of the Afghan populace. Another recent move by Karzai would have the pact signed by his Presidential successor following elections next year, something else that would likely protect his own position and has strained relationships with Washington.
The whole process of negotiating and signing the pact has in fact exposed the divides between the United States and Karzai’s government. The US wanted the pact signed by the end of last month, and continues to maintain that it’s timetable requires an agreement by the end of 2013. Particularly problematic areas have included criminal jurisdiction over American troops, and the ability of ISAF forces to enter Afghan homes without consulting Afghan authorities. Karzai’s relationship with Washington overall has been extremely problematic – the President’s frequent criticism of ISAF forces and about-turns on policy have created problems, while Karzai himself has often been placed in awkward situations domestically caused by the actions of US forces, such as in causing the deaths of civilians. The President recently announced that there was “no trust” between Washington and himself.
While the Taliban has rejected the Loya Jirga, and attacked a previous one in 2011, no attacks directed against the meeting have occurred amidst extremely high security in Kabul. However, last week, a bombing directed at the compound prior to the delegate’s arrival killed ten. The security implications of the Loya Jirga are more long term – the government of Afghanistan remains reliant on foreign aid, and would find it extremely difficult to support its security apparatus if relations with Washington disintegrated. The successful signing of the security pact is a key part of preserving this relationship for the next decade.