miércoles, 22 de febrero de 2017

Tuesday, February 21, 2017


Former Director, National Security Agency

"The Cipher Brief is comprehensive, providing in-depth expertise that spans globally relevant issues. In a world that is constantly changing, The Cipher Brief is proactive in identifying the crucial conversations and engaging subject matter experts in the public and private sectors to help drive solutions."

Today's Insight

DIY Defense Tech: More Countries Seek Advanced Homegrown Weaponry | Will Edwards, The Cipher Brief
A domestic defense industry has several benefits. Many countries view a robust defense industry as a source of national pride. Countries such as Israel, Taiwan, or South Korea face existential security threats, and building weapons domestically hedges against isolation from the world arms market in the event of a conflict.

Expert Commentary

India's Defense Industry: Reach Still Outpaces Grasp |
 Vinay Kaushal, Distinguished Fellow, Institute for Defence Studies and Analyses
"The broad goal of [Narendra Modi's] initiative is to encourage Indian companies to participate more in the development and production of platforms and systems in a cost-effective manner that is best suited for specific Indian needs."

South Korean Defense Industry: Time to Take Off the "Training Wheels?" | 
Daniel Yoon, Senior Market Analyst, Avascent Analytics
"The Republic of Korea harbors high ambitions for its defense industrial base. The official rationale, of course, stems from the existential threat provided by its northern neighbor and the real possibility that Pyongyang will develop the ability to launch a miniaturized nuclear warhead on a long-range ballistic missile within the next decade."

Today's Column: Fine Print

The More Said, the More Questions Raised in Flynn Firing | Walter Pincus, The Cipher Brief
White House Chief of Staff Reince Priebus, during three Sunday television interview programs, gave different and sometimes confusing stories about what activities led to President Trump’s firing of his National Security Advisor, Michael Flynn, and what still may be going on about that situation.


***The Cipher Brief is now on iTunes! You can subscribe to our podcasts to get new episodes as soon as they're released. Click here to visit us on iTunes

The Cipher Brief Daily Podcast
Get a daily rundown of the top security stories and previews of the exclusive content available on The Cipher Brief. Listen now - on iTunes or on our website

15 Minutes
This week, The Cipher Brief’s Executive Producer and Reporter Leone Lakhani speaks to Vince Houghton, the curator and historian for The International Spy Museum. With all the intrigue and mystique surrounding the world of spies, the museum attracts hundreds of thousands of visitors each year. But as Vince tells Leone, its main mission is to educate the public about the real-life world of espionage – and how spies have shaped the course of history.
Listen to 15 Minutes with the Spy Museum's Vince Houghton on How Spies Shaped History - or listen on iTunes

The Cipher Brief is hiring.

Are you passionate about providing users with a clean, sophisticated experience? Help us continue to improve The Cipher Brief as we grow and expand.

Featured Job: Web Design Associate
We're looking for an experienced and motivated Web Design Associate to create clean and sophisticated user experiences. The ideal candidate should have an eye for artful design and possess superior user interface design skills.
 Find out more

The Cipher Take

Washington Post: North Korean Officials May Come to U.S. for Talks
The Washington Post reported on Sunday that North Korean officials may come to the United States to meet with former U.S. officials in what is known as a Track 1.5 dialogue. This would be the first such meeting in more than five years, and it could be in indication North Korea perceives it has a new opportunity for dialogue with a new U.S. president in power.

The Cipher Take:
Track 1 dialogues occur between current officials on both sides and can result in binding agreements, while Track 2 dialogues are normally between former officials and/or subject matter experts. Although a Track 1.5 dialogue has current officials from one side, no policy decisions can be made.  However, such a meeting could be a precursor for more substantive talks in the future if it goes well. Trump has mentioned the possibility of negotiations, and Pyongyang has kept the anti-U.S. rhetoric to a minimum. While the conditions could be right for dialogue, the odds of any lasting agreement are very low. In the past, a new administration has been an opportunity for a blank slate in discussions, but in the end it has never gone well. George W. Bush burned his bridges early on when he listed North Korea as one of the nations that was part of the “Axis of Evil.” Barack Obama made the Leap Day Agreement with North Korea in 2012 that was supposed to halt North Korean nuclear and intercontinental ballistic missile (ICBM) tests. North Korea tested an ICBM under the guise of a satellite launch about a month later.

China Bans Coal Imports from North Korea for All of 2017
Beijing’s Ministry of Commerce announced that, as of last Sunday, it will ban all coal imports from North Korea in 2017. The decision aims to put China in compliance with the UN’s November resolution that was a response to North Korea’s fifth nuclear test in September.

The Cipher Take:
It will take some time to tell whether this will have any impact on North Korea’s economy and therefore, its belligerent behavior. The effects will also be tempered if China does not enforce the ban, something that has occurred in the past. That being said, China’s demand for North Korean coal has waned as the country seeks cleaner energy generation, so North Korea’s revenue from coal exports were already declining.  And North Korea has a history of making do under sanctions, and this probably won’t change that fact. What may be more important for long term progress in denuclearizing North Korea is whether China effectively upholds the ban. A tougher stance by China, which has the most extensive dealings with North Korea, could bode well in any future multilateral denuclearization negotiations.

Mattis Visits Iraq as Assault on West Mosul Begins
U.S. Defense Secretary James Mattis made a surprise visit to Baghdad on Monday, just one day after the Iraqi Prime Minister announced the beginning of the battle to liberate western Mosul from ISIS. Mattis met with top Iraqi officials, including Iraq’s defense minister, as well as key U.S. officials. During a press conference, the U.S. defense secretary affirmed American commitment to the effort to defeat ISIS, saying, “I imagine we’ll be in this fight for a while and we’ll stand by each other.” Mattis also attempted to walk back some of President Trump’s more controversial statements and policies, suggesting that the U.S. might include exemptions in the administration’s travel ban for Iraqis who have provided help to American forces. He also confirmed that the U.S. is “not in Iraq to seize anybody’s oil,” despite Trump’s insistence in a speech at the CIA shortly after his inauguration that America “should have kept the oil” after the 2003 invasion of Iraq.

The Cipher Take:
Mattis’ visit and comments are a welcome show of support for the Iraqi government as the battle to retake western Mosul from ISIS begins. The overall campaign in Mosul has already proven bloodier and costlier than Iraqi and U.S. leaders had predicted. Casualties have been severe and Iraqi forces were only able to secure eastern Mosul after bringing up new reinforcements during a tactical pause last December. Unfortunately, the battle for western Mosul, which is densely populated and full of ISIS sympathizers, may be more difficult. President Trump’s comments about seizing Iraqi oil, and the executive order banning travel from seven Muslim-majority countries, including Iraq, have helped neither U.S. officials in Iraq, nor the politically fragile government of Iraqi Prime Minister Haider al Abadi.  Mattis may have offered some measure of reassurance.

Greece and Lenders Agree to Revisit Reforms
Greece and its international creditors – primarily the EU and International Monetary Fund (IMF) – agreed on Monday to allow a group of experts to analyze the Greek economy and formulate a new set of reforms to the pension system, labor market, and income tax regime. The team will be made up of experts from the European Central Bank, European Commission, euro zone bailout fund, and the International Monetary Fund, and will travel to Athens soon, according to the head of the euro zone finance ministers, Jeroen Dijsselbloem.

The Cipher Take:
Greece needs to receive the next tranche of its 86 billion euro bailout fund by the third quarter of this year in order to make its next debt repayments. However, the last mission to Athens fell apart last year over key disagreements between the IMF and major EU creditors. The dispute primarily centers around a recent IMF report, which predicts that Greek debt will grow unsustainably without either deeper reforms or significant debt relief from its creditors. EU bodies have been more optimistic in their forecasts and denied the need for further debt relief. Now, it seems that there has been some compromise between the two sides, which, according to Dijsselbloem, will translate into “a change in the policy mix, moving away from austerity and putting more emphasis on deep reforms.” A departure from austerity, which has crippled the Greek economy, would be welcome news for Athens, but the ruling Syriza party will be loath to extend deep and painful reforms to Greece’s entitlement system. The result of this new expert team’s analysis will be nervously anticipated.

Hackers Attempt False Flag to Divert Attribution to Russia
Researchers at BAE Systems have determined that the hackers behind a cyber campaign targeting 104 organizations—many of them financial institutions—across 31 different countries have intentionally inserted poorly translated Russian words and commands into their malware in an attempt to throw off investigators. The poor translations appear to be based on translation software that at times completely change the meaning by making the comments unintelligible to native Russian speakers.

The Cipher Take:
The campaign seemingly began in October last year with hits at banks in Mexico and Uruguay. Researchers connected breaches around the world to the same campaign, most recently with multiple breaches at banks in Poland earlier this month. The sloppy use of Russian comments within the malware seems to be an attempt at diverting attention to Russian criminal groups known to target banks. Instead, security researchers believe the culprit to be the Lazarus group, which has been active since 2009 and responsible for various attacks on organizations in South Korea and the United States – most notably Sony Pictures in 2014. The Lazarus group has also been linked to the theft of $81 million from the central bank of Bangladesh by breaching the SWIFT network, a global monetary transfer system used by banks. The group is thought to be the North Korean government hacking unit, known as Bureau 121. The country is restricted by economic sanctions, making cybercrime one of its few methods of collecting revenue in support of its nuclear ambitions.

Israeli Military Personnel Targeted with Android Trojan
Security researchers have determined that hackers have infiltrated the Android phones of over 100 Israeli military personnel to monitor their activities by exfilitrating data directly from the compromised devices. Those targeted were compromised by social engineering techniques, such as luring soldiers into conversation through communication platforms like Facebook Messenger with the hackers who pose as attractive women from a variety of countries, including Canada, Germany, and Switzerland. The soldiers were then tricked into installing malicious, yet seemingly legitimate Android chat apps, SR Chat and YeeCall Pro, for further communication, whereby the hackers then remotely updated the apps with a Trojan called ViperRAT capable of receiving commands from an external server and exfiltrating call logs, geolocations, photos, audio, contacts, messages, metadata, internet browsing, and emails. Notably, the photos exfiltrated from the phone cameras were using highly sophisticated cryptographic protocols.

The Cipher Take:
Using targeted spear-phishing attacks to compromise the mobile devices of Israeli soldiers suggests the perpetrators are engaging in cyber espionage on behalf of a nation-state. While the Israeli military has insinuated Hamas is behind the breaches, security researchers argue the sophistication of the ViperRAT Trojan and the encryption used to exfiltrate images – likely so that if discovered, the Israeli military would not know what the hackers were interested in nor what assets had been compromised – strongly indicates a more capable state. Mobile phones in the hands of soldiers have long been an operational security hazard – at the least because they maintain telling social media accounts, at worst because they become unwitting insider threats to military operations. The easiest way to avoid a breach by the ViperRAT is to never download applications from an untrusted, third-party source.

Pakistan Air Strikes Target Militants
Air strikes launched by the Pakistani government in the Federally Administered Tribal Areas along the Pakistan-Afghan border on Monday killed dozens of militants, including four wanted militants belonging to a faction of the Pakistani Taliban known as Tehrik-e-Taliban (TTP).  Pakistani planes specifically targeted several insurgent hideouts in both North and South Waziristan. Over the weekend, the Pakistani army also conducted operations at suspected terrorist camps in Afghanistan, after providing the Afghan government with the names of 76 alleged Pakistani terrorists believed to be hiding in Afghanistan.

The Cipher Take:
Pakistan has ramped up its counterterrorism efforts after numerous attacks carried out by factions of TTP as well as ISIS last week killed more than 100 people, including 88 people at a well known Sufi shrine. Pakistan’s operations in Afghanistan may also signal a shift in the policies of the two countries and indicate that they are working more closely to eliminate terrorist threats. Not only did the Pakistanis hand over a list of suspected terrorists in Afghanistan, the Afghan ambassador to Pakistan also provided Pakistan with a list of 85 suspected terrorist leaders believed to be in Pakistan, as well as the locations of 32 centers and camps it hopes Pakistan can destroy.

Upcoming Cipher Brief Events

National Interests vs. International Provocations: China Pushes the Line in East Asia | Tuesday, February 28
Our February Georgetown Salon Series event will focus on the global implications of China's island-building campaign in the South China Sea. Leading the discussion with be Admiral Jon Greenert, former Chief of Naval Operations for the U.S. Navy; Timothy Heath, Senior International Defense Research Analyst at RAND Corporation; and Greg Poling, Director of the Asia Maritime Transparency Initiative at CSIS. The discussion will be moderated by The Cipher Brief's CEO & Publisher, Suzanne Kelly.

Copyright © 2017 The Ciphe
Our mailing address is:
The Cipher
3128 M Street NW
Washington, DC 20007

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list