Connect with us

Intelligence

The global strategy of computer hacking

Giancarlo Elia Valori

Published

on

Whoever operates on the Web and has even interesting or relevant data sooner or later will always be hacked by someone or by some organizations.

 Usually “economic” hackers take the data of interest from the victim’s network and resell it in the dark web, i.e. the system of websites that cannot be reached by normal search engines.

Currently, however, after the Bayonet operation of July 2017 in which many dark web areas were penetrated, we are witnessing a specialization of the dark web and an evolution of web espionage methods against companies and States.

 These operations which, in the past, were carried out by web amateurs, such as youngsters at home, are currently carried out by structured and connected networks of professional hackers that develop long-term projects and often sell themselves to certain States or, sometimes, to some international crime organizations.

As often happens in these cases, the dark web was born from research in the military field. In fact, in the 1990s, the Department of Defense had developed a covert and encrypted network that could permanently protect the communications of the U.S. espionage “operatives” who worked abroad.

Later the secret network became a non-profit network that could be used for the usual “human rights” and for protecting privacy, the last religion of our decadence.

 That old network of the State Department then intersected with the new TOR Network, which is the acronym of The Onion Router, the IT “onion” covering communication with different and often separable encryption systems.

 TOR lives on the Internet edge and it acts as the basic technology for its dark web.

 Like the “Commendatore” vis-à-vis Don Giovanni in Mozart’s opera.

 TOR, however, is a free browser that can be easily extracted from the Web.

Obviously, the more the anonymity of those who use TOR and go on the dark web is covered by effective encryption systems, the more unintentional signals are left when browsing the dark web.

Moreover, the farther you have to go, the more pebbles you need to go back, as in the Thumbelina fairy tale.

 TOR and the Dark Web were born to allow the communications of U.S. secret agents, but were later downgraded to “free” communication system to defend Web surfers from “authoritarian governments”. Currently the dark web hosts a wide underground market where drugs, stolen identities, child pornography, jihadist terrorism and all forms of illegal business are traded.

Moreover, if these dark web services are paid with uncontrollable cryptocurrencies, it is very difficult to track any kind of dark web operations.

Nowadays, about 65,000 URLs operate in the dark web, which means Internet websites and Universal Resource Locators that operate mainly via TOR.

A recent study of a company dealing with cybersecurity has demonstrated that about 15% of all dark web URLs facilitate peer-to-peer communication between users and websites usually by means of chat rooms or websites collecting images, pictures and photos, which are often steganographic means and transmit hidden and concealed texts, but also for the exchange of real goods via specialized websites for peer-to-peer trading that are also encrypted, as can easily be imagined.

 Moreover, a further study conducted by a U.S. communication company specialized in web operations has shown that at least 50% of the dark websites is, in fact, legal.

 This means they officially deals with things, people, data and pictures that, apparently, also apply to “regular” websites.

  In other words, the dark websites have been created by means of a regular request to the national reference office of ICANN, which grants the domains and registers the permitted websites, thus communicating them to the Californian cooperative that owns the web “source codes”, although not in a monopolistic way.

Currently all the large web organizations have a dark “Commendatore” in the TOR area, such as Facebook, and the same holds true for almost all major U.S. newspapers, for some European magazines but also for some security agencies such as CIA.

Nevertheless, about 75% of the TOR websites listed by the above stated IT consultancy companies are specialized URLs for trading.

 Many of these websites operate only with Bitcoins or with other types of cryptocurrencies.

Mainly illegal pharmaceuticals or drugs, items and even weapons are sold in the dark web. Said weapons are often advanced and not available in the visible and overt networks.

 Some URLs also sell counterfeit documents and access keys for credit cards, or even bank credentials, which are real but for subjects other than those for whom they were issued.

In 2018 Bitcoin operations were carried out in the dark web to the tune of over 872 million US dollars. This amount will certainly exceed one billion US dollars in late 2019.

It should be recalled that the total amount of money “laundered” in the world accounts for almost 5% of the world GDP, equal to 4 trillion US dollars approximately.

Who invented the Bitcoin?

 In 2011, the cryptocurrency was used for the first time as a term of trade only for drug traffickers operating in the dark web, mainly through a website called Silk Road.

 The alias used for those exchanges was called Satoshi Nakamoto, that was also filmed and interviewed, but was obviously another.

We should also recall web frauds or blackmails: for example, InFraud, a U.S. organization specialized in the collection, distribution and sale of stolen credit cards and other personal data.

Before being discovered, InFraud had illegally made a net gain of 530 million US dollars.

 Another group of illegal operators, Fin7, also known as Carbanak, again based in the United States, has collected over a billion US dollars on the web and has put in crisis, by blackmailing them, some commercial organizations such as Saks Fifth Avenue and Chipotle, a widespread chain of burritos and other typical dishes of Mexican cuisine.

 Obviously the introduction of new control and data processing technologies, ranging from 5G to biometric sensors, or of personal monitoring technologies, increases the criminal potential of the dark web.

Hence the dark web criminals will have an even larger mass of data from which to derive what they need.

 The methods used will be the usual ones, such as phishing, i.d. the fraudulent attempt to obtain or to deceive people into sharing sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication possibly with a fake website, or the so-called “social engineering”, which is an online scam in which a third party pretends to be a company or an important individual in order to obtain the sensitive data and personal details of the potential victim,  in an apparently legal way, or blackmail by e-mail and finally the manipulation of credentials.

With a mass of additional data on their “customers”, the web criminals will be able to perfect their operations, thus making them quicker and more effective. Or the new web technologies will be able to accelerate the time needed for blackmail or compromise, thus allowing a greater number of frauds for more victims.

 Biometrics certainly expands the time for the use of data in the hands of cybercriminals. Facial detection or genetic and health data are stable, not to mention the poor security of data held by hospitals. Or we have to do with the widespread dissemination of genetic research, which will provide even more sensitive data to web swindlers.

 According to some recent analyses carried out by the specialized laboratories for the Web, 56% of the data most used by web criminals comes from the victims’ personal data, while 44% of the data used by swindlers comes from financial news.

 Moreover, specific types of credit cards, sold by geographical area, commercial type and issuing bank, can be bought in the dark web.

 85% of them are credit cards accredited for a bank ceiling, while 15% of “customers” asks for debit cards.

The web scammers, however, always prefer e-mail addresses even to passwords.

Furthermore, less than 25% of the 40,000 dark web files have a single title.

  In the “dark” web there are over 44,000 manuals for e-frauds, available for sale and often sold at very low prices.

The large and sometimes famous companies are the mainly affected ones. In 2018 the following companies were the target of cyberattacks in the United States: Dixus, a mobile phone company which was stolen 10 million files; the Cathay Pacific airline, with 9.4 million files removed, but also the Marriott’s hotel chain (500 million data/files removed) and finally Quora, a website of scientific documents and generic data. Over 45 million files were removed from Quora.

 How can we know whether we are the target of an attack from the Dark Web? There is certainly the presence of ransomware, such as the recent Phobos, which uses the Remote Desktop Protocols (RDP) that allow to control computers remotely.

 Then there is the Distributed Denial of Service (DDoS), which is a temporary block of the Web, apparently accidental, and finally there is the traditional malware, the “malicious” software that is used to disrupt the victims’ computer operations and collects the data present on their computers.

 However, the Dark Web ambiguity between common crime and the defence of “human rights” and safe communications in “authoritarian regimes” always remains.

The United States, Iran, China and other countries have already created a “fourth army”, composed only of hackers, that operates with cyberattacks against the enemies’ defence and civilian networks.

 The US Cyber Command, for example, is estimated to be composed of as many as 100,000 men and women, who operate 24 hours a day to hit enemy servers (and also allies’ ones, when they contain useful information).

Just think also of the private group Telecomix, which supported the 2011 Arab rebellions and, often, also the subsequent ones.

Also in these months both Telecomix and Anonymous are working to permit the free use of the Syrian computer network.

 There is often an operative interface between these groups and the Intelligence Agencies, which often autonomously acquire data from private networks, which, however, soon become aware of the State operations.

 There is also cyber-rebellion, which tries – often successfully – to strike at the victims’ data stored, by deleting them.

 DDoS, the most frequent type of attack, often uses a program called Low Orbit Ion Cannot (LOIC) which allows a large number of connections to be established simultaneously, thus leading to fast  saturation of the enemy server.

The attacking computers can be used remotely and some groups of hackers use thousands of computers simultaneously, called “zombie machines”, to hit the database in which they are interested to delete it or to remove its files.

 This type of “fourth army” can inflict greater damage on a target country than a conventional armed attack. The faster the attack, the easier is to identify the origin of the operation.

It is currently estimated that the “zombie” computers in the world are over 250 million – a greater network than any other today present in the military, scientific and financial world.

Hence a very dangerous military threat to critical infrastructure or to the economic resources of any country, no matter how “advanced” it is technologically or in terms of military Defence.

 There have been reports of hackers linked to global drug organizations, especially Mexican cartels, and to jihadist or fundamentalist terrorist groups.

Financial hacking, which often supports all these initiatives, remains fundamental.

 The South Korean intelligence services’ operative Lim was found “suicidal” after having purchased a program from the Milanese Hacking Team.

A necessary tool for these operations is often a briefcase containing circuits which mimic the towers of cellular repeaters and store in the briefcase itself all the data which is transferred via cetel or via the Internet Network.

The Central Bank of Cyprus, the German CDU Party and many LinkedIn accounts – a particularly favourite target of hackers – some NATO websites and, in Italy, some business and financial consultancy companies were attacked in this way.

 It is a completely new war logic, which must be analysed both at technical and operational levels and at theoretical and strategic levels.

Advisory Board Co-chair Honoris Causa Professor Giancarlo Elia Valori is an eminent Italian economist and businessman. He holds prestigious academic distinctions and national orders. Mr. Valori has lectured on international affairs and economics at the world’s leading universities such as Peking University, the Hebrew University of Jerusalem and the Yeshiva University in New York. He currently chairs “International World Group”, he is also the honorary president of Huawei Italy, economic adviser to the Chinese giant HNA Group. In 1992 he was appointed Officier de la Légion d’Honneur de la République Francaise, with this motivation: “A man who can see across borders to understand the world” and in 2002 he received the title “Honorable” of the Académie des Sciences de l’Institut de France. “

Continue Reading
Comments

Intelligence

Coronavirus: Bioterrorism or Not, Who Is the Winner?

Sajad Abedi

Published

on

Authors: Sajad Abedi and Mohammad Amin Zabihi*

It has been so long since the early instances of using toxins, chemicals, and diseases as agents of assassinations and/or even mass murder. There are numerous historical and even modern instances of using toxins in assassinations, or using contagious diseases in warfare without even knowing about the bacteria or virus. For example, (allegedly) the first registered event of such method goes back to 14th century when Tatar army, desperate to win after three years of siege, threw corpses of plague victims to the Caffa city[1], causing an outbreak of this disease within the city. But the most important part happened afterwards; some soldiers could manage to escape on boats – Caffa was a port city on the Crimea Sea – to Italy, unaware of the fact that they were already infected. Nevertheless, most of them died along the way, but infected rats and remaining bodies caused one the major waves of plague pandemic[2] all over the Europe.

The paramount point is that in our modern world, it is just a matter of hours to leave New York and land somewhere else, thousands of miles away, even before the first symptoms of your disease manifest itself. In fact, the most horrifying factor of any contagious disease could be its latent period.

On the other hand, considering the unprecedent pace of ever-growing biological technologies, many developed countries possess the ability to develop an intelligent virus equipped with customized features in order to remain unnoticed on the victim’s (vector’s) body for quiet a time, and only manifest itself after it infected a considerable number of surrounding people. More interestingly, such customized virus can be planned whether to disable a specific organ or to metastasize within the whole system of the host. Even more, it can be planned according to the genetic map of people within a given region.

Looking at the whole picture with broader perspective, it does not matter whether the agent is toxic, chemical, or biological. The capability to produce and employ a virus, bacteria, or toxin by malicious actors, namely terrorists or criminals, could bring disastrous results.As we witnessed such case during 1990s in Japan – the Aum Shinrikyo Cult.

In fact, if we are going to prevent such disasters, first we should find the potential actors who may resort to such actions, investigate the probable ways, and also understand the costs, benefits, motives, and risks of which for these potential actors.

Of course, terrorists and criminals are the first probable examples which may pop up in our minds, but looking more rigorously, state actors are also among the potential cases. In the case of Coronavirus outbreak, if one considers it as an instance of bioterrorism/biological-war act, the probability of participation of terrorist or criminal organizations seems to be low, due to the complexity of production process and the highly advanced technologies required to produce such virus at the first place. On the other hand, a terrorist organization typically claims the responsibility of such attack in order to earn the reputation, and a criminal organization may demand ransom prior to release the virus – otherwise it would not be beneficial, unless they already have the cure (vaccine/antidote) ready to sell. In any case, it doesn’t seem probable. 

Considering the fact that, in the case of a pandemic, finding the main cause and the zero patient in this complex, interconnected world is significantly difficult (if possible), state actors may resort to such options due to multiple reasons. They may try to initiate a hidden biological war against another country (countries), in order to cause economic interruptions, socio-political chaos, create power vacuum in a specific area, forcing another actor to leave a region, or just simply to enjoy the economic benefits of selling the vaccine or antidote to victims. Obviously, there will be some serious prosecutions and consequences in the case that some concrete evidence shows any tracks of participation of an actor – whether a sovereign state or even a pharmaceutical company; but in such cases, states usually start to throw allegations at each other anyway.

We are living in a world that any kind of news affect the open markets immediately; the more important the news is, the deeper it affects the markets. In this case – Coronavirus – we witnessed a serious drop in international stock markets –especially oil markets – all over the world, which coincided with Russia’s ambivalence approach regarding the cutting supply decision made by OPEC – and also Saudi Arabia’s reaction to the whole story. Altogether, these factors caused a serious drop in different markets which, in fact, started with the news of Coronavirus outbreak at the first place. Who gets the best use of such scenario? The oil and gas producers are the main victims, obviously; but if one (the alleged perpetrator) knows the whole story before it happens, he would sell at the highest price and buy at the lowest price again – after the price crash, president Trump ordered to stock up the US oil reserves.

Although it seems pretty convincing, but is it really rational? What are the risks and costs? In reality, the pandemic of a dangerous virus – one like Coronavirus – equipped with a two-week latent period, in a high-populated country like China can cause sever problems in almost every corner of the planet; in fact, the bigger economy you have, the deeper your challenge would be. The implications of such outbreak are considerably wide: (1) it causes decrease in oil prices which will result in budget deficits in oil-dependent countries – like Russia, Iran, Saudi Arabia; (2) it interrupts the production process and consequently the sale chains – like China; (3) reduces the tourists travels which will consequently result in budget deficits in tourist-dependent countries – like Turkey and most of EU; (4) it causes sever socio-economic costs, especially for populated countries – like China, US, and Russia.

Altogether, if one state actor decides to initiate a biological war against another state, using a virus agent which has the potential to cause a global pandemic, it should consider the possibility of backfiring the same gun inside its own country in numerous ways. In an interconnected world like the one we are living in, such actions cause gargantuan reactions in different ways, one may not be able to predict all of them. Considering such costs and also the risk of being traced back and accused of committing such horrifying act, the possibility of state-sponsorship in these cases will be considered relatively low (but still possible). It is not like creating a computer virus – like Stuxnet – that may or may not blow back to your face; it is the matter of people’s lives. 

*Mohammad Amin Zabihi, MSc. Regional Studies, Allameh Tabatabaei University


[1] Nowadays it is Feodosia, Ukraine 

[2]Also known as Black Death

Continue Reading

Intelligence

Cybercrime effecting banking sector/economy of Pakistan

Published

on

Cyber-crime is not a conventional offence as its ramifications transcend borders.  It affects a society in different ways. The term “cybercrime” denotes any sort of illegal activity that uses a computer, cell phone or any other electronic device as its primary means of commission. The computer and electronic devices serve as the agents and the facilitator of the crime. Cyber criminals take full advantage of obscurity, secrecy, and interconnectedness provided by the internet and are able to attack the foundations of our modern information society. Breaching of cyber space is an issue of utmost concern for the banks and financial institutions. The menace of data theft is growing in magnitude with huge financial impact. As custodian of highly valuable customer information, banks have always been the favorite target of the cyber-attacks.

Moreover it is estimated that banks are more frequently targeted by the hackers than any other business organization. IT based financial solutions of the banks such as ATMs, mobile banking and internet banking are exposed to various forms of frauds including skimming and phishing etc. Affected banks may also witness decline in their share prices. Banking industry is more susceptible to the breach of cyber security due to its financial lure for the transgressors. In Pakistan, banking is increasing its user base at a brisk pace; the resulting threats are also multiplying. Financial services in Pakistan i.e. credit cards, accounts information and other, can also be acquired for theft or fabrication. During last few years Pakistan faced some serious cyber breaches in the banking sector. In 2018 it lost US $6 million in cyber-attacks as online security measures failed to prevent breach of security in which overseas hackers stole customer’s data.Data from 19,864 debit cards belonging to customers of 22 Pakistani banks has been put on sale on the dark web, according to an analysis conducted in year 2018 by Pakistan’s Computer Emergency Response Team, PakCERT.

However Cyber breaches of January 24 and January 30, 2019 included such data in large quantities pertaining to bank Meezan Bank Ltd. Gemini Advisory; a body that provides guidance with addressing emerging cyber threats stated that the compromised records posted between January 24 and January 30, 2019 is associated with a compromise of Meezan Bank Limited’s internal systems. Cyber security company “Group-IB”on  a February  22,2019  in advisory stated that money mules use the fake cards, to either withdraw money from ATMs or buy goods” that are later resold by fraudsters. Despite efforts of banks to eliminate ATM card fraud, criminals still find ways around security measures to acquire card data at the point of sale.

The impact of a single, successful cyber-attack can have far-reaching implications including financial losses, theft of intellectual property, and loss of consumer confidence and trust. The overall monetary impact of cyber-crime on society and government is estimated to be billions of dollars a year. While, the banks in Pakistan claim that they have insurance policies, they do not seem much interested in securing their system and the public remains highly affected by such attacks. There is growing sense of distrust in the online banking. Several banking organizations fail to provide proper insurance to their customer. That is why people are more comfortable in keeping their money and reserves at home rather than banks. This is one of the major factors that add to country’s severe economic decline.

Pakistan needs to develop its cyber capabilities infrastructure and should invest in the youth to build a cyber security force of young experts. Simultaneously, there is a need to focus on artificial intelligence, block chains and software robots as suggested by Chief Technology Officer Huawei (Middle East and European Union) Jorge Sebastiao in the recent international seminar on Global Strategic Threat and Response (GSTAR). Establishing a stronger cyber infrastructure will provide stronger security guarantees to the IT enabled services especially to the banking systems of Pakistan. This will in turn enhance the economic growth and security. Furthermore, the transnational nature of cyber-crime makes cyber-security a global challenge and, hence, demands collective and collaborative measures at the international level with flawless and strong legal and cyber policy framework.

In this regard, Pakistan’s cyber-law provides for ‘international cooperation.’ It has the membership of the International Multilateral Partnership against Cyber Threats (ITUIMPACT) and participates in Asia Pacific Security Incident Response Coordination Working Group (APSIRC-WG). However, cyber-security does not appear to be a priority on the country’s agenda for international dialogue and agreements.  Pakistan needs to review the Prevention of Electronic Crimes Bill which will contribute mainly to increase the security of banking systems.

Continue Reading

Intelligence

‘Da Cui Yun’ – False Flag Operation

Published

on

“Customs detains Karachi-bound ship in Gujarat: Report”

February 3, 2020, the tragic day of sheer propaganda where India claimed Ship was carrying a dual-use autoclave in it. Indian customs officials detained a ship bearing a flag of Hong Kong and bound for Port Qasim in Karachi. The officials seized the ship as it was carrying an autoclave — a pressure chamber that is used for launching ballistic missiles.

India accused that the autoclave has been certified as a “dual-use” item. India wrongly ascertained that their examination has proved that the item can be utilised for military application. Whereas the authorities from both sides (China and Pakistan) firmly denied any such application of the item this was claimed to be utilised for Ballistic missiles. Pakistan’s Ministry of Foreign Affairs (MOFA) has confirmed that the item or the autoclave was a heat treatment furnace casing system which has numerous industrial applications. MOFA also cleared that the item was correctly declared in the relevant documentation and this item is not listed in any international export control list.

This is not the first time, of course, where in the backdrop of major events that happened in New Delhi where President Trump was expected to arrive in India and Islamabad’s resorts to tackle the FATF issue, India has started highlighting another fake incident where they captured Chinese ship carrying suspected cargo to Pakistan fearing wrong estimates of nuclear proliferation in the region.

Such were the headlines features that occupied the front pages of Indian newspapers and were displayed as news tickers on all Indian news channels. The practice remains to linger till date while the fact remains that the authorities in New Delhi have failed to come out with any hard substantiation regarding the incident. The Indian authorities started to blame Pakistan right off the bat while the Indian Defence Research and Development Organisation (DRDO) still engaged in a battle of how to go ahead with such folly.

New Delhi once again is brewing the anti-Pakistan curry in its witches’ cauldron by persistently accusing Pakistan. The recent News coverage shows that only few Indian sources have started raising the issue of Chinese ship involving it with a larger interest of blaming both partners for Indians own aspired goals.

For maligning Pakistan’s repute in the international arena, India has never ever spared a moment from blaming Pakistan over insubstantial grounds. This can be further understand by analyzing the major past events that happened in India i.e.   From unrest in India to the chaos in Karnataka and the Mumbai attacks etc. Pakistan has been apprehended with unjustifiable accusations for every incident of restlessness in New Delhi. New Delhi not only contends Pakistan but also convinces other major players in the international arena to think the same. In the meanwhile, whenever proof has been claimed from New Delhi, their government has always nose-dived to produce any in front of international statutory bodies.

Unfortunately, truth and logic are what lacks in the Indian investigations. We have observed that 26/11 has been proved a false flag by none but New Delhi’s own Intelligence agencies be fooled themselves. There are various books, interviews and articles that have thoroughly described the sham, that ‘claims’ regarding 26/11 actually are. ‘Who killed Karkare’’ and ‘Betrayal of India- Revisiting the 26/11 Evidence’ by Elias Davidsson are among the notable books published.

Nevertheless, a number of questions arises to one’s mind where important facts are going to be overlooked as similar to the trial of the Mumbai attack i.e. ambiguities in the investigation procedure, no provision of proof beyond reasonable doubt against Pakistan blaming, differences in the witnesses’ confessions, etc. and most importantly this all event questions that before any investigation and without any evidence why India started blaming Pakistan immediately with unfounded accusation of proliferation. Indian version in every case was totally concocted, based on deceit and outright lies.

Lastly, India must refrain from acting so recklessly and irresponsibly to just pick out their biased side of the story and fuel to the already present hatred towards Pakistan.

Rather than tirelessly blaming Pakistan, New Delhi needs to secure her own domestic environment. While there is an urgent need by Pakistani media of countering such fake allegations of India and Indian media with rationale and logic. There is also a need of taking such issue to international forum by Pakistan where India continuously mudslinging Pakistan to harm its sovereignty or international standing. In the end if India appears unable to provide the concrete proofs of such incident then they must be penalized for their every fake accusations.

Continue Reading

Publications

Latest

Central Asia13 mins ago

Russia-China relations: Engagement abilities in managing their differences in Central Asia

Ever since the collapse of the Soviet Union, Moscow and Beijing have converted their relationship from being Cold War rivals...

Tourism2 hours ago

UNWTO Launches a Call for Action for Tourism’s COVID-19 Mitigation and Recovery

The World Tourism Organization (UNWTO) has released a set of recommendations calling for urgent and strong support to help the...

South Asia4 hours ago

COVID-19 in India: The bright and the dark sides

Many fortresses have collapsed and the invisible enemy has entered everywhere. Indians are at the doorsteps of one of the...

Americas6 hours ago

American law firm’s frivolous lawsuit against China targets the wrong defendant

When I first heard the recent news that Florida’s Berman Law Group had the chutzpah to sue China for trillions...

EU Politics9 hours ago

Explainer: EU Emergency Support Instrument for the healthcare sector

What does the Commission propose to support the healthcare sector? The Commission wants to directly support the healthcare systems of...

Economy11 hours ago

Negative effects for Russia of the US-China Phase-One-Deal

After a 1.5-year trade dispute between the United States and China in which both have raised mutual import tariffs from...

New Social Compact13 hours ago

Coronavirus: An Act Of God Or Humans

Corona virus started in Wuhan China and has spread all over the world; almost thousands of people have been killed...

Trending