Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for January 19th, 2010

Private Sector Keeps Mum on Cyber Attacks

leave a comment »

The biggest surprise to computer-security experts isn’t that Google Inc. was targeted by attackers from China. It’s that the Internet giant chose to disclose the incident. Despite repeated efforts by the U.S. government to get the private sector to share information about threats, many companies have long kept such incidents confidential.

“There’s a culture of secrecy around any bad news, and data breaches are always bad news,” said Larry Ponemon, a security and privacy consultant with the Ponemon Institute. “Organizations don’t like to reveal it.”

The reticence can apply both to public disclosure of attacks as well as information-sharing among companies and government agencies—exchanges that can help organizations prevent future break-ins

Source: WJS

This is dead on. Though, I think that Google had no choice but to disclose this because so many other entities including defense group contractors got popped too. Google actually may have been the vector that the attacks came from in the first place. After Aurora popped Google, it is likely that the Gmail acconunts that were hacked were also potentially used to send the emails. Or, perhaps Googles SMTP/POP3/IMAP systems were captured. I have not heard much though as yet.

I hardly think though, that Google decided to just come clean. Maybe also it was the whole idea that they were going to have to throw down on China and pull out over this and the whole filtering of their search capacity inside the great firewall…

In any case, all too many places do not report because of the FUD factor that will ensue after they fess up. Just how much reputational loss can they have post hack? Ask TJX.. Better yet ask Card Systems.

CoB

Written by Krypt3ia

2010/01/19 at 23:39

Posted in Uncategorized

Yemen: Whittling Away at AQAP

leave a comment »

January 15, 2010 5:40:47 PM

On Jan. 15, unnamed officials from Yemen’s Ministry of Defense, citing security forces, announced the death of six high-ranking members of al Qaeda in the Arabian Peninsula (AQAP) after an airstrike in the northern region of Alajasher. Among the dead, according to the report, was AQAP military commander Qasim al-Raymi. If true, al-Raymi’s death would be a major blow to the al Qaeda node in Yemen, though there is little evidence to suggest that the group will not continue to be a significant domestic and regional threat.

The Defense Ministry’s announcement, which appeared on its official Web site, said the missile strike was carried out Jan. 15 by the Yemeni air force on a two-car convoy in the Alajasher region, which is located in the eastern province of Saada. Al-Raymi was said to have been the primary target of the strike. The five others reportedly killed included high-level AQAP operatives Ammar Ubadah Al-Waeli, Ayeth Jaber Al-Shabwani and Saleh Al-Tayes. Two al Qaeda operatives managed to escape and currently are being hunted by Yemeni counterterrorism units.

If al-Raymi (aka Abu Hurayrah al-San’ani) has, in fact, been killed, his death would be a significant victory in the joint U.S.-Yemeni operations that are intensifying against the al Qaeda node. Al-Raymi, who has been involved with al Qaeda in Yemen for some time, formerly worked directly under the node’s current top leader, Nasir al-Wahayshi. Al-Raymi has been linked to attempted attacks on foreign embassies in Sanaa and was part of a 10-man team responsible for a vehicle-borne improvised explosive attack in the eastern province of Marib that killed eight Spanish tourists in July 2007.

He also was one of 23 escapees from a Sanaa prison in February 2006 and, in June 2007, appeared in a video on an Islamist Web site announcing that al-Wahayshi, a fellow escapee, was the newly appointed head of al Qaeda in Yemen. Al-Raymi subsequently appeared in a January 2009 video posted on Islamist Web sites, alongside al-Wahayshi and deputy Said al-Shihri, announcing the formation of the AQAP node.

The Jan. 15 airstrike in Alajasher bears a striking resemblance to a CIA predator drone strike on former al Qaeda in Yemen leader Abu Ali al-Harithi and five confederates in November 2002 in the eastern province of Marib. Though Sanaa is claiming direct responsibility for the strike, there are indications that this may not be true. Yemen’s air force is not exactly known for its ability to carry out precision airstrikes, which require quick intelligence gathering and an instant response. If the United States carried out the strike, Yemen would most likely deny any American involvement to prevent the sort of domestic backlash that resulted from the 2002 strike in Marib.

It looks as though the overflights with predators that I predicted has begun in earnest. Given the INTEL lately from Omar as well as other sources, it seems that AQAP is planning another “similar” attack.. Or are they? Perhaps that HUMINT/SIGINT is just diversionary? A feint to the left and strike from the right perhaps. Who’s to say.

This was their second attempt on Qasim Al-Raimy and they finally got a bead on him. It also seems that in the one strike they took out several tango’s that they had wanted to eliminate.

In any event, it would seem that the US has been working on the Yemeni government with the carrot and stick, to allow for predator strikes. I think though, that this will require boots on the ground. If not by specops sent there then a regular deployment to augment the Yemeni’s forces.

The Jihadist sites are all over this event with old vids of Qasim as well as some photos of the aftermath.

Should be interesting to watch what happens next. I predict more predator and global hawn missions.

CoB

Written by Krypt3ia

2010/01/19 at 12:07

Posted in .mil, GWOT, HUMINT, INTEL, jihad, Qaeda, Shahid

Tagged with

Intelligence Guidance for the Week Of Jan 17 2010

leave a comment »



Intelligence Guidance for the Week Of Jan 17 2010

January 18, 2010 7:01:33 AM


Editor’s Note: The following is an internal STRATFOR document produced to provide high-level guidance to our analysts. This document is not a forecast, but rather a series of guidelines for understanding and evaluating events, as well as suggestions on areas for focus.

1. U.S.: The P-5+1 talks took place this weekend. China did not even send a senior diplomat. The Russians made the standard noises about Iran needing to comply, but stated that the time for diplomacy was not yet over. It was more of the same. According to the Israelis, they expect progress by February. That is pretty soon and there will not be progress. We need to be looking what comes next. U.S. President Barack Obama seems to want to postpone dealing with the Iran nuclear program issue, and the Europeans are, of course, happy about that. Obama’s view is that there is the possibility of regime change because of the demonstrations. From our point of view, the only thing the demonstrations showed was how efficient Iran’s security services were, but Obama can use his view to justify delay. So the only significant player in this game is Israel and the threat that they will go it alone. That is not likely, but it is getting close to the time when senior Israeli delegations in the intelligence and security area start arriving in Washington.

The likelihood that POTUS will want to postpone the Iran “come to Jesus” Oops, bad phrase there huh? is pretty high with everything else that is going on lately with the Haiti thing  etc as diversions. The idea that the president thinks that the uprising in Iran will cause anything other than more deaths of protesters, if true, would be sheer flight of fancy.

The Iranian president is only the front man for the actual power there. That power sits in the ultra right Ayatollah and his boys. So, no, there will be no change there. The Iranians will continue on whacking their detractors like the recent Phd that they killed for dual purposes of inciting fear and generating propaganda against the US, aka the “Great Shaitan”

All the while, the Iranian government will be continuing their stepped up efforts in refining more uranium and developing a deployment package for use against Israel. Which of course gives great reason to Israel to deploy any means from Mossad to air strikes on sites to stop or at least slow them down.

I am not of a view that the Israelis will sit on their hands given recent data out of an MI6 asset… Guess it’s wait and see really.

2. Ukraine: Ukraine held elections; the Orange Revolution has now officially failed. The leader of the revolution, current President Viktor Yushchenko, placed far down in the pack and the two leaders in the runoff are pro-Russian. The Russian response will be publicly subdued, but Russian Prime Minister Vladimir Putin and President Dmitri Medvedev must be drinking toasts. We need to try to catch public statements by non-senior officials to capture the mood in Moscow. The only question is how quickly and aggressively Moscow moves after the February elections. We also need to capture the apparatus’ mood.

Ahh the Baltic. Well here we go. I have said it before and I will say it again here. Putin is all about consolidation. I kind of liken him to Victor Tretiak in “The Saint”, ya know, that whole number about getting the power back in Russia. Putin is even to have remarked about a nostalgia for the old Soviet Russia not too long ago.

This time around the KGB didn’t try to poison Yuschenko. They really didn’t have to this time round because he was stunningly bad as a leader. So, with a little muscle and fear, as well as apathy, the election went the way that Moscow wanted. So, as the report says, I assume Putin is drinking it up.

I expect though, that the Russian state and Putin will “quietly” take control. This seems to be a lesson Putin has learned from his KGB days. At least he has a little panache about it, unlike so many of his forebears from the service. Putin is, “politik and kulturni” at the very least.

Keep an eye out on the Baltics. Say maybe Chechnya? See, Putin learned from that one…

4. China: Google’s faceoff with China on censorship brings attention to something we have been talking about. If you want to measure the state of the Chinese economy, look at the aggressiveness of its security posture, not its spreadsheets. The Chinese government is extraordinarily uneasy about its public, which is inconsistent with the rosy picture their economic statistics paint. Google — squeezed harder and harder to be a tool for screening bad news out of China — finally put its brand ahead of the Chinese market, which tells us something about the company’s integrity as well as its read of the market. Since Google has cooperated on security for a long time, the situation must have deteriorated quite a bit. It would be interesting to pick up the RUMINT in the Google cafeteria on what the straw was that broke the camel’s back. Censorship was nothing new.

Umm, I have a bone to pick with this part of the analysis. Not one mention of the whole “Operation Aurora” here. In fact, this reminds me that I think Stratfor needs to add a “cybersec” area to their reporting as a whole. This part of the report just does not cover the goings on with regard to Google and China.

The series of events surrounding this flap are not just about Google’s not wanting to censor things. This flap is also about China’s use of cyber operations to steal code, gather intelligence, and to generally keep the precepts of Tzun Tzu alive. This event is about much more than the “Great Firewall”

Of note is the fact that while this cyber attack was ongoing, Google was also compromised in their Gmail product. The email addresses that were hacked were of dissidents and reporters. A real boon to the Chinese activities against the likes fo Falun Gong and anyone else who does not fit into the master plan.

Of course Google may have been more receptive to being more like Yahoo even with the bad press if the Chinese had not hit them and Google not caught on. In response Google hacked the hackers and to their surprise realised just how hacked their systems were and the damage that was done.

Meanwhile, Operation Aurora was more than just an attack on Google. It was on at least 30 entities including the Chinese favorite of defense contractors. IP and code have been stolen from all of these places in varying degrees. This is what they are really all about where the economy and their stand in the world comes. Their approach of “A Thousand Grains of Sand” will in fact win out if the US does not get its shit together with regard to information security and technical information security.

I would also like to add as a final thought on this one, that these measures are not solely about economic power. They are also honing their skills for that day when they want to shut down the power grid, knock out our economic engine, and halt the military from action… IF they need to. Again I say, we are in deep shit if the US does not get its cyber act together… And yet, we still have to hear word one from our new “Cyber Tsar”

I don’t hold out much hope..

5. Venezuela: All sorts of things are happening in Venezuela, including devaluation, the opening of a jungle warfare school and scheduled electrical blackouts. We have always viewed Venezuelan President Hugo Chavez as a skillful politician able to ride the tiger. But no matter how well he can ride the tiger, Venezuela is beginning to look like a low-class Bulgaria from 1970. At some point Chavez is going to run out of velvet and his apparatus will break under him. We are not saying this is the time, but the things that are happening are getting pretty bad. We need to start keeping an eye out for resistance to the regime.

Hugo, oh Hugo… I remember those heady days in the 80’s when the US was messing about in South America almost openly. Now, we have a boomerang kind of scenario with the fallout from the 80’s. Now of course Hugo has oil so perhaps we will be making a play for him and the country yet huh? Perhaps not with the present admin.. But.. Maybe the next. We shall see huh?

In the meantime, Hugo will cozy up further with Putin and continue to run the show down there. I agree though, its looking worse and worse down there as infrastructure and quality of life deteriorate.

Overall, interesting report.

Written by Krypt3ia

2010/01/19 at 01:06