Connect with us

Intelligence

THE FSB and SIGINT: Absolute Power at Home and Abroad

Published

on

The Russian Federal Security Service (FSB) should easily be considered one of the most influential and powerful intelligence organizations in the world today. Its primary functions and roles include: law enforcement, counterintelligence, domestic surveillance, and internal intelligence functions at the national level.

These roles mirror many of the functions assigned to the Federal Bureau of Investigation in the US (FBI). However, while many of these functions would put the FSB squarely in the realm of law enforcement instead of security or intelligence, the FSB also has mission responsibilities that organizations such as the FBI do not. The most significant being the mission of signals exploitation (SIGINT). This article focuses on the SIGINT capability of the FSB and its threat to US political, economic, and diplomatic policies as well as the threat in the new environment of cyber espionage.

Initially an internally focused organization, the FSB threat profile changed in 2003 when, under Presidential Edict No. 314, the missions and authorities of the Federal Agency for Government Communications and Information (FAPSI) were transferred to the FSB. This meant the FSB would now have both the resources and authorities for SIGINT collection against its adversaries and information assurance for all Russian government information systems. This transition established the FSB as a much larger player in the intelligence exploitation community and a larger threat to US interests. Most Western intelligence services separate the responsibilities and missions of SIGINT to a single intelligence organization, like the National Security Agency (NSA) in the US, which has only that authority. Other intelligence services handle matters such as counterintelligence and military-related intelligence. This is not the case with the FSB, which after Presidential Edict No. 314 controls elements of all major aspects and disciplines of intelligence, essentially giving it both unfettered access to collected intelligence as well as the ability to potentially restrict other Russian organizations from accessing the collected data. What exists is a single intelligence service with the capabilities to conduct human intelligence, counter-intelligence, law enforcement, border security, counter-surveillance, and signals collections. This represents a significant amount of authority and global reach that cannot be compared to any one intelligence service within the US or most other modern developed states. With the transition of SIGINT responsibilities, increased authority on border security, and cryptographic responsibilities to the FSB, the comparison of it to the US Intelligence Community also transitioned. Its domestic protection roles still most closely align with the FBI, but its SIGINT responsibilities mirror that of the National Security Agency (NSA), while the border security functions are more akin to the US Customs and Border Patrol (CBP) or even Immigration and Customs Enforcement (ICE).

On top of all of this, the FSB has become increasingly connected to all issues cyber as well. The world continues to become more interconnected. The internet has become an integral part of our daily lives and, for some, even a necessity. It supports everything from e-commerce to sensitive governmental correspondence. So when a country’s intelligence service inserts itself into business transactions, there becomes an increased risk that sensitive data could be syphoned off and used to support both commercial and national intelligence interests at home and abroad. Even though the Russian IT registration requirement is only for private companies operating within Russia, this means little in the interconnected world of the internet where data crosses many geographical boundaries between transmitter and receiver. The internet is a medium susceptible to signals collection just like any other and when countries or intelligence services have access to all internet-based traffic that falls within their borders, then that threat is not only very real but actually amplified.

One example of this threat is the Russian SORM program. SORM, or System for Ensuring Investigated Activity, is a mechanism that permits the FSB to monitor all phone and internet traffic coming in and out of the Russian Federation. While arguments are that this program is a law enforcement and internal security tool, the FSB still remains an intelligence service with a mission set that goes beyond internal security and law enforcement. It is worth noting that until a Russian Supreme Court ruling was handed down in late 2000, the FSB was under no obligation to inform Internet Service Providers (ISPs) that agents were accessing the system. The work undertaken by the FSB to support signals exploitation is not just limited to Russian companies, therefore, but extends to international entities with a presence in the Russian Federation.

On 11 April 2011, for example, a government source told the Interfax news agency that the FSB was not proposing a ban on Gmail, Skype or Hotmail in Russia. The FSB expert speaking at this meeting only expressed concerns that a number of those servers provide services outside of the national legal framework. The inferred concern was that because these companies utilize encryption for securing the communications of users, and none of them are directly based in Russia, the FSB requirement under SORM may not be implemented properly. It is interesting that the FSB would take the time for an interview to highlight its effort to find a solution to make the functioning of these services on Russian territory ‘comply’ with national laws. This statement, while perhaps innocuous on the surface, speaks to the potential level of penetration the FSB can gain into all aspects of communications, both traditional and emerging.

On 8 June 2011 Microsoft Russia made a statement with respect to the FSB and the on-line communications service Skype. In a statement carried by the Russian Federal Security Service-owned but supposedly editorially-independent Russian news agency Ekho Moskvy, Microsoft denied claims it had provided the FSB with encryption algorithms for the internet service. It did, however, admit that the source code for the program was provided. With its charter to protect and monitor cryptographic systems for the Russian government, the FSB has access to those individuals who both create and decipher cryptographic algorithms as part of the newly transferred FAPSI functions. With these vast resources, it is not a giant leap of logic to think the FSB will be sorely tempted to conduct eavesdropping on any entity it wishes, without the support of said company, as long as a suitable connection to ‘national security’ is found.  

These two examples are a sample of how cyber seems to be a new focus of FSB SIGINT collection efforts. And while, for now, they focus solely on what has occurred within Russian territory, it is important to note the FSB has recognized links in over 80 countries and formal offices in at least 18 of them. This level of global reach and interaction means its SIGINT mission can be transferred anywhere the FSB maintains a presence. As these capabilities are deployed, they provide the FSB with a larger SIGINT capability than most intelligence agencies around the world. The FSB of course formally declares that it honors all international treaties and pursues only legitimate inquiries that hold potential harm to the sovereign interests and national security of the Russian Federation. The problem, of course, is just how fungible those sovereign interests might be over time and how relevant the old adage about absolute power corrupting absolutely might become.

Continue Reading
Comments

Intelligence

The drone attacks on Saudi Arabia’s oil wells

Giancarlo Elia Valori

Published

on

In the early morning of Saturday, September 14 last, at 3.31 and 3.42 a.m., the Yemeni Houthi Shiite rebels supported by the Iranian “Revolutionary Guards” – the right eye of Imam Qomeini, as they are called in Iran – launched about ten drones against the largest Saudi oil extraction area owned by ARAMCO.

Allegedly the operation was launched from Iraq. Both Abqaiq, the largest stabilization facility in the world, as well as the Buqaiq facility in the extraction field, and finally Kurais, about 60 kilometres from Abqaiq, were hit with drones.

  It is the largest oil disruption ever, considering all those caused by wars or other reasons.

The Shiite attacks have immediately reduced Saudi production by about five million barrels per day, i.e. about half of the Saudi Kingdom’s daily output.

 With the drone attacks, the world has lost 6% of its oil output.

 The Saudi authorities have said that, as early as September 17, everything has been under control.

The first geopolitical deduction that can be made is that the current attacks, much more virulent than those already occurred last May, open a second front of Arabia’s war against Iraq, which, in any case, would severely strain the Saudi armed forces, already absorbed by the war in Yemen- albeit with meagre results.

Moreover this could open a new strategic area, in which the USA could be forced to help Saudi Arabia and Israel could be forced to later project its power not only onto its northern and southern borders, but also onto eastern Syria and Iraq – and permanently so, unlike what currently happens.

Certainly, all this regards above all Iran that, however, could not afford a hybrid and conventional war with Saudi Arabia and its traditional regional allies.

 Moreover, the Shiite Houthi’s attack on the Saudi oil facilities was conceived and probably planned by the Head of the Pasdaran, Qassem Soleimani.

Hence the Houthi operation has run parallel with the action directly organized by the Pasdaran on September 15 last, i.e. the seizure of a ship – the name of which is still unknown -carrying a fuel cargo of over 250,000 litres.

 All this happened in the Strait of Hormuz, near the island of Tunb, in Iranian waters.

 A full option strategy to show Iran’s new regional strategic status.

According to Iranian sources, the rationale underlying the naval operation of the Iranian Revolutionary Guards concerns the substantial oil smuggling to and fro the United Arab Emirates.

Tout se tient.

  Iran, on the one hand, while assessing the war burden for Saudi Arabia in Yemen, wants to open other fronts of the conflict, thus also extending Israel’s defence chain. Hence Iran pursues the overstretch of its traditional opponents.

 Another possible assessment of the drone operation carried out by the Houthis and Iran is that it could be an Iranian response to the actions undertaken by French President Macron who has recently tried to organize a side meeting, at the UN General Assembly, between US President Trump and  Iranian President Rouhani.

Ali Khamenei, the Rahbar and, hence, Iran’s Supreme Leader, was, however, clearly opposed to a new Iran-US diplomatic relationship, and his Revolutionary Guards have immediately understood the issue.

Moreover, the very recent drone attacks on the two Saudi facilities are not even the first and only ones. As mentioned above, on May 15 last, two Saudi pumping stations – placed on the East-West pipeline that reaches up to the Yanbu oil terminal were attacked with two drones probably launched from Iraq.

Hence Iran has an efficient and stable network in Iraq to launch attacks on the Saudi territory and its surrounding areas, not necessarily with drones only.

With its satellite photos, Israel has shown that the Al Quds Force, the elite of the Pasdaran, is building an Iranian military station in Albukamal, on the Syrian-Iraqi border-and probably these operations indicate that the base is already finished.

  It is supposedly a base for at least 3,500 soldiers, with means that should be used above all for the “hybrid war”, but not only for it.

Once again Israel has become a target for Iran, from the new bases in Northern Iraq. The United States, however, does not want to be entangled and bogged down into a new “long war” in the Middle East, even though it will help Saudi Arabia (and, obviously, Israel) from afar, while Saudi Arabia has explicitly stated that the Iranian drones are very hard to track.

At economic level, however, the Saudi oil crisis has the same magnitude as the oil crisis following the Yom Kippur war.

 This crisis, however, is really such only because Saudi Arabia has proved to be fragile, not only in terms of mere oil quantity, which has been immediately reintroduced into the daily balance, using the Saudi huge reserves.

Nevertheless they will run short and nobody really knows what the reserves of the Saudi wells are, which are reportedly still very large. However, there are those who have doubts in this regard, since it is the best kept Saudi State secret.

 This has been the worst attack ever on the “oil bank”, as analysts call the Saudi Kingdom.

Hence the attack is a real game change rand it is currently hard to predict all its effects, even for technical experts and  strategic analysts.

 It much depends on Mohammed bin Salman’s moves, as well as on the US real engagement in the region, and finally on Israel’s future military policy.

 According to some organizations that study oil markets, the Iranian and Houthi operation is at least as severe as the invasion of Kuwait – which also “sucked” Iraqi oil- or as  the 1979 Iranian Shiite revolution itself.

 President Trump has already authorized the release of US strategic reserves (SPR), where necessary, “to keep the markets well supplied”.

As early as September 16, however, Saudi ARAMCO has been expected to recover at least a third of its production, with a maximum of two or three million barrels of Saudi oil that will go back to the markets within two-five days, while additional 2.7 million barrels will arrive on the market later, considering the nature and specificity of the Abqaiq facility.

 It is a huge facility located in a Saudi area where the  presence of Shiite Islam is far from negligible, i.e. about 15-20%, mainly in the eastern zones and among the workers operating in the wells and facilities.

This is another political sign-halfway between religion and class struggle – not to be neglected.

When the markets opened, on the Monday following the attacks, the oil barrel price increased by 20%, with a peak of 71.6 USD per barrel.

However, what are the Iranian assets in the current war launched against the great Wahhabi and Sunni power, namely Saudi Arabia – a war which is a proxy one only from a formal viewpoint?

They are manifold and remarkable.

 There are over 45 Iranian military airports. The maritime positions currently held by the Revolutionary Guards are over 16, all located on the coasts and islands of the Persian Gulf.

 The missile stations in Iran and Iraq have several carriers capable of reaching a range of 2,500 kilometres.

 Iran’s area denial and access denial capabilities are much greater than those of any country in the region.

Iran has a significant submarine fleet, both in the Persian Gulf and in the Indian Ocean, as well as a large fleet of very fast motorboats and patrol boats.

At military level, Iran is not afraid of its obvious tactical superiority nor of the first or second-level reactions of its opponents.

Cyberattacks are another Iranian “excellence” while, only recently, Saudi ARAMCO has been updated in terms of protection from cyberattacks- albeit we are still at less relevant levels than Iran’s.

 It is no by mere coincidence that the Saudi oil company has already suffered cyberattacks, with the Shamoon virus in 2018. Moreover, due to their geographical location, also the Saudi ports and infrastructure are scarcely protected from missile or air attacks.

 But also from sea bombings, especially on the ports of Ras Tanura and Ras Juaymah, located in the Persian Gulf, and of Yanbu, in the Red Sea, which are hard to protect.

So far, however, the Saudi critical infrastructure has been defended only from Qaedist attacks, not from a real military operation, possibly with the Houthi conventional or hybrid war protection.

Not to mention the desalination plants, which process 70% of all the drinking water distributed in Saudi homes, in addition to electricity grids, which are based on the production of energy using over two thirds of the abundant oil supplies. They are surely targets of the drone attacks, as well as cyberattacks or conventional operations.

 Another factor not to be neglected regards one of the mainstays of Mohammed bin Salman’ strategy, namely the sale of Saudi ARAMCO.

Clearly the attacks significantly reduce the stock market value of the company, and it just so happened that, in the last days before the attack of last Saturday, the sale procedure had recorded a strong acceleration.

 Mohammed bin Salman has set the cost of the ARAMCO operation at 2 trillion dollars.

Hence, considering the infrastructure weakness shown by Saudi Arabia, it will be very unlikely for investors to run to buy the company and carry out transactions on the Stock Exchange.

It is also easy to understand that Iran’s and its proxies’ operation against Saudi Arabia is such as to place Iran in a vantage position in a future new negotiation on the nuclear issue.

It should be recalled that the war in Yemen started in 2015 when Saudi Arabia entered that country to free some areas, including the capital Sana’a, from the insurgents.

Later Saudi Arabia established a friendly government, led by Abu Mansur Hadi.

Saudi Arabia, however, was not able to hold its positions and reach its strategic objectives.

In fact, holding Yemen means to completely control the Persian Gulf and the areas pertaining to it.

Saudi Arabia has kept only Aden and Al Mokha, as well as few other areas, while the border between Arabia and Yemen is still a land of conflict and clashes, in a tribal zone, on the Saudi side of the border line, which has always been scarcely favourable to the Al Saud family and to the Wahabi tradition of Islam.

 Nevertheless, not the whole Ansar Allah, the Houthi Shiite movement, is strictly dependent on Iran.

Hence the war in Yemen is a huge cost for Saudi Arabia, while it is negligible for Iran.

We should also consider the support provided to the rebels in the South by Abu Dhabi, the other Emirates and Oman, a country that has always had its own specific policy vis-à-vis Iran.

It should also be recalled that Saudi Arabia was directly hit by drones on December 4, 2017.

However, only a part of the Yemeni tribes are currently  loyal to Hadi’s central government and they have often had to enter the Saudi territory, while the other tribes, including the Sunni ones, have supported the tribal-national autonomy proposed by the Houthis.

As already mentioned above, however, ultimately not even Iran will be able to control Ansar Allah completely.

 Other effects of the oil crisis will be seen in India, whose  economic take-off relies solely on Middle East oil, with 18% of its annual consumption resulting from Saudi oil alone.

 Other Asian countries shall change their main supplier, but also the United States – despite its shale oil production -has so far imported 400,000 barrels per day in 2019 alone.

 The situation is not bad at all for Russia which, for years, has been setting oil prices similar to OPEC’s. The same holds true for Kuwait and the Emirates, but the possible expansion of production could currently reach a million barrels per day, which are not enough to cover the Saudi shortfall.

 Reverting to Yemen, it should also be recalled that the local war is the result of the US-sponsored “Arab spring”.

Hence, it is however unlikely that the attacks on oil wells and facilities (and we should consider that they are not far from the Yemeni border) provide the opportunity for a combined Saudi, US and Israeli attack on Iranian military positions in Iraq or in the Persian Gulf.

From a disadvantaged position, Iran has managed to create its own strategic level playing field with regional and international players, which is the real new fact of the drone attack on the Saudi oil facilities that took place last Saturday.

Continue Reading

Intelligence

Iran: New details of shooting Global Hawk disclosed

Newsroom

Published

on

Deputy of Operations of Iran’s Passive Defense Organization Amir Khoshghalb, in an interview with Mehr news agency, released the details of downing US Northrop Grumman RQ-4 Global Hawk spy drone by IRGC.

“We were precisely observing the US drone’s activity even from the beginning moments of its flight,” he said, “We knew its route and it was under full supervision of Iran Defense Organization.”

“The drone was moving towards Iran, breaching international regulations i.e. taking that route it was making a threat to Iran,” the Iranian official said. 

“It had even turned off its identification system,” he added.

“We needed to take a tactical measure, accordingly,” he said.

“Our tactical measure has various aspects; first we issued a radio warning,” Khshghalb described, “In some cases, the warning is stronger and will lead into a strong tactical measure such as shooting.”

“On its route, which was longer than three hours, the drone, which was under our full surveillance, was seeking something,” he reiterated.

“May be we could take initial measures much earlier but we let the drone do its job and end its route,” he said, “We repeatedly issued warnings when the drone was on its way moving towards us asking it to act upon international regulations but it ignored all of them.”

On June 20, In June, Iran’s IRGC downed a US Northrop Grumman RQ-4 Global Hawk spy drone after it had violated Iranian airspace. Despite the US claims that the drone had been flying over international waters, Iran said it had retrieved sections of the drone in its own territorial waters where it was shot down.

The intruding drone was shot by Iran’s homegrown air defense missile system “Khordad-3rd”.

US President Donald Trump said afterward that he aborted a military strike to retaliate against Iran’s downing of the US drone because it could have killed 150 people, and signaled he was open to talks with Tehran.

Chief of General Staff of Iranian Armed Force, Major General Mohammad Hossein Bagheri, said on Wednesday that the US was on the verge of attacking Iran but called off the plans after Iran downed the intruding drone.

“The US was to take a practical measure [military strike] against us but in the name of a high number of probable victims, it overturned the decision,” he said, adding, “The main reason, however, was Iran’s deterrence power.”

These are the result of the Iranian thought and the commands of the Revolution Leader, he said, noting that despite all problems, Iran enjoys great capabilities in the defense sector and the Iranian nation will not let eruption of another war.

From our partner MNA

Continue Reading

Intelligence

Rethinking Cyber warfare: Strategic Implications for United States and China

Zaeem Hassan Mehmood

Published

on

“Every age had its own kind of war, its own limiting conditions, and its own peculiar preconceptions.”Carl von Clausewitz

Internet has transformed the front lines of war. Modern conflicts are now waged online in cyberspace. World Wide Web (WWW) has eradicated all physical borders and defences, without which weak and powerful states are all prone to attacks. Concurring to this pretext, a number of countries have formally recognized cyber as the new domain of warfare in their strategy papers and documents. United States and China are the master players in this realm having military units active, with sophisticated state of art capabilities dedicated to cyber strikes. The consequences are dire, for the sole superpower, and for the rising economic giant which is projected to take over the former by 2025.

The dynamic nature of cyber warfare has caused frustration in the inner circles of Washington and Beijing. Both the public and the private sector have been targeted. The former to get hands on state secrets and latter for intellectual property rights. According to an estimate by US Cyber Command (USCYBERCOM), it has cost the American economy $338 billion, an amount closer to the entire Gross Domestic Product (GDP) of Pakistan. China on the other hand leads the Asia-Pacific region in cyber losses which incurs the country an annual estimated loss of $60 billion.

Next Generation Warfare

There is a surge seen in cyber attacks against the US. The Central Intelligence Agency (CIA), Federal Bureau of Investigation (FBI) and National Security Agency (NSA) at multiple times have came under attack. This is followed by Silicon Valley tech giants, such as Netflix, Twitter and Spotify who on numerous occasions have been taken down by cyber attackers. It is very difficult to trace the identity and origin of the attack, as various techniques like changing Internet Protocol (IP) cannot only hide identity of attacker but misattribute it to other nations. Cyber security analysts working in their private capacity have collected evidence that seems indicate China as the alleged perpetrator of recent waves of cyber-attacks.

However, cyber pundits have openly stated that they cannot guarantee with a hundred percent accuracy that the evidence collected in wake of cyber-attacks is authentic and not planted by perpetrators to seem to look genuine. In cyberspace. An attack could be from anywhere around the globe. It could be from friends and foes alike, anyone can attack and make it look like an attack came from China or other adversary. In the past, cyberattackers from France bypassed into secured servers stealing classified information relating to American products and designs. Added to that, it is an expensive and difficult task to analyze these attacks. To know that you have been attacked or infiltrated is itself a big achievement. Considering that, it take days or even months to find that your security has been compromised. It took seven months for security analyst to find the Stuxnet virus that was hiding itself into a legitimate Siemens software responsible for controlling centrifuges at nuclear power plants around the world. According to an estimate starting rates for analyzing and identifying cyber attacks start from $650 dollars per hour, which often end up towards an uncertain conclusions.

Philippe Goldstein author of Babel Zero argues that attacking against a wrong adversary would be catastrophic. A troublesome scenario, where attacks in cyberspace can be met with conventional and even nuclear culminating a “Cyber Armageddon”. It is this reason that states have taken cyber warfare seriously and synonymous to national security. China has incorporated cyber command structure within its armed forces, under the“Three Warfare strategy.”

Cybersecurity analysts have called minuet “cyber bullets” as ‘Cyber weapons of Mass Destruction.’ All one needs is ‘bad timings, bad decision making and some bad luck!’ and you can end up having a World War III which was 24/7 nightmare of Cold War veterans. The world is not immune from such attacks. Anyone having an access to any computing device, from iPods to digital smart watches, having right technical skills can cause a national security crisis. This is well depicted in John Badham’s film, WarGames where a young hacker unknowingly sets a US military supercomputer to launch nuclear weapons on the former Soviet Union. Few years back, an attack on FBI’s website resulted in leaking of classified data caused alarm bells in Washington. Later it was found out the perpetrator was a 15 year old school boy from Glasgow, Scotland.

The way forward for states remains cumbersome in the absence of legal framework from the United Nations (UN). Further complications arise when the attack is orchestrated by a non-state actor or private individual from a particular state. Recent debates among the North Atlantic Treaty Organization (NATO) members have arisen in the wake of alleged Russian sponsored cyber activities against Europe and America whether the collective defence measures under Article 5 would apply to a cyber-attack.

Cyber security is a relatively new introduction in war studies. The US Department of Defence (DOD) recognized cyber warfare, as the fifth domain of warfare following land, sea, air and outer space. There are around 30 countries that have dedicated cyber military units, whereas more than 140 countries have or are in developing stages to acquire cyber weapons. Cyber is the means by which countries irrespective of their financial standing can acquire to further states objectives. US and China are considered advanced states in cyber realm, having cyber military technology and capabilities that are rarely matched by other contenders. Therefore, studying their way of cyber dealings, strategies and policy making would allow other countries such as Pakistan to better able to understand the dynamics and nature of this new type of warfare. India has tasked the Defence Cyber Agency (DCA), presently headed by a two-star Admiral which reports directly to Chairman of the Chiefs of Staff Committee (CCSC). DCA is presently undertaking to prepare a Cyber warfare doctrine for India. The repercussions of the developments are critical for Pakistan, which require a comprehensive safety and information guideline to be prepared for the masses. 

Continue Reading

Latest

Energy News1 hour ago

After stalling last year, renewable power capacity additions to hit double-digit growth in 2019

After stalling last year, global capacity additions of renewable power are set to bounce back with double-digit growth in 2019,...

Economy3 hours ago

Foreign direct investment is not coming to Indonesia. Really?

The economic topic receiving most attention in the last few days is certainly that of foreign direct investment, or FDI,...

South Asia8 hours ago

Kashmir: The Unconquerable Will of Kashmiris is still Alive

Every dictatorship flourishes more on the continuing incapacity of the public to examine and evaluate reality in the way that...

Newsdesk14 hours ago

Liquidity Crisis Weighs on An Already Strangled Palestinian Economy

Palestinian Authority (PA) faces a financing gap that could exceed US$1.8 billion for 2019 driven by declining aid flows and...

Science & Technology16 hours ago

How to Design Responsible Technology

Biased algorithms and noninclusive data sets are contributing to a growing ‘techlash’ around the world. Today, the World Economic Forum,...

Reports18 hours ago

Emerging East Asia Bond Markets Continue Growth Despite Risks

Emerging East Asia’s local currency bond market expanded steadily in the second quarter of 2019 despite downside risks stemming from...

Middle East23 hours ago

Saudi oil attacks put US commitments to the test

Neither Saudi Arabia nor the United States is rushing to retaliate for a brazen, allegedly Iranian attack that severely damaged...

Trending

Copyright © 2019 Modern Diplomacy