April 22, 2019

Was Hemant Karkare a brutal, inhuman torture machine?

Was Hemant Karkare a brutal, inhuman torture machine? Did he act illegally to prove the theory of Saffron Terrorism? Was he a puppet of congress party’s political leaders? Did he arrest and inhumanly tortured innocent citizens to falsely implicate them in the theory of Saffron Terrorism?

Sadhvi Pragya’s statements on this has created political storm. People who suffered because of Saffron Terrorism and people who suffered because of 26/11 have divergent views.

But what is the fact?

I am putting lot of information in front of you to decide. This analysis does not show any political inclination or any religious bias. You read it and you decide.

I have done more than three years of research on 26/11 and I collected lot of information from various sources. I am writing a blog “Failed Journey of Saffron Terrorism” and the following details are from the same blog.

Home Ministry Under Secretary Mr. Mani in his book - Hindu Terrorism.

Home Ministry Under Secretary Mr. Mani has written in his book “Hindu Terrorism”. He has said, one day in 2006 he got a call from the home minister’s office asking him to come to see Home Minister immediately. Since all his seniors were out of office and he was the senior most officer, he went to the Minister, Mr. Shivraj Patil’s chember, who was home Minister. There were two more people in the chamber before Mr. Mani went. One was Madhya Pradesh chief minister Mr. Digvijay Singh and second was a new face to Mr. Mani. Digvijay Singh introduced the second person as Mr. Hemant Karkare, IPS officer from Maharashtra cadre. Mr. Mani was wondering what a Maharashtra cadre IPS officer Karkare doing here with M.P. chief minister? What is the connection?

Slowly these two started discussion about Saffron Terrorism, a term totally unheard by Mr. Mani earlier. They were talking about a fire and a small blast in the industrial area in Nanded. Apparently, a small scale manufacturing unit had caught fire and there was a small blast of some industrial gas cylinder. Local police had arrested the owner of the unit, named Mr. Kulkarni. The local police had a suspicion that Kulkarni deliberately set the fire to claim insurance. Mr. Mani could not give any inputs on this case because Home Ministry had never heard of this incidence. 

But Digvijay Singh and Karkare were discussing the possibility of converting this fire and the blast as a act of some sort of Saffron Terrorism. At that time, Mani had no idea what “Saffron Terrorism” was. With the conversation going on between Karkare and Digvijay Singh, Mr. Mani understood that Hemant Karkare did try to arrest Kulkarni for Saffron Terrorism but could not find enough evidence to prove the charges against Mr. Kulkarni and they had to let him go. Basically Karkare was trying to “FIND” evidence to make arrests for Saffron Terrorism.

While all this was going on, home minister Shivraj Patil was sitting in a different area in his office. Being a Home Minister, he was not part of this discussions.

Meaning, UPA government was trying to create a false case on Saffron Terrorism.

No congress party leader has refuted these observations so far. This means, Karkare was indeed colluding with congress leaders to create false charges.

Now let’s check other aspects.

Let’s look into Lt. Colonel Purohit’s arrest

Lt. Colonel Purohit was the active army officer at the time of arrest. He was not a regular infantry Colonel but was working in highly sensitive department of Military Intelligence, or popularly known as M.I. The purpose of MI is to gather intelligence within the country and outside the country about the different threat perceptions and neutralize them. It is a very secretive department where only select few are inducted after thorough invasive background check.

Officers working under this department often have to go deep undercover in the terrorist organization to gather intelligence. This is a very risky job because any small mistake can blow up their cover and they get killed. The undercover officers cannot always choose the “Right” way because in their world, everything is in the shades of gray. Hence sometimes they may have to cross the lines to earn the trust from the bad people. But they do it for the country.

Their undercover job is so bad that their family never knows where they are, what is their new identity, what is the phone number to call and what is the email to connect. They have no contact with their family for months!!! Family gets the updates from the military only.

Arresting such a decorated and trusted military officer under the changes of terrorism was unbelievable. Arresting a military officer by the civilian authorities is not simple. The local police have to follow the protocols, which are as follows. If the arrest is made outside the military camp then police have to inform military within stipulated time. If the person of interest is inside the military camp then police have to inform military establishment, give all the details of the case and then Military Police (MP) handover the suspect to the civilian police. In each case military would conduct its own internal investigation. But in colonel Purohit’s case, he was detained w/o any warrant (abducted) by Maharashtra ATS headed by Hemant Karkare and military was informed about his arrest after couple of days. 

Colonel Purohit was illegally arrested as follows.

While Colonel Purohit was attending a training course at Panchamarhi, MP, his superior Colonel R. K. Shrivastava issued the travel order for him to go to Delhi on 29th October 2008. Colonel R. K. Shrivastava accompanied him to the Bhopal Airport. But before reaching Bhopal airport, Colonel Shrivastava took away cell phone from Colonel Purohit and did not give him air tickets. It was Colonel Shrivastava who did the check in at the airport. After check in, Colonel Shrivasta told Colonel Purohit that they were going to Mumbai and not to Delhi. After hearing this, Colonel Purohit asked for the cell phone to inform his wife but Colonel Shrivastava threatened him for using cell phone. As per the military practice, if the travel plan is changed then a new travel order has to be issued. In this case, the earlier order was to reach Delhi but it was changed to Mumbai, and as such, a new order should have been issued but his official travel order was not changed! If it was official business then why so much secrecy?

After reaching Mumbai airport late in the evening, Colonel Purohit was pushed into a private vehicle and was driven to a bungalow in Khandala. Hemant Karkare and his ATS team was waiting there. Hemant Karkare, Colonel Shrivastav, ATS deputy chief Parambir Singh (IPS) and his staff tortured Colonel Purohit beyond third degree and in a very inhuman way for a week. He broke several bones and ruptured several tissues. Finally on 8th November 2008, Maharashtra ATS formally announced arrest of Colonel Purohit.

Please watch the video of Colonel Purohit’s wife narrating how her husband was tortured by the ATS team led by Hemant Karkare.
https://www.youtube.com/watch?v=TMmUa5twaUE

In 2013 Colonel Purohit himself wrote a letter to the Human Rights Commision about the illegal detention and torture and copy of this letter was sent to then Prime Minister Manmohan Singh Please see this news clip.
https://www.youtube.com/watch?v=sdx8GMTJApI

Please read the ACTUAL HANDWRITTEN LETTER written by Colonel Purohit to the Human Rights Commission.
Warning - This letter has very graphic and disturbing description of the torture hence read it only if you feel comfortable.
https://www.pgurus.com/shocking-letter-by-colonel-purohit-to-human-rights-commission-exposes-how-he-was-tortured-for-admitting-crimes/

No one from NHRC or PMO cared to investigate the charges leveled by Lt. colonel Purohit. Why????

Otherwise very active NHRC chose to keep quite. 

Please note, in his letter Colonel Purohit says, at one point of time, his boss Colonel R. K. Shrivastava and Hemant Karkare talked about parading his mother, wife and daughter naked in front of everyone. They also talked about bombing his house to kill his entire family. This was of course done to terrorize Colonel Purohit so as to get his confession but this shows how low Colonel R. K. Shrivastava and Hemant karkare had scooped! Really shameful.

It did not end just with illegal arrest and torture. Karkare raided Lt. Col. Purohit’s house and announced, he recovered RDX from his house in Pune.

Karkare claimed that Lt. Col. Purohit stole the RDX from the military stock.

Now realize the situation here with your common sense. Lt. Col. Purohit is a highly trained military officer who knows about explosive. Would he keep a highly explosive material like RDX at his home where his family lives? Will he risk his neighbors and community, which is mainly Hindu? And he was arrested for supporting Saffron Terrorism?

Army refuted the charges of steeling of RDX from its stock saying Indian military does not use RDX hence they don’t carry any stock.

Then Hemant Karkare changed his story and said, this RDX was seized in a raid conducted by Lt. Col. Purohit in Kashmir and he stole some quantity from this lot. The same was used in the bombing of Samjhauta express, Malegaon bombing and rest was seized from his house in Pune.

Military again said, that raid in Kashmir was a joint operation and many military officers, local police officers were in that raid. It was not just Lt. Col. Purohit that was present and every gram of seized RDX is accounted for and there is no missing quantity. 

What does this show? Was Karkare fabricating the evidence to implicate Lt. Col Purohit?

If this is true then it is completely deplorable. Treating an army officer in this way is disheartening. It is a shame and disgrace to the police uniform.

Karkare is dead but Prarambir Singh and Col. R. K. Shrivastav are still alive. They must be arrested based on Col. Purohit’s charges of torture and must be investigated. 

Please note, Sadhvi Pragya too has leveled similar charges of torture against Karkare.

Now following are my views.

If multiple people level charges on Karkare about of false cases, illegal arrests, collecting illegal evidences and brutal torture charges then it must be investigated.

If these charges are found correct then his Ashok Chakra medal, his status of heroic death, his pension and all his medals must be stripped posthumously.

Similar punishment must be given to all the other police officers who were involved in the torture.

Col. R. K. Shrivastav should also be court marshaled and punished.

No one is above the law and no one should be treated softly because they died in action or they are rich and powerful.

Kishor Katti.

Indira Gandhi offered to share Nuke technology with Pakistan


NEW DELHI: They are hostile neighbourswidely seen by many as competing to have a bigger nuclear arsenal. However, after its first nuclear test in 1974, India offered to share nuclear technology with Pakistan. In her statement to Indian Parliament after the tests on July 22, Prime Minister Indira Gandhi said she had told her Pakistani counterpart, Zulfiqar Ali Bhutto , that New Delhi would be ready to share the relevant technology with Islamabad.
Quoting her statement the US embassy reported, as revealed by Wikileaks, “I have explained in my letter to Prime Minister Bhutto the peaceful nature and the economic purposes of this experiment and have also stated that India is willing to share her nuclear technology with Pakistan in the same way she is willing to share it with other countries, provided proper conditions for understanding and trust are created. I once again repeat this assurance.”
The offer was extraordinary in its audacity, but equally in its foresight. The Indian offer came as Bhutto termed as insufficient Gandhi’s assurance that tests were not meant to harm Pakistan. In his response to Gandhi, Bhutto said, many past assurances from India "regrettably remain unhonored". Testing of nuclear device is no different from detonation of a nuclear weapon, he wrote.
Pakistan tested a nuclear weapon for the first time in May, 1998 — a fortnight after India conducted its second nuclear test.
But Gandhi’s offer to share nuclear technology with Pakistan was not the move of a potential nuclear proliferator. Instead, it showed the confidence of a leader who probably believed that India, after the test, could seamlessly become part of the international nuclear system, where New Delhi could become a legitimate nuclear supplier. Gandhi’s confidence, as it turned out, was misplaced. India was immediately placed under a tough technology denial regime. In fact, the Nuclear Suppliers Group (NSG) was created as a result of the 1974 test precisely to keep countries like India beyond the pale. It took a hard-fought nuclear deal with the US to open that door for India in 2008.
But on July 22, 1974, Gandhi was looking ahead, and wanted to ensure that the craters formed by nuclear explosions could be used for strategic storage of oil and gas or even shale oil extraction. In her statement to Parliament, she seemed bemused by the international reaction to the first Pokharan test. “It was emphasized that activities in the field of peaceful nuclear explosion are essentially research and development programmes. Against this background, the government of India fails to understand why India is being criticized on the ground that the technology necessary for the peaceful nuclear explosion is no different from that necessary for weapons programme. No technology is evil in itself: it is the use that nations make of technology which determines its character. India does not accept the principle of apartheid in any matter and technology is no exception.”
Referring to Bhutto’s letter, she scoffed at his suggestion that there was radioactivity leakage as a result of the test. “This was impossible as there was no venting of radioactivity to the atmosphere and no formation of a radioactive cloud. Moreover, the wind was blowing in the opposite direction as it normally does at this time of the year and even in theory, any hypothetical radioactivity could never have gone to Pakistan. The wind pattern on May 18, 1974 was from, repeat from, the south-west.”
However, Gandhi remained ambiguous about weaponization of India’s nuclear capability. In an interview to CBC, Canada, she had ducked the question. “If our scientists have the basic know-how, without which they couldn't have done this, then any government could have directed them to make a bomb if they had so desired,” she had explained.

Due to few Terrorist organisations you cannot blame the entire Islam.

Due to few Terrorist organisations you cannot blame the entire Islam.
Below is a list of a FEW TERRORIST ORGANIZATIONS

1.Al-Shabab (Africa),
2.Al Murabitun (Africa),
3.Al-Qeada (Afghanistan),
4.Al-Qaeda (Islamic Maghreb),
5.Al-Qaeda (Indian Subcontinent),
6.Al-Qaeda (Arabian Peninsula),
7.Hamas (Palestine),
8.Palestinian Islamic Jihad (Palestine),
9.Popular Front for the Liberation of (Palestine),
10.Hezbola (Lebanon),
11.Ansar al-Sharia-Benghazi (Lebanon),
12.Asbat Al-Ansar (Lebanon),
13.ISIS (Iraq),
14.ISIS (Syria),
15.ISIS (Cauacus)
16.ISIS (Libya)
17.ISIS (Yemen)
18.ISIS (Algeria),
19.ISIS (Philippines)
20.Jund al-Sham (Afganistan),
21.Al-Mourabitoun (Lebanon),
22.Abdullah Azzam Brigades (Lebanon),
23.Al-Itihaad al-Islamiya (Somalia),
24.Al-Haramain Foundation (Saudi Arabia),
25.Ansar-Al-Sharia (Moroccon),
26.Moroccon Mudjadine (Morocco),
27.Salafia Jihadia (Morocco),
28.Boko Haram (Afrika),
29.Islamic movement of (Uzbekistan),
30.Islamic Jihad Union (Uzbekistan),
31.Islamic Jihad Union (Germany),
32.DRW True-Religion (Germany)
33.Fajar Nusantara Movement (Germany)
34.DIK Hildesheim (Germany)
35.Jaish-e-Mohammed (Kashmir),
36.Jaish al-Muhajireen wal-Ansar (Syria),
37.Popular Front for the Liberation of Palestine (Syria),
38.Jamaat al Dawa al Quran (Afghanistan),
39.Jundallah (Iran)
40.Quds Force (Iran)
41.Kata'ib Hezbollah (Iraq),
42.Al-Itihaad al-Islamiya (Somalia),
43.Egyptian Islamic Jihad (Egypt),
44.Jund al-Sham (Jordan)
45.Fajar Nusantara Movement (Australia)
46.Society of the Revival of Islamic 47.Heritage (Terror funding, WorldWide offices)
48.Taliban (Afghanistan),
49.Taliban (Pakistan),
50.Tehrik-i-Taliban (Pakistan),
51.Army of Islam (Syria),
52.Islamic Movement (Israel)
53.Ansar Al Sharia (Tunisia),
54.Mujahideen Shura Council in the Environs of (Jerusalem),
55.Libyan Islamic Fighting Group (Libya),
Movement for Oneness and Jihad in (West Africa),
56.Palestinian Islamic Jihad (Palestine)
57.Tevhid-Selam (Al-Quds Army)
58.Moroccan Islamic Combatant Group (Morroco),
59.Caucasus Emirate (Russia),
60.Dukhtaran-e-Millat Feminist Islamists (India),
61.Indian Mujahideen (India),
62.Jamaat-ul-Mujahideen (India)
63.Ansar al-Islam (India)
64.Students Islamic Movement of (India),
65.Harakat Mujahideen (India),
66.Hizbul Mujhaideen(India)
67.Lashkar e Islam(India)
68.Jund al-Khilafah (Algeria),
69.Turkistan Islamic Party,
70.Egyptian Islamic Jihad (Egypt),
71.Great Eastern Islamic Raiders' Front (Turkey),
72.Harkat-ul-Jihad al-Islami (Pakistan),
73.Tehreek-e-Nafaz-e-Shariat-e-Mohammadi (Pakistan),
74.Lashkar e Toyiba(Pakistan)
75.Lashkar e Jhangvi(Pakistan)
Ahle Sunnat Wal Jamaat (Pakistan),
76.Jamaat ul-Ahrar (Pakistan),
77.Harkat-ul-Mujahideen (Pakistan),
78.Jamaat Ul-Furquan (Pakistan),
79.Harkat-ul-Mujahideen (Syria),
80.Ansar al-Din Front (Syria),
81.Jabhat Fateh al-Sham (Syria),
82.Jamaah Anshorut Daulah (Syria),
83.Nour al-Din al-Zenki Movement (Syria),
84.Liwa al-Haqq (Syria),
85.Al-Tawhid Brigade (Syria),
86.Jund al-Aqsa (Syria),
87.Al-Tawhid Brigade (Syria),
88.Yarmouk Martyrs Brigade (Syria),
89.Khalid ibn al-Walid Army (Syria),
90.Hezb-e Islami Gulbuddin (Afganistan),
91.Jamaat-ul-Ahrar (Afganistan)
92.Hizb ut-Tahrir (Worldwide Caliphate),
93.Hizbul Mujahideen (Kasmir),
94.Ansar Allah (Yemen),
95.Holy Land Foundation for Relief and Development (USA),
96.Jamaat Mujahideen (India),
97.Jamaah Ansharut Tauhid (Indonesia),
98.Hizbut Tahrir (Indonesia),
99.Fajar Nusantara Movement (Indonesia),
100.Jemaah Islamiyah (Indonesia),
101.Jemaah Islamiyah (Philippines),
102.Jemaah Islamiyah (Singapore),
103.Jemaah Islamiyah (Thailand),
104.Jemaah Islamiyah (Malaysia),
105.Ansar Dine (Africa),
106.Osbat al-Ansar (Palestine),
107.Hizb ut-Tahrir (Group connecting 108.Islamic Caliphates across the world into one world Islamic Caliphate)
109.Army of the Men of the Naqshbandi Order (Iraq)
110.Al Nusra Front (Syria),
111.Al-Badr (Pakistan),
an),
112.Islam4UK (UK),
113.Al Ghurabaa (UK),
114.Call to Submission (UK),
115.Islamic Path (UK),
116.London School of Sharia (UK),
117.Muslims Against Crusades (UK),
118.Need4Khilafah (UK),
119.The Shariah Project (UK),
120.The Islamic Dawah Association (UK),
121.The Saviour Sect (UK),
123.Jamaat Ul-Furquan (UK),
124.Minbar Ansar Deen (UK),
125.Al-Muhajiroun (UK) (Lee Rigby, London 2017 members),
126.Islamic Council of Britain (UK) (Not to be confused with Offical Muslim Council of Britain),
127.Ahlus Sunnah wal Jamaah (UK),
128.Al-Gama'a (Egypt),
129.Al-Islamiyya (Egypt),
130.Armed Islamic men of (Algeria),
131Salafist Group for Call and Combat (Algeria),
132.Ansaru (Algeria),
133.Ansar-Al-Sharia (Libya),
134.Al Ittihad Al Islamia (Somalia),
135.Ansar al-Sharia (Tunisia),
136.Al-Shabab (Africa),
137.al-Aqsa Foundation (Germany)
138.al-Aqsa Martyrs' Brigades (Palestine),
139.Abu Sayyaf (Philippines),
140.Aden-Abyan Islamic Army (Yemen),
141.Ajnad Misr (Egypt),
142Abu Nidal Organization (Palestine),
143.Jamaah Ansharut Tauhid (Indonesia)

Still some people try to destroy the image of Islam by calling it a major role player into world terrorism.

GCSC Cyberstability Update,19 April 2019



Your weekly news updates on the GCSC, its members, and relevant developments in the field of international cyber affairs. For more information about the GCSC, please visitwww.cyberstability.org.

INTERNATIONAL CYBER AFFAIRS:

DNS Hijacking Abuses Trust In Core Internet Service

This article by Danny Adamitis, David Maynor, Warren Mercer, Matthew Olney and Paul Rascagneres was published in Talos Blog, 17 April 2019.
 
This blog post discusses the technical details of a state-sponsored attack manipulating DNS systems. While this incident is limited to targeting primarily national security organizations in the Middle East and North Africa, and we do not want to overstate the consequences of this specific campaign, we are concerned that the success of this operation will lead to actors more broadly attacking the global DNS system. DNS is a foundational technology supporting the Internet. Manipulating that system has the potential to undermine the trust users have on the internet. That trust and the stability of the DNS system as a whole drives the global economy. Responsible nations should avoid targeting this system, work together to establish an accepted global norm that this system and the organizations that control it are off-limits, and cooperate in pursuing those actors who act irresponsibly by targeting this system.

 

Read More

Cybersecurity Culture Guidelines: Behavioural Aspects of Cybersecurity

 

This report was published by ENISA, 16 April 2019
 
There is a growing recognition that technical cyber security measures do not exist in a vacuum, and need to operate in harmony with people. This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity. It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity: two based on the use (and effectiveness) of models from social science; one on qualitative studies; and one on current practise within organisations.

 

Read More

Cyber hygiene is at an all-time low

 

This article by Ian Barker was published in Beta News, 15 April 2019
 
Well-known attacks and attack vectors remained successful because security personnel did not address vulnerabilities and apply patches according to a new report from cybersecurity and visibility business Ixia. IT vendors created code or configurations that led to many successful security breaches in 2018, but IT operations and security personnel shared the blame due to ignorance of the latest patches and challenges in deploying patches in a timely manner. In addition Ixia observed more new devices joining networks than ever before, but also more devices designed and deployed without proper measures to stop or even limit threats. Well-understood SQL injections and cross-site scripting vulnerabilities have been used by bad actors to target web applications. Code sharing poses a risk too, despite efforts by the open source community to standardize controls and measures in web development.
 
You can find out more about the findings on the Ixia website.

 

Read More

Microsoft Email Hack Shows the Lurking Danger or Customer Support

 

This article by Lily Hay Newman was published inWIRED, 15 April 2019
 
On Friday night, Microsoft sent notification emails to an unknown number of its individual email users—across Outlook, MSN, and Hotmail—warning them about a data breach. Between January 1 and March 28 of this year, hackers used a set of stolen credentials for a Microsoft customer support platform to access account data like email addresses in messages, message subject lines, and folder names inside accounts. By Sunday, it acknowledged that the problem was actually much worse. It may seem odd that a single set of customer support credentials could be the keys to such a massive kingdom. But within the security community, customer and internal support mechanisms are increasingly seen as a potential source of exposure. On the one hand, support agents need enough account or device access to be able to actually help people. But as the Microsoft incident shows, too much access in the wrong hands can cascade into a dangerous situation.

 

Read More

IARPA working on ways to protect AI training data from malicious tampering

 

This article by Jory Heckman was published in theFederal News Network, 17 April 2019
 
The intelligence community’s advanced research agency has laid the groundwork for two programs focused on ways to overcome adversarial machine learning and prevent adversaries from using artificial intelligence tools against users. Stacey Dixon, director of the Intelligence Advanced Research Projects Activity (IARPA), said the agency expects both programs to run for about two years. “We appreciate the fact that AI is going to be in a lot more things in our life, and we’re going to be relying on it a lot more, so we would want to be able to take advantage of, or at least mitigate, those vulnerabilities that we know exist,” Dixon said Tuesday at an Intelligence and National Security Alliance (INSA) conference in Arlington, Virginia. The first project, called Trojans in Artificial Intelligence (TrojAI), looks to sound the alarm whenever an adversary has compromised the training data for a machine-learning algorithm. Another program, which Dixon said would have a draft announcement coming later this year, will look to protect the identities of people whose images have served as training data for facial recognition tools.

 

Read More

Breaking Down Modern Botnets

 

This article by Geraldine Hunt was published inTitanHQ, 17 April 2019
 
“Botnets” is the term given to a group of computers infected with malware and used in collaborated attacks against publicly accessible servers. An attacker controls all malware-infected computers from a central location. Once the attacker determines a target, the central location sends commands to botnet computers to flood traffic to the target. The result can be an overwhelming amount of traffic sent to a server that is unable to handle these traffic volumes and services are taken offline. Botnets are responsible for DDoS attacks on Internet resources.

 

Read More

Big Companies Thought Insurance Covered a Cyberattack. They May Be Wrong.

 

This article by Adam Satariano and Nicole Perlroth was published in The New York Times, 15 April 2019
 
Mondelez, owner of dozens of well-known food brands like Cadbury chocolate and Philadelphia cream cheese, was one of the hundreds of companies struck by the so-called NotPetya cyberstrike in 2017. After the ordeal, executives at the company took some solace in knowing that insurance would help cover the costs. Or so they thought. Mondelez’s insurer, Zurich Insurance, said it would not be sending a reimbursement check. It cited a common, but rarely used, clause in insurance contracts: the “war exclusion,” which protects insurers from being saddled with costs related to damage from war. Mondelez was deemed collateral damage in a cyberwar. In a closely watched legal battle, Mondelez sued Zurich Insurance last year for a breach of contract in an Illinois court, and Merck filed a similar suit in New Jersey in August. In the Mondelez and Merck lawsuits, the central question is whether the government’s attribution of the NotPetya attack to Russia meets the bar for the war exclusion.

 

Read More

The Daily 202: How the nature of cyberwar is changing

 

This article by James Hohmann was published inThe Washington Post, 15 April 2019
 
Lisa Monaco, who served as the homeland security adviser in Barack Obama’s White House, said many countries are changing how they approach the digital battlefield, from focusing primarily on espionage toward “geopolitical one-upmanship.” “The game is getting disrupted,” she said. “If we had this conversation two and a half years ago, I would have described the threat I was seeing at the time as more diffuse, more sophisticated and more dangerous than at any other time in my career in government. Today I have an overwhelming sense that if we look at the threat actors as basically aligned in a drag race – nation states, non-state actors, hacktivists, criminal groups – the nation states have far and away set themselves apart.” Monaco spoke on Friday night during a four-day cybersecurity conference sponsored by the nonpartisan Hewlett Foundation, which convened a few dozen insiders from the national security community along with executives from technology companies to discuss threats facing the United States in the brave new digital world and how to better respond to them.

 

Read More

The Cybersecurity 202: Why a hacking operation by a proto-state in Ukraine could spell trouble for the U.S.

 

This article by Joseph Marks was published in The Washington Post, 17 April 2019
 
The Luhansk People’s Republic, a region that has claimed independence from Ukraine with the backing of Russia’s military, isn’t recognized by the United States, the European Union or NATO. But it has a hacking army and it’s targeting the Ukrainian government and military, according to new research from the cybersecurity company FireEye.    This is probably the most extreme case to date of an ultra-small group targeting a national government with a sophisticated hacking operation, John Hultquist, FireEye's director of intelligence analysis who co-wrote the report, told me. And it could usher in a new era of small nations or nonstate actors developing sophisticated hacking operations, he said. That could mean a big headache for the United States and other global powers, which will have to defend themselves against a new slate of digital adversaries.

 

Read More

The Cybersecurity 202: This is the biggest problem with cybersecurity research

 

This article by Joseph Marks was published in The Washington Post, 18 April 2019
 
Want to know the most effective ways businesses defend themselves against hacking? Good luck. There’s a mountain of marketing material about that and other cybersecurity topics, but a dearth of high-quality, vetted data that researchers can use to draw their own conclusions, cybersecurity academic Tyler Moore tells me. That’s because most cybersecurity research relies on data from companies about hacking attempts against their clients — and the companies are wary of sharing that data too broadly because of privacy concerns. But without more public raw data, researchers are only seeing a slice of the pie. And that makes it difficult to draw big-picture conclusions or to give definitive answers to even basic questions -- such as where our greatest digital vulnerabilities are and which defensive measures are most effective at combating them, said Moore, an associate professor of cybersecurity and information assurance at the University of Tulsa.

 

Read More

Concerns raised over Australia’s electoral cyber security

 

This article by Sean Parnell was published in The Australian, 19 April 2019
 
A major review of electoral cyber security has raised concern hackers might find a weak jurisdiction, with weak systems, and use it to “sow doubt in the security and integrity” of Australian democratic processes. The Deloitte review, commissioned by the Department of Home Affairs and obtained under Freedom of Information laws, called for a national approach to safeguarding all electoral systems. In the United States in 2016, Russian hackers targeted electoral systems in 50 states, it emerged last week, more than twice as many as initially suspected. The following year, the US Department of Homeland Security declared ‘elections infrastructure’ to be critical infrastructure warranting additional national protection. However, the Australian government’s Security of Critical Infrastructure Act 2018 focuses on electricity, port, water and gas assets. While the government would be expected to protect the Australian Electoral Commission (AEC), it has no authority over other jurisdictions’ systems under the Act. Yet the review found every jurisdiction and every system “can be seen as critical to our ‘social and economic wellbeing’ and therefore consideration should be given to designating Australia’s electoral systems as ‘critical infrastructure’.”

 

Read More

WikiLeaks and the Lost Promise of the Internet

 

This article by Quinta Jurecic was published inLawfare, 15 April 2019
 
Julian Assange’s arrest was a long time coming. After seven years hiding in Ecuador’s London embassy and a number of false alarms, the WikiLeaks founder was finally evicted from the building and passed to British law enforcement on April 11. Though journalists and commentators have long speculated that U.S. charges against Assange might stem from Assange’s role in coordinating the release of Democratic Party information hacked by the Russian government, the truth turned out to be very different: The United States unsealed an indictment charging Assange with conspiracy, dating back to his 2010 exchanges with Chelsea Manning that led to the release of 250,000 classified U.S. diplomatic cables. The indictment and arrest created a natural opportunity to look back over the controversies that have long swirled around Assange. In the days after his arrest, I sat down to watch two documentaries on the WikiLeaks founder: “We Steal Secrets,” a 2013 film by Alex Gibney, and Laura Poitras’s 2017 “Risk.” Though the documentaries are very different, both are accounts of the filmmakers’ darkening view of Assange, who goes from a maverick hero to a much more difficult and complicated figure over both features’ running time. Poitras, in fact, recut her entire movie to show Assange in a harsher light following the 2016 election.

 

Read More