US Charges Russian Spies, Hackers in Yahoo Hack
March 21, 2017 in UncategorizedThe United States last week charged two Russian intelligence agents and two criminal hackers with masterminding the 2014 theft of 500 million Yahoo accounts in a move that marks the first time that the US government has criminally charged Russian spies with cyber offenses.
The 47-count Justice Department indictments on Wednesday 15 March included charges of conspiracy, computer fraud and abuse, economic espionage, theft of trade secrets, wire fraud, access device fraud and aggravated identify theft. The charges also paint a picture of the Russian security services as working hand-in-hand with cyber criminals, who helped spies further their intelligence goals in exchange for using the same exploits to make money. Speaking at a press conference to announce the charges, Acting Assistant Attorney General Mary McCord disclosed that the criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBIs point of contact in Moscow on cyber crime matters, is beyond the pale. Russias Federal Security Service (FSB) is the successor to the KGB. McCord further disclosed that the hacking campaign was awarded by the FSB in order to collect intelligence but that the two hackers used the collected information as an opportunity to line their pockets.
The indictment named the FSB officers involved as Dmitry Dokuchaev and his superior, Igor Sushchin, both of whom are in Russia. According to Russian news agency Interfax, Dokuchaev was arrested for treason in December. According to the Justice Department, the alleged criminals involved in the scheme include Alexsey Belan, who is amongst the FBIs most-wanted cyber criminals and was arrested in Europe in June 2013 however he escaped to Russia before he could be extradited to the US. Karim Baratov, who was born in Kazakhstan but also has Canadian citizenship, was also named in the indictment. The Justice Department disclosed that Baratov was arrested in Canada on 14 March. Officials in Toronto have confirmed the arrest. The US does not have an extradition treat with Russia, with McCord stating that she was hopeful that Russian authorities would cooperate in bringing criminals to justice. The US often charges cyber criminals with the intent of deterring future state-sponsored activity.
The charges announced last week are not related to the hacking of Democratic Party emails during the 2016 US presidential election. US intelligence agencies have stated that they were carried out by Russian spy services, including the FSB, in order to help the campaign of Republican candidate Donald Trump.
Yahoo disclosed when it announced the then-unprecedented breach last September, that it believed that the attack was state-sponsored. On Wednesday, the company stated that the indictment unequivocally shows that to be the case.
According to the indictment, in the 2014 breach, at least thirty million of the Yahoo accounts were the most seriously affected, with Belan being able to burrow deep into their accounts and taking user contact lists that were later used for a financially motivated spam campaign. The indictment went on to say that Belan also stole financial information, such as credit card numbers and gift cards. Yahoo had previously stated that about 32 million accounts had fallen victim to the deeper attack, which it said leveraged forged browser cookies to access accounts without the need for a password. According to Wednesdays indictment, FSB officers Sushchin and Dokuchaev also directed Baratov to use the information gained in the Yahoo breach to hack specific targets who possessed email accounts with other service providers, including Google. The incitement charged that when Baratov was successful, Dokuchaev would reward him with a bounty.
In December 2016, Yahoo announced another breach that occurred in 2013 and which affected 1 billion accounts. At the time, Special Agent Jack Bennett of the FBIs San Francisco Division disclosed that the 2013 breach is unrelated and that an investigation of that incident is ongoing. The hacks forced Yahoo to accept a discount of US $350 million in what had been a US $4.83 billion deal to sell its main assets of Verizon Communications Inc.
The charges come amidst a number of controversies relating to alleged Kremlin-backed hacking of the 2016 US presidential election and the possible links between Russian figures and associates of US President Donald Trump, as well as uncertainty about whether President Trump is willing to respond forcefully to aggression from Moscow in cyberspace and elsewhere.
US Deploys Troops to Cameroon
November 15, 2015 in CameroonUnited States President Barack Obama informed Congress on Wednesday that he will deploy up to 300 personnel to Cameroon for intelligence, surveillance and reconnaissance operations against Boko Haram insurgents.
In a letter that was released by the White House, President Obama disclosed that ninety personnel have already been deployed, which marks a modest but significant escalation of US involvement in the fight against the terrorist group, which earlier this year aligned itself with the Islamic State (IS) group. In making Wednesday’s announcement, the White House stressed that personnel will not take part in combat operations and would be armed only for self-defense. According to White House press secretary Josh Earnest, they are being sent under an arrangement with the Cameroonian government to conduct airborne intelligence, surveillance and reconnaissance operations in the region. US officials have disclosed that the focus will still be on a regional coalition that has tried to keep a once regional Muslim anti-colonial movement from metastasizing into a regional jihadist threat. In the statement, the president indicated that the mission will last “until their support is no longer needed.”
While Washington has largely shied away from engaging its vast military assets to combat Boko Haram, the White House decision comes as Boko Haram steadily expands operations beyond its traditional base in northern Nigeria, crossing into neighboring Cameroon and Niger.
Second in Command IS Jihadist Killed in US Airstrike in Iraq
August 24, 2015 in IraqThe White House on Saturday reported that the second-in-command of the Islamic State jihadist group has been killed in a US airstrike in northern Iraq.
The National Security Council has identified the slain militant as Fadhil Ahmad al-Hayali, also known as Haji Mutaz, adding that he was IS leader Abu Bakr al-Baghdadi’s senior deputy. According to US forces, Hayali was killed, along with an IS “media operative” known as Abu Abdullah, on 18 August in a strict that targeted a vehicle near the city of Mosul. The White House has described Hayali as a member of IS’ ruling council, adding that he was “a primary coordinator for moving large amounts of weapons, explosives, vehicles and people between Iraq and Syria.” The White House further disclosed that Hayali “…supported ISIL operations in both countries and was in charge of ISIL operations in Iraq, where he was instrumental in planning operations over the past two years, including the ISIL offensive in Mosul in June 2014.” Like many senior Iraqi jihadists, prior to joining IS, Hayali had been a member of al-Qaeda’s Iraqi faction, with sources indicated that he was reportedly a former Iraqi officer from the era of Saddam Hussein.
This however is not the first time that US officials have announced Hayali’s death. In December, while speaking to reporters, US defense officials disclosed that Hayali was one of several senior figures who was killed in coalition strikes. At the time, officials provided another of his pseudonyms, Abu Muslim al-Turkmani.
CIA Ends Vaccine Programme
May 21, 2014 in PakistanOn Tuesday, the White House confirmed that the Central Intelligence Agency (CIA) has ended the use of vaccine programmes in its spying operations amidst concerns for the safety of health workers. In a letter to US public health schools, a White House aide indicated that the CIA had stopped such practices in August 2013.
In a letter dated 16 May, the White House assistant to the president for homeland security and counter-terrorism, Lisa Monaco, wrote that CIA director John Brennan had directed the agency to cease “operational use of vaccine programmes.” The letter further indicated, “similarly, the agency will not seek to obtain or exploit DNA or other genetic material acquired through such programmes,” adding that the policy applied worldwide to US and non-US persons alike.
The CIA had used a fake vaccine programme in a bid to locate Osama Bin Laden before US Special Forces killed in May 2011. Genetic material obtained through a fake door-to-door hepatitis B vaccination programme reportedly helped the CIA confirm Bin Laden’s whereabouts in the Pakistani city of Abbottabad. The Pakistani doctor accused of running the vaccination campaign remains in jail. Dr Shakil Afridi was convicted of having ties to militant groups, which he has denied. He was imprisoned in 2012 in a move that is widely seen as punishment for his helping the CIA, with sources indicating that he is regarded as a traitor by Pakistan’s security agencies.
The CIA’s decision to end the use of vaccine programmes in its spying operations comes after a wave of deadly attacks by militants on polio vaccination workers in Pakistan. According to CIA spokesman Dean Boyd, “by publicizing this policy, our objective is to dispel one canard that militant groups have used as justification for cowardly attacks against vaccination providers.”
However despite the CIA ending the programme in August, a number of health workers have been targeted, kidnapped or killed as militants suspected that they were either CIA agents or had links to it. Since January, sixty-six cases of polio have been declared in Pakistan, compared with only eight during the same period last year. The geographical spread of the cases suggests that they are mostly sourced to the north-western Wairistan tribal region. Militants who control this region have banned vaccinations, citing that health workers may include American spies. In turn, more than sixty polio workers and security personnel were killed in the country between December 2012 and April 2014. According to Pakistani officials and humanitarian workers, most of them were killed in the Khyber Pakhtunkhwa province.
While the CIA’s announcement of ending such vaccination programmes is seen as a positive step, the CIA’s spokesman has warned that “many obstacles” still remain and will likely stand in the way of vaccination programmes. These include myths that vaccinations cause sterility or HIV along with claims that they are spy programmes run by Western governments. Mr Boyd noted “while the CIA can do little about the former, the CIA director felt he could do something important to dispel the latter and he acted,” adding “it is important to note that militant groups have a long history of attacking humanitarian aid workers in Pakistan and those attacks began years before the raid against the Bin Laden compound and years before any press reports claiming a CIA-sponsored vaccination programme.”
In Pakistan, the decision will likely be welcomed, as polio has been spreading fast since the Taliban banned the vaccination campaign two years ago. Prior to the release of the letter, Professor Ibrahim Khan, an intermediary for the Taliban, had indicated that the militants wanted assurances that the vaccination programme was not being used for other purposes. He further added that he was hopeful that the Taliban would then lift the ban on the vaccine. However this is contingent on the success of peace negotiations with the Pakistani government. Currently, the talks have stalled, with the Ministry of Interior indicating that access to the polio vaccination will lead the agenda in the next round of talks.
G7 Warns Russia on “Annexing” Crimea
March 12, 2014 in UkraineOn Wednesday, days ahead of a planned referendum, leaders of the G7 group of nations called on Russia to stop its efforts to “annex” Ukraine’s Crimea region, stating that if Russia takes such a step, they would “take further action, individually and collectively.” The G7 leaders also indicated that they would not recognize the results of a referendum in Crimea, which will be held this weekend, to decide on whether to split from Ukraine and join Russia. Meanwhile, Ukraine’s national security chief has warned of a major Russian military build-up on Ukraine’s borders.
The European Union (EU), along with the Group of Seven (G7) industrial nations, which includes Britain, Canada, France, Germany, Italy, Japan and the United States, urged Russia to “cease all efforts to change the status of Crimea.” A statement released by the White House indicated, “in addition to its impact on the unity, sovereignty and territorial integrity of Ukraine, the annexation of Crimea could have grave implications for the legal order that protects unity and sovereignty of all states.” According to officials in the US, Sunday’s referendum has “no legal effect” as it is in “direct violation” of Ukraine’s constitution. Officials added “given the lack of adequate preparation and the intimidating presence of Russian troops, it would also be a deeply flawed process which would have no moral force.”
The G7 leaders have repeated their calls for Russia to de-escalate the crisis by withdrawing its troops from Crimea, to talk directly with Kiev and to use international mediators in order to “address any legitimate concerns it may have.” Meanwhile European Commission President Jose Manuel Barroso indicated that he hoped EU countries would keep their “very united and firm position because we don’t want to see, one century after the First World War, exactly the same kind of behaviour of countries annexing other countries.”
Other European leaders have also weighed in on the on going crisis. Polish Prime Minister Donald Tusk has stated that it may be time for the EU “to consider the possibility of having second phase sanctions” against Russia. During a joint news conference with Mr Tusk, German Chancellor Angela Merkel indicated that the EU could sign the “political part” of a long-awaited agreement on closer ties with Ukraine later this month. In a further public indication of Western support for Ukraine’s new leadership, US President Barack Obama is set to meet with interim Prime Minister Arseniy Yatsenyuk later in Washington.
Despite the looming referendum, diplomatic efforts with Russia are continuing. US Secretary of State John Kerry has stated that he will travel to London to hold talks with Minister Sergei Lavron on Friday. According to the Kerry, he will present him “with a series of options” for resolving the crisis. France’s President Francois Hollande has also spoken by telephone with Russia’s President Vladimir Putin, indicating that both agreed to “continue the discussion” on resolving the crisis. Despite Russia indicating that it may want to continue diplomatic discussions with the West, troop movements in Crimea demonstrate the Russia is unlikely to back down despite threats of sanctions.
Ukraine’s national security chief Andriy Parubiy indicated Wednesday that Moscow had not withdrawn its troops after carrying out military exercises near Ukraine’s eastern and southern frontiers last month. He further noted that the Russian army “is only two to three hours” from Kiev, adding that Ukraine’s “units are positioned to repel attacks from any direction.” Sources have indicated that Russian troops have been seen massing on Ukraine’s eastern and southern borders, with Ukrainian officials describing the situation as “critical.” He has accused Moscow of sending “subversive agents” into those areas to try to create a pre-text to deploy troops in the same way it has done in Crimea. Mr Parubiy has also indicated that Kiev’s parliament will vote on Thursday to establish a National Guard of 20,000 people, recruited from activists involved in the recent pro-Western protests as well as former military academies, in order to strengthen Ukraine’s defences. He indicated that the National Guard would be deployed to “protect state borders, general security and prevent ‘terrorist activities.’”
Crisis Timeline:
- 21 November 2013 – President Victor Yanukovych abandons deal on closer ties with the EU in favour of closer co-operation with Russia
- December 2013 – Pro-EU protesters occupy Kiev city hall and Independence Square.
- 20 February 2014 – At least 88 people are killed in 48 hours of bloodshed in Kiev.
- 21 February 2014 – President Yanukovych signs compromise deal with opposition leaders.
- 22 February 2014 – President Yanukovych flees Kiev. Parliament votes to remove him and sets presidential elections for 25 May.
- 27 – 28 February 2014 – Pro-Russian gunmen seize key buildings in Crimean capital Simeferopol
- 1 March 2014 – Russian parliament approves President Vladimir Putin’s request to use Russian forces in Ukraine.
- 6 March 2014 – Crimea’s parliament asks to join Russia and sets a referendum for 16 March.