Connect with us

Intelligence

The Jury’s Still Out: Can America Ever Match Russian Cyber Innovation?

Published

on

In February 2015, James Clapper, the Director of National Intelligence in the United States, announced that the appraisal of Russian cyber capability and intention had been elevated, pushing Russia to the number one spot on the list of countries which pose a major cyber-threat to the United States.

China held the number one spot for years because of the frequency of attacks on the United States. However, China’s cyberattacks were financially and economically motivated espionage rather than outright physical infrastructure attacks. Also, even though China’s cyberattacks were more frequent, it is believed Russia has more capabilities but has simply chosen not to use them all yet. Clapper also stated that Russian cyber saboteurs, spies, and thieves are widening their attacks against vulnerable American internet infrastructure, which chips away at US wealth and security over time.

Clapper’s intelligence assessment details how Russian cyber actors are creating new ways to remotely hack into industrial control systems that run electrical power grids, urban mass-transit systems, air-traffic control networks, and oil and gas pipelines. According to private-sector cyber security experts, these actors have been able to successfully compromise the product supply chains of three control system vendors so customers unknowingly downloaded exploitative malware directly from the vendors’ websites along with routine software updates. Russia is seen as an unregulated area as well as a safe haven for the development and spread of malicious codes around the world.

According to senior Russian military officials, its Ministry of Defense is establishing its own cyber command that will be responsible for conducting offensive cyber activities, such as propaganda operations and inserting malware into enemy command and control systems. A specialized branch for computer network operations is also being established by Russia’s armed forces. This is the consequence of a national security legacy, as Russia was one of the first nations to move assertively into the cyber sphere. In 1998, long before most nations even began thinking about cyber-security, the Kremlin established “Directorate K” to begin operations to monitor and defend against hackers and spammers. However, in recent years, Directorate K has taken on a more offensive role in the digital sphere.

Russia has been cyber-attacking the United States for several years. In 1999, it was discovered that the Moonlight Maze virus had been stealing information from the Department of Defense, Department of Energy, NASA, and military contractors for two years. In early 2015, Russia hackers were able to access an unclassified server of the US Department of State. Through this they were able to penetrate sensitive areas of the White House computer system and access information such as the real-time non-public details of President Barack Obama’s schedule. The FBI, the Secret Service, and United States intelligence community overall are all involved in investigating the breach and say that it was one of the most sophisticated attacks ever launched against American governmental computer systems.

Russia was also able to hack into systems at the Pentagon in July 2015. The sophisticated cyberattack affected nearly 4,000 federal employees when it shut down the Pentagon’s unclassified email system for the Joint Staff for nearly two weeks. The attack was carried out through the use of encrypted accounts on social media and officials at the Department of Defense stated that the attack involved “new and unseen approaches into the network.” Fortunately, only unclassified accounts and emails were involved so no classified information was accessed or taken from the network.

These cyberattack threats from Russia are a major concern for the United States because they undermine United States economic competitiveness and its fundamental belief in maintaining the secrecy of national security information. As of now, a “cyber armageddon” is not a high risk, but low to moderate-level attacks over time could pose serious financial security risks to the United States. In the US alone, international hacking has cost, on average, between 25 billion to 100 billion dollars annually. In 2008, cyber espionage, including industrial espionage, intellectual property theft, and theft of trade secrets caused the loss of more than one trillion dollars worldwide, with Russia always being cited as one of the main perpetrators. Russia’s tactics of using cyber-attacks to block any and all communications from within a nation-state and its ever increasing innovative capabilities could have a significant negative impact on United States’ security and interests. What the real question seems to be is not so much can Russia be stopped but does the United States have the talent pool to create similar cadres capable of matching the same innovation emerging from Russia. Classified information and state secrets aside, the jury on that question, quite frankly, remains out.

Continue Reading
Comments

Intelligence

Transnational Crimes in the Maritime Realm

Zaeem Hassan Mehmood

Published

on

Maritime trafficking routes closely follow the commercial shipping lanes. The modalities, technologies and strategies put into place by criminals are often times more sophisticated in caliber than those used in regulated trade. The vast expanses of the sea, the complexity of the maritime transportation system, the immense volume of cargo transferred at each port, and the limited capacity for inspections of cargo creates opportunity for criminals. Seaborne trade in the maritime realm follows a defined set of “sea lines of communication” based on currents and weather. Because of the robustness of shipping and mass amounts of cargo moved, traffickers utilize the same shipping industry routes with great effect. Shipping and sea lanes tend to offer anonymity for criminals, whereas their activities can be hidden behind legitimate industries. Criminal activity, especially illicit trade in narcotics, humans, and weapons, has become so extensive that it is difficult according to various studies to rule out implications of states and corporations in the criminal enterprise.

Individuals from various nationalities, followed by multiple vessels flagged to different states, adds the UN Drug Trade Report 2019, are used in the networks which transit the waters of various states and call at different ports before reaching their final destination. Despite the abundance of laws designed to combat illicit trafficking and an apparent impetus to stop specific types of crime, government’s remains only marginally successful in preventing the global flow of illegal goods due to the overwhelming volume and complexity of the markets for illicit trade. Working in tandem, the maritime forces nevertheless have made successful efforts to disrupt the illicit supply chains as a result of sea-based security operations; cooperation and collaboration between law enforcement organizations.

Nevertheless, legal complexity arises as the high seas “fall outside the jurisdiction of any single state” under the United National Convention on the Law of the Sea (UNCLOS). The ocean space is to be collectively policed by all states governed by principles of Freedom of navigation. Piracy and the illicit trafficking of narcotics, humans, and weapons comprise the main varieties of transnational crime. UNCLOS addresses these matter of concern in the realm of the sea, where various articles provide guidance in order to curb or limit the threats. Article 110 expounds the customary rule that warships may “approach and visit” on the high seas “any ship that is suspected of piracy, human trafficking, unauthorized broadcasting; and is without nationality”; or, “is flying a foreign flag or refusing to show its flag.” Article 111 addresses the right of “hot pursuit”, allowing warships of one state to follow a vessel through the different maritime zones of the ship if based on “reasonable grounds,” it is suspected of illegal activity.

Narcotics Trafficking

UNCLOS under Article 108 empowers states to cooperate and offer assistance to suppress drug trafficking by other state-flagged vessels. Traditionally, drug traffickers used overland routes, but since last two decades, they have shifted transportation into the “Indo-Pacific Ocean”. The majority of this trafficking has proliferated in the littoral regions, and often within territorial waters. In the latter years, advancement in technologies, providing for larger ships have allowed traffickers to move further into the sea to capitalize “blue water” areas, outside the 12-nautical mile mark and at times further than the 200-mile Exclusive Economic Zone (EEZ) of any country. It is a documented fact that U.S. is the world’s largest consumer of illegal drugs, also according to various studies the source and transit zones of drug trafficking between South America and the U.S despite high patrols on the border.

Piracy and Armed Robbery at Sea

Piracy has been one of the most ancient forms of maritime crime that is treated rigorously under the provisions of UNCLOS. Article 101 defines piracy as “any illegal act of violence or detention, any act of depredation, committed for private ends by the crew or passengers of a private ship or private aircraft on the high seas against another ship or aircraft, outside the jurisdiction of any state.” The latter parts highlights an important aspect that piracy is a type of transnational crime conducted by non-state actors in international waters. Article 105 of UNCLOS grants everystate the authority to seize any vessel, associated property and to arrest any persons engaged in piracy. Domestic courts of the state conducting the seizure have the mandate prosecute the pirates under domestic law and determine what to do with the vessels; however, to date the courts remain inadequate or unsupported in many places.

Piracy became a security issue of international concern since the last decade and half, primarily in the Horn of Africa, Gulf of Aden, and the Red Sea largely due to weak patrolling and sea blindness by the littoral states of the region. However, to an extent order at sea has been maintained with the presence Combined Task Force-151(CTF-151), focused on counter-piracy, and Combined Task Force-150 (CTF-150) to combat illicit activities at sea. Supported by several U.N. Security Council Resolutions, these task forces have “engaged with regional partners to build capacity and improve capabilities to protect global maritime commerce and secure freedom of navigation.” 

Piracy in the Asia-Pacific remains a matter of concern, however most of the incidents are underreported and those reported are of such small scale that they cloud the assessment of major piracy events. In the region, although piracy has been contained in the eastern region of Africa whereas it has proliferated in the western Africa around the Gulf of Guinea. This subject-matter experts conclude is a result of an increased trafficking in narcotics from Latin America, along with the various other illicit elements involving illegal fishing and human trafficking. The increased in piracy is a reminder for states that piracy remains a persistent and widespread challenge to maritime security. The recent activities in Somalia and Yemen foreshadow a resurgence of piracy in the region, encouraged by trafficking of light weapons and small arms, along with non-state actor’s unprecedented access to ship monitoring, tracking devices, and use of unmanned systems and long range communications.

Conclusion

United Nations Convention on the Law of the Sea (UNCLOS) identifies only certain types of transnational crime that affect maritime security, but there are many varieties and combinations of criminal activity that affect security and safety from the high seas to internal waters. Domestic laws however need be brought in line with international law, and cooperative partnerships between the states, law enforcement, and militaries to combat illicit activity needs to transcend the morass of politics that are often a hurdle in the way of more comprehensive legal regimes. It is recommended that information and intelligence sharing, along with TTPs (tactics, techniques, and procedures) need to be employed by the maritime forces to ensure freedom of the seas. UNCLOS provides a strong framework and multilateral efforts to deter criminal activity at sea for a more secure, safer operating environment for all. However, it is the difficulty in effective prosecution and applying of an equitable punishment to the culprits, involved in piracy, human trafficking and illicit drugs that must serve as a reminder to all states that much awaits for an all-inclusive solution.

Continue Reading

Intelligence

Fighting Corporate Espionage by a Counterintelligence Agent

Bob Budahl

Published

on

Corporate executives must bear the responsibility of today’s evolving corporate world entering into a global community where not only are the exposures to such a wide market area lucrative to an already thriving business, but also to a grave danger of the companies’ trade and technology secrets, systems, financial accounts and much more. No longer is “Security” to the facility and personnel all that is required. Many foreign countries and interests take short cuts to becoming competitive through the theft of trade secrets, products and overt and covert espionage of all sorts. Some of these entities are now facing a growing challenge from United States corporations with safeguarding of commercial information, proprietary information, and economic factors.

Many of the tactics utilized in private sector counterintelligence have much in common with the secrets and information the government does its best to safeguard from theft of foreign governments or non-traditional actor threats. The FBI estimates U.S. Corporations lose over $100 billion annually. There are open and legal methods of collection open that are harmful and a good counterintelligence program should target this as well as illegal activities such as electronic eavesdropping, hacking, etc. Passive counterintelligence tries to curtail what a collector may do through countermeasures, and awareness training. Active counterintelligence will prove beneficial to identify and detect a threat, and will conduct operations including eliminating threats or ongoing targeting. A mitigation policy should be of avail. After an attack it may raise shareholder concern which needs to be quelled quickly. Quick realization of a threat and implementing action promptly and efficiently can stop immeasurable damage.

The leaders in the private sector need to be proactive and realize that it is no longer only local threats they face. The threats can be global and may not only be an economic threat but also a threat to national security. In the U.S. private sector ties to the Defense, Intelligence and other government entities can be vast with a great deal of interplay and interconnectedness. Also, corporations do not employ many of the safeguards put in place by the defense and other government departments. Compartmentation, clearance, and many operations taken for granted in the government aren’t serving the corporate structures well-being at all or as well as it should be. The Economic Espionage Act of 1996, Title 18, Sections 1831 and 1832 of the U.S. Code covers economic espionage and also if they are considered trade theft prosecutions.

Where once economic espionage meant directly infiltrating a company or recruiting an employee within the corporation our biggest challenge today is cyber espionage. In reality secrets and information are stolen often and not even known they were taken. And a much less chance of apprehension. Cybercrimes operate in a stealth mode in many ways, but in a contrast way can be identified and detected and countered with effective counterintelligence methods. The U.S. economy has changed over the past 20 years. “Intellectual capital rather than physical assets now represent the bulk of a U.S. corporation’s value.”

With the growth of cybercrimes including corporate espionage some tips for safeguarding and thwarting foreign hostile intrusions include

Conduct real-time monitoring of networks and retaining access records

Software tools for content mgt., data loss prevention, network forensics

Encrypt data on servers

Utilize multi-factor authentication measures such as biometrics, PINS, passwords

Mobility policy in which measures are developed to oversee which connections can and cannot be made to corporate systems

Limits on social networking

Establish contingency plans

Many others

When deciding to emplace a counterintelligence program to safeguard a corporation the first stepis to conduct a risk assessment by assessing vulnerabilities and estimating the consequences of losing critical assets. This should be headed up by a board member or senior executive.

Then move to step two in which groundwork is laid for establishing a corporate counterintelligence program. Hire a manager dedicated to counterintelligence. Hook up the company’s security, intelligence assurance, general counsel and HR departments. Develop liaison with government law and intelligence. Ensure centralized management of the counterintelligence program. And have legal counsel provide guidance on the counterintelligence program actions.

Identify the Capabilities needed

Threat awareness and training

Analysis, Reporting and Response

Suspicious activity reporting

Counterintelligence Audit

Counterintelligence Investigations.

Liaison

Implement the Counterintelligence Program

A basic counterintelligence program description will look something like this: PM (Program Manager) interplay such as:

PM develops and implements CI program

PM oversees a centralized CI Program office

PM maintains insight into all corporate elements

PM is responsible for liaison with US Government

Security officers responsible for tactical CI

PM provides CI guidance through training programs

Also be aware that not only high tech companies are targeted since the targeted information they seek may be deemed important by who is doing the shopping.

Continue Reading

Intelligence

Where does allegiance lie?

Bob Budahl

Published

on

Dongfan “Greg” Chung who is a native of China and a naturalized U.S. Citizen had “secret” security clearance while working with Rockwell and Boeing Corporations on the Space Shuttle project. He had retired in 2002 but returned a year later as a contractor until fall 2006. The government proved Chung committed espionage by taking and concealing Boeing secrets regarding the Delta IV rocket and also the Space Shuttle. He did this for the People’s Republic of China. He was convicted on charges of acting as an agent of the PRC as well as economic espionage.

The investigation of a different engineer working within the U.S is what led to Chung’s investigation and resulting conviction. He was sentenced to more than 24 years in prison.

The Chinese had sent letters requesting information as far back as 1979. In correspondence with the PRC Chung expressed his wishes to help the PRC modernize. He also sent 24 manuals related to the important B-1 Bomberfrom Rockwell Corporation which was very damaging.

Travel trips to the People’s Republic of China occurred on multiple occasions to lecture but he also met with government officials. In letters from his handlers they use his wife Rebecca and Chi Mak to transmit information. In the fall of 2006 FBI and NASA agents searched his home and discovered more than 250,000 documents from Boeing, Rockwell and others which were secret.

The Shuttle Drawing System or “SDS” that Rockwell and Boeing engineers created held information regarding performing processes regarding the Space Shuttle. The engineers need a password and authorization to be able to access this system and files. This is a clear case that defensive counterintelligence measures could have prevented printing, concealment and removal of documents from the workplace. One great example of offensive counterespionage was the search of Chung’s trash which led to much revealing evidence.Also his extensive travel to the PRC was an indicator that his scope of activities while in the PRC were above speaking engagements, seminars, teaching, personal. The authorities did conduct offensive counterintelligence to the best of their abilities once it learned via the other agent implicated in similar dealings with the PRC.

Continue Reading

Latest

Environment7 hours ago

Microplastic pollution is everywhere, but not necessarily a risk to human health

Tiny plastic particles known as microplastics are “everywhere – including in our drinking-water”, but they are not necessarily a risk...

Americas9 hours ago

The Russiagate hoax is now fully exposed

The last leg of the Russiagate hoax to become exposed was on August 16th, when Gareth Porter bannered at The...

Energy News11 hours ago

Brazilian stakeholders of UNIDO-GEF project trained on biogas

The United Nations Industrial Development Organization (UNIDO), the Ministry of Science, Technology, Innovations and Communications (MCTIC), and the International Center...

Intelligence14 hours ago

Transnational Crimes in the Maritime Realm

Maritime trafficking routes closely follow the commercial shipping lanes. The modalities, technologies and strategies put into place by criminals are...

Newsdesk16 hours ago

The workplace equality challenge

This year’s G7 French presidency has chosen the theme for the Biarritz Summit well. ‘Combating inequality’ is indeed one of...

South Asia18 hours ago

Modi-fying Kashmir and Historical Facts

The Modi government on 5th august 2019 revoked two key constitutional provisions — Article 370 and Article 35A — which...

Intelligence20 hours ago

Fighting Corporate Espionage by a Counterintelligence Agent

Corporate executives must bear the responsibility of today’s evolving corporate world entering into a global community where not only are...

Trending

Copyright © 2019 Modern Diplomacy