WASHINGTON: US military cyber forces launched a strike against Iranian military computer systems on Thursday as President Donald Trump backed away from plans for a more conventional military strike in response to Iranâ€™s downing of a US surveillance drone, US officials said Saturday.Two officials told The Associated Press that the strikes were conducted with approval from Trump. A third official confirmed the broad outlines of the strike. All spoke on condition of anonymity because they were not authorized to speak publicly about the operation.The cyberattacks â€” a contingency plan developed over weeks amid escalating tensions â€” disabled Iranian computer systems that controlled its rocket and missile launchers, the officials said. Two of the officials said the attacks, which specifically targeted Iranâ€™s Islamic Revolutionary Guard Corps computer system, were provided as options after Iranian forces blew up two oil tankers earlier this month.The IRGC, which was designated a foreign terrorist group by the Trump administration earlier this year, is a branch of the Iranian military.The action by US Cyber Command was a demonstration of the USâ€™s increasingly mature cyber military capabilities and its more aggressive cyber strategy under the Trump administration. Over the last year US officials have focused on persistently engaging with adversaries in cyberspace and undertaking more offensive operations.Tensions have escalated between the two countries ever since the US withdrew last year from the 2015 nuclear deal with Iran and began a policy of â€œmaximum pressure.â€ Iran has since been hit by multiple rounds of sanctions. Tensions spiked this past week after Iran shot down an unmanned US drone â€” an incident that nearly led to a US military strike against Iran on Thursday evening.The cyberattacks are the latest chapter in the US and Iranâ€™s ongoing cyber operations targeting the other. Yahoo News first reported the cyber strike.
Iranian attacksIn recent weeks, hackers believed to be working for the Iranian government have targeted US government agencies, as well as sectors of the economy, including finance, oil and gas, sending waves of spear-phishing emails, according to representatives of cybersecurity companies CrowdStrike and FireEye, which regularly track such activity. This new campaign appears to have started shortly after the Trump administration imposed sanctions on the Iranian petrochemical sector this month.It was not known if any of the hackers managed to gain access to the targeted networks with the emails, which typically mimic legitimate emails but contain malicious software.Tensions have run high between the two countries since the US withdrew from the 2015 nuclear deal with Iran last year and began a policy of â€œmaximum pressure.â€ Iran has since been hit by multiple rounds of sanctions. Then Iran shot down an unmanned US drone this week.â€œBoth sides are desperate to know what the other side is thinking,â€ said John Hultquist, director of intelligence analysis at FireEye. â€œYou can absolutely expect the regime to be leveraging every tool they have available to reduce the uncertainty about whatâ€™s going to happen next, about what the USâ€™s next move will be.â€CrowdStrike shared images of the spear-phishing emails with the AP.One such email that was confirmed by FireEye appeared to come from the Executive Office of the President and seemed to be trying to recruit people for an economic adviser position. Another email was more generic and appeared to include details on updating Microsoft Outlookâ€™s global address book.The Iranian actor involved in the cyberattack, dubbed â€œRefined Kittenâ€ by CrowdStrike, has for years targeted the US energy and defense sectors, as well as allies such as Saudi Arabia and the United Arab Emirates, said Adam Meyers, vice president of intelligence at CrowdStrike.The Department of Homeland Security said in a statement released Saturday that its agency tasked with infrastructure security has been aware of a recent rise in malicious cyber activities directed at US government agencies by Iranian regime actors and proxies.Cybersecurity and Infrastructure Security Agency Director Christopher C. Krebs said the agency has been working with the intelligence community and cybersecurity partners to monitor Iranian cyber activity and ensure the US and its allies are safe.â€œWhat might start as an account compromise, where you think you might just lose data, can quickly become a situation where youâ€™ve lost your whole network,â€ Krebs said.The National Security Agency would not discuss Iranian cyber actions specifically, but said in a statement to the AP on Friday that â€œthere have been serious issues with malicious Iranian cyber actions in the past.â€â€œIn these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defenses are in place,â€ the NSA said.
“Contentious cyber history”
Iran has long targeted the US oil and gas sectors and other critical infrastructure, but those efforts dropped significantly after the nuclear agreement was signed. After Trump withdrew the US from the deal in May 2018, cyber experts said they have seen an increase in Iranian hacking efforts.
â€œThis is not a remote war (anymore),â€ said Sergio Caltagirone, vice president of threat intelligence at Dragos Inc. â€œThis is one where Iranians could quote unquote bring the war home to the United States.â€Caltagirone said as nations increase their abilities to engage offensively in cyberspace, the ability of the United States to pick a fight internationally and have that fight stay out of the United States physically is increasingly reduced.The US has had a contentious cyber history with Iran.In 2010, the so-called Stuxnet virus disrupted the operation of thousands of centrifuges at a uranium enrichment facility in Iran. Iran accused the US and Israel of trying to undermine its nuclear program through covert operations.Iran has also shown a willingness to conduct destructive campaigns. Iranian hackers in 2012 launched an attack against state-owned oil company Saudi Aramco, releasing a virus that erased data on 30,000 computers and left an image of a burning American flag on screens.In 2016, the US indicted Iranian hackers for a series of punishing cyberattacks on US banks and a small dam outside of New York City.The Defense Department refused to comment on the latest Iranian activity. â€œAs a matter of policy and for operational security, we do not discuss cyberspace operations, intelligence or planning,â€ Pentagon spokeswoman Heather Babb said in a statement. The White House did not respond to a request for comment.Despite the apparent cyber campaign, experts say the Iranians would not necessarily immediately exploit any access they gain into computer systems and may seek to maintain future capabilities should their relationship with the US further deteriorate.â€œItâ€™s important to remember that cyber is not some magic offensive nuke you can fly over and drop one day,â€ said Oren Falkowitz, a former National Security Agency analyst. It takes years of planning, he said, but as tensions increase, â€œcyber impact is going to be one of the tools they use and one of the hardest things to defend against.â€
New Daesh leader was informant for US, says counter terrorism report
NEW YORK: The man widely believed to be the new leader of Daesh was once an informant for the US, according to a new report from the Combating Terrorism Center (CTC), a research body at the US military academy of West Point in New York. “Stepping Out from the Shadows: The Interrogation of the Islamic State’s…
NEW YORK: The man widely believed to be the new leader of Daesh was once an informant for the US, according to a new report from the Combating Terrorism Center (CTC), a research body at the US military academy of West Point in New York.
“Stepping Out from the Shadows: The Interrogation of the Islamic State’s Future Caliph” is based on Tactical Interrogation Reports (TIRs) — the paper trail the US military creates when enemy fighters are detained and interrogated — from Al-Mawla’s time in captivity in the late 2000s.
Before his release in 2009, Al-Mawla named 88 extremists involved in terrorist activities, and the information he divulged during his interrogations led US forces in the region to successfully capture or kill dozens of Al-Qaeda fighters, the report claims.
The CTC said it is “highly confident” Al-Mawla became the new leader of Daesh after the previous leader, Abu Bakr Al-Baghdadi, was killed in a US air raid in Syria in October 2019.
Although Daesh announced that a man called Abu Ibrahim Al-Hashimi Al-Qurashi was Baghdadi’s successor, US officials have also stated that Al-Qurashi’s true identity is actually Al-Mawla — also known as Hajj Abdullah.
Before joining Daesh, Al-Mawla is believed to have been the deputy leader of Al-Qaeda.
While details about the operation resulting in his capture are scarce, the TRIs reveal that he was captured on January 6, 2008.
The following day, US Central Command announced the capture of a wanted individual who “previously served as a judge of an illegal court system involved in ordering and approving abductions and executions.”
In his interrogations, Al-Mawla offered up details of terrorist plots to his interrogators, while minimizing his own involvement. He identified many jihadists by name and offered descriptions of their roles in the terrorist organization and details of their involvement in attacks on US-led coalition forces during the 2003 invasion of Iraq.
Al-Mawla — a former officer in Saddam Hussein’s army and once Baghdadi’s speechwriter — emerges from the TIRs as a mysterious personality with a vague past, whose ethnicity could not be determined with certainty. The statements in the reports are rife with contradictory elements and open to a wide range of interpretations. As the authors point out in their introduction: “It is incredibly difficult to ascertain whether what Al-Mawla divulges regarding himself or ISI (the forerunner of Daesh) as an organization is true.”
Details of the specific demographics of Al Mawla’s birthplace of Al-Muhalabiyyah in Iraq’s Tal Afar district are sketchy, but it is generally accepted to have a predominantly Turkmen population. The authors of the report point out that some sources have suggested “this could pose legitimacy problems for him because (Daesh) mostly has Arabs in its senior leadership echelons,” but add that at least two other senior members of the group were reported to have been Turkmen.
Al-Mawla also claimed to have avoided pledging allegiance to ISI because he was a Sufi. The report’s authors cast doubt on that claim, given his quick rise to prominence in the terrorist group and the fact that ISI and Daesh branded Sufism as heresy.
But the authors do believe the TRIs give some valuable insights into Al-Mawla’s personality.
“The fact that he detailed activities and gave testimony against (fellow jihadists) suggests a willingness to offer up fellow members of the group to suit his own ends,” they wrote. “The amount of detail and seeming willingness to share information about fellow organization members suggests either a degree of nonchalance, strategic calculation, or resignation on the part of Al-Mawla regarding operational security.
“He appears to have named individuals in some capacity across all levels of the organization, while describing some individuals in some detail,” they continued.
The US Department of Justice has offered a $10million reward for information about Al-Mawla’s identification or location.
The poisoning of Alexey Navalny: Five key things to know
What happened on the day Navalny fell ill? On August 20, a Thursday, Alexey Navalny, Russia’s leading Kremlin critic, had finished up campaigning for opposition politicians in Siberia for local elections, which were taking place from September 11 to 13. He left Xander Hotel and headed for the Tomsk Bogashevo airport. There, he drank a…
What happened on the day Navalny fell ill?
On August 20, a Thursday, Alexey Navalny, Russia’s leading Kremlin critic, had finished up campaigning for opposition politicians in Siberia for local elections, which were taking place from September 11 to 13.
He left Xander Hotel and headed for the Tomsk Bogashevo airport. There, he drank a cup of tea. He was on the way to Moscow.
In the first half-hour of the flight, he fell ill and witnesses said he screamed in pain. He was later in a coma.
He was airlifted to Germany’s capital, a six-hour flight, to the Berlin Charite hospital.The plane made an emergency landing at Omsk. He received treatment in the Russian city, where doctors said he was too unwell to be moved, but two days later on August 22, a Saturday, they said his life was not in danger.
Was he poisoned?
Navalny’s team believes he was poisoned with a Novichok nerve agent, a claim several European countries support.
A laboratory in Germany said it had confirmation on September 2, followed by laboratories in France and Sweden on September 14.
Samples from Navalny have also been sent to the Organization for the Prevention of Chemical Weapons (OPCW) in The Hague for testing.
Russia says there is no evidence to prove Navalny was poisoned, while its ally Belarus has also doubted the claim. The doctors in Omsk said they had not detected poisonous substances in Navalny’s body.
US President Donald Trump has been criticised for towing Russia’s line, saying on September 4 – two days after Germany’s claim to have “unequivocal evidence” – that “we have not had any proof yet”.
How is Navalny’s condition now?
On September 7, more than two weeks after falling ill on the plane, Navalny’s doctors in Germany said he was out of a coma and that his condition was improving. His spokeswoman said, “Gradually, he will be switched off from a ventilator.”
On September 15, Navalny posted on Instagram that he was breathing alone. He has said he plans to return to Russia.
If he was poisoned, who may have poisoned him and where?
Navalny’s team believes he was poisoned at the orders of Russian President Vladimir Putin – a claim the Kremlin has strongly denied.
Navalny’s spokeswoman Kira Yarmysh had initially said she believed Navalny’s tea at the airport was poisoned, but on September 17, his team said the nerve agent was detected on an empty water bottle from his hotel room in the Tomsk, suggesting he was poisoned there and not at the airport.
What effect has the alleged poisoning had?
The alleged attack has widened a rift between Europe and Russia, with Germany and France leading calls for a full investigation but stopping short of outrightly blaming the Russian government.
MEPs have called for sanctions against Russia, saying on September 17, “The poison used, belonging to the ‘Novichok group’, can only be developed in state-owned military laboratories and cannot be acquired by private individuals, which strongly implies that Russian authorities were behind the attack.”
Russia’s Foreign Ministry has summoned Germany’s ambassador to Moscow, while the United Kingdom has summoned the Russian envoy over the incident.
For its part, Moscow rejects what it called the politicisation of the issue.
Significantly, German Chancellor Angela Merkel is under pressure to halt the Nord Stream 2 gas pipeline project, which transfers Russian gas to Germany. Once again, the Kremlin has warned not to involve the Navalny case in any discussion about the pipeline, with Dmitry Peskov saying on September 16, “It should stop being mentioned in the context of any politicisation.”
A timeline of events surrounding the alleged poisoning attack on Navalny:
August 20 – Navalny falls ill on flight; plane makes emergency landing in Omsk; his spokeswoman says he was poisoned, perhaps by the tea he drank at the airport
August 22 – Navalny airlifted to Berlin Charite hospital
September 2 – Germany says it has ‘unequivocal evidence’ Navalny was poisoned, Russia responds by saying the claim is not backed by evidence
September 4 – US President Donald Trump says ‘we do not have any proof yet’
September 6 – Heiko Maas, German foreign minister, threatens action over gas pipeline project, saying, ‘I hope the Russians don’t force us to change our position on Nord Stream 2’
September 7 – German doctors say Navalny is out of an artificial coma
September 11-13 – Russia holds local elections; Navalny’s allies make gains in Siberian cities
September 15 – Navalny posts on Instagram that he is breathing alone
September 16 – Kremlin spokesman warns against politicising Navalny issue in discussions over the Nord Stream 2 gas pipeline project with Germany
September 17 – Navalny’s team now suspects he was poisoned in his hotel room, not the airport, citing traces of nerve agent on an empty water bottle
September 17 – MEPs call for sanctions against Russia
Bollywood star Amitabh Bachchan to lend voice to Amazon’s Alexa
Bollywood superstar Amitabh Bachchan will be the first Indian celebrity to lend his voice to Amazon’s Alexa digital assistant starting next year, as the Silicon Valley giant expands its presence in the significant market.The 77-year-old actor has been a household name in India for nearly half a century, and his deep baritone is instantly recognisable…
Bollywood superstar Amitabh Bachchan will be the first Indian celebrity to lend his voice to Amazon’s Alexa digital assistant starting next year, as the Silicon Valley giant expands its presence in the significant market.The 77-year-old actor has been a household name in India for nearly half a century, and his deep baritone is instantly recognisable to listeners in the country of 1.3 billion.Foreign firms such as Amazon have spent tens of billions of dollars in India in recent years as they fight for a piece of the Asian giant’s burgeoning digital economy.In a blog post on Monday, Amazon India said Bachchan’s “voice experience” feature will become available for purchase on Alexa next year.”It will include popular offerings like jokes, weather, shayaris (poetry), motivational quotes, advice and more,” the firm said.Alexa first rolled out celebrity voice option last year with actor Samuel L Jackson, following a similar move by Google the year before, which gave users the option of hearing singer John Legend on the Google Assistant.”I am excited to create this voice experience,” the Bollywood megastar said on Amazon’s blog.”With voice technology, we are building something to engage more effectively with my audience and well-wishers.”His earlier foray into vocal blogging in 2010, Bachchan Bol-Bachchan Speak, allowed fans to listen to pre-recorded messages by the star at the push of a button.In addition to competing with voice-activated devices such as Apple’s Siri and Google Assistant for consumers, Amazon is battling Walmart-backed Flipkart and JioMart, owned by Asia’s richest man Mukesh Ambani, for a share of the online retail market.The tech giant, which is owned by Jeff Bezos, the world’s richest person, is also trying to win eyeballs with its streaming service that competes with Netflix and Disney+ Hotstar.Bachchan and his family have been among India’s highest-profile coronavirus patients. The superstar, his actor son Abhishek, actress daughter-in-law Aishwarya Rai, and granddaughter Aaradhya were all admitted to hospital in July. All four have since been released.The veteran star returned to work last month filming India’s version of Who Wants To Be A Millionaire? after authorities eased coronavirus curbs on movie and TV shoots.Nevertheless, with cases in India nearing five million, authorities in Mumbai – the home of Bollywood – have asked production houses to ensure that common facilities are regularly sanitised, masks worn and social distancing “followed as far as possible”.Bachchan’s last film, comedy-drama Gulabo Sitabo, went straight to Amazon’s streaming service in June, after theatres in India shut down in March due to pandemic fears.