[rebelmouse-image 60323886 expand=1 dam=1 alt="OSR banner" site_id=26883708 is_animated_gif="false" original_size="1000x220" crop_info="%7B%22image%22%3A%20%22https%3A//assets.rbl.ms/60323886/origin.png%22%2C%20%22thumbnails%22%3A%20%7B%22origin%22%3A%20%22https%3A//assets.rbl.ms/60323886/origin.png%22%2C%20%22700x1245%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D700%26height%3D1245%26coordinates%3D438%252C0%252C438%252C0%22%2C%20%221000x750%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D1000%26height%3D750%26coordinates%3D353%252C0%252C353%252C0%22%2C%20%221200x400%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D1200%26height%3D400%26coordinates%3D170%252C0%252C170%252C0%22%2C%20%22210x%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D210%22%2C%20%221200x600%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D1200%26height%3D600%26coordinates%3D280%252C0%252C280%252C0%22%2C%20%221200x800%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D1200%26height%3D800%26coordinates%3D335%252C0%252C335%252C0%22%2C%20%22300x300%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D300%26height%3D300%26coordinates%3D390%252C0%252C390%252C0%22%2C%20%22600x300%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D600%26height%3D300%26coordinates%3D280%252C0%252C280%252C0%22%2C%20%22600x%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D600%22%2C%20%22600x400%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D600%26height%3D400%26coordinates%3D335%252C0%252C335%252C0%22%2C%20%2235x35%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D35%26height%3D35%22%2C%20%22750x1000%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D750%26height%3D1000%26coordinates%3D417%252C0%252C418%252C0%22%2C%20%22600x600%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D600%26height%3D600%26coordinates%3D390%252C0%252C390%252C0%22%2C%20%22980x%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D980%22%2C%20%22600x200%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D600%26height%3D200%26coordinates%3D170%252C0%252C170%252C0%22%2C%20%221245x700%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D1245%26height%3D700%26coordinates%3D304%252C0%252C304%252C0%22%2C%20%221500x2000%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D1500%26height%3D2000%26coordinates%3D417%252C0%252C418%252C0%22%2C%20%22300x%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D300%22%2C%20%222000x1500%22%3A%20%22https%3A//rebelmouse.thecipherbrief.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy82MDMyMzg4Ni9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTgwNzYxNDQ4OX0.1gEV77I0VNIGhfMuzIWULyPcbwHRsD2wYLxm6pOF4pA/image.png%3Fwidth%3D2000%26height%3D1500%26coordinates%3D353%252C0%252C353%252C0%22%7D%2C%20%22manual_image_crops%22%3A%20%7B%229x16%22%3A%20%7B%22sizes%22%3A%20%5B%22700x1245%22%5D%2C%20%22top%22%3A%200%2C%20%22height%22%3A%20220%2C%20%22width%22%3A%20124%2C%20%22left%22%3A%20438%7D%2C%20%22600x300%22%3A%20%7B%22sizes%22%3A%20%5B%22600x300%22%5D%2C%20%22top%22%3A%200%2C%20%22height%22%3A%20220%2C%20%22width%22%3A%20440%2C%20%22left%22%3A%20280%7D%2C%20%223x1%22%3A%20%7B%22sizes%22%3A%20%5B%221200x400%22%2C%20%22600x200%22%5D%2C%20%22top%22%3A%200%2C%20%22height%22%3A%20220%2C%20%22width%22%3A%20660%2C%20%22left%22%3A%20170%7D%2C%20%223x2%22%3A%20%7B%22sizes%22%3A%20%5B%221200x800%22%2C%20%22600x400%22%5D%2C%20%22top%22%3A%200%2C%20%22height%22%3A%20220%2C%20%22width%22%3A%20330%2C%20%22left%22%3A%20335%7D%2C%20%221x1%22%3A%20%7B%22sizes%22%3A%20%5B%22600x600%22%2C%20%22300x300%22%5D%2C%20%22top%22%3A%200%2C%20%22height%22%3A%20220%2C%20%22width%22%3A%20220%2C%20%22left%22%3A%20390%7D%2C%20%223x4%22%3A%20%7B%22sizes%22%3A%20%5B%221500x2000%22%2C%20%22750x1000%22%5D%2C%20%22top%22%3A%200%2C%20%22height%22%3A%20220%2C%20%22width%22%3A%20165%2C%20%22left%22%3A%20417%7D%2C%20%2216x9%22%3A%20%7B%22sizes%22%3A%20%5B%221245x700%22%5D%2C%20%22top%22%3A%200%2C%20%22height%22%3A%20220%2C%20%22width%22%3A%20392%2C%20%22left%22%3A%20304%7D%2C%20%224x3%22%3A%20%7B%22sizes%22%3A%20%5B%222000x1500%22%2C%20%221000x750%22%5D%2C%20%22top%22%3A%200%2C%20%22height%22%3A%20220%2C%20%22width%22%3A%20294%2C%20%22left%22%3A%20353%7D%2C%20%222x1%22%3A%20%7B%22sizes%22%3A%20%5B%221200x600%22%2C%20%22600x300%22%5D%2C%20%22top%22%3A%200%2C%20%22height%22%3A%20220%2C%20%22width%22%3A%20440%2C%20%22left%22%3A%20280%7D%7D%7D" caption="" photo_credit="" title=""]

Monday, April 17, 2023

The Cipher Brief curates open source information from around the world that impacts national security. Here's a look at today's headlines, broken down by region of the world:  

In the Americas

Biden to Run for Re-election, Will Make Formal Announcement “Soon.” At the tail end of his trip to Ireland on Friday, U.S. President Joe Biden said he has decided to run for a second term and would soon formally announce his re-election campaign. His expected pitch will be to “finish the job” after a first term that has included several legislative wins, including billions of dollars for new infrastructure. Onlookers have to date been concerned about Biden’s age, which might make his re-election bid a risky gamble for the Democratic Party; he would be 86 by the end of a prospective second term. Reuters

Blinken Demands Access to Jailed WSJ Reporter.  U.S. Secretary of State Antony Blinken is demanding Russia grant access to U.S. officials to jailed Wall Street Journal reporter Evan Gershkovich, who is being held in Russia on espionage charges.  Russia has so far denied consular access to Gershkovich and has said it will provide it “in due time.”  Gershkovich has denied all spying charges and the U.S. maintains that he is “wrongfully detained.”  Wall Street Journal

Gunmen Kill 7 at Mexico Resort.  Unidentified gunmen killed 7 people, including a young child, in an attack at a resort on Saturday in the city of Cortazar, in central Mexico.  Authorities say that no arrests have been made and that investigations into the attack are ongoing. The Mexican army has been instructed to search for those responsible for the shooting. In recent years, gang wars over territory have transformed the region of Guanajuato, a car manufacturing and agricultural center, into a volatile area, as many railways and roads there lead to the U.S. border.  CNN Reuters

U.S. Allegedly Aware of Four Additional Chinese Spy Balloons.  Documents from the U.S. intelligence leak say that U.S. intelligence agencies had tracked up to four more Chinese spy balloons in addition to the one that flew over the continental U.S. at the beginning of the year.  According to the documents, one of the balloons flew over a U.S. carrier strike group and another balloon crashed into the South China Sea.  The documents say these additional balloons carried advanced surveillance equipment, but there is a lack of detailed conclusions about their capabilities, suggesting possible gaps in U.S. understanding of the balloons.  The Washington Post

Chinese Spy Balloon Reportedly Had Advanced Solar Panels for Powerful Sensor.  Regarding, the Chinese balloon that flew over the continental U.S. before being shot down, a leaked document from the U.S. National Geospatial-Intelligence Agency (NGA) said that the balloon carried solar panels that could support an extremely powerful sensor.  The document says the panels could generate up to 10,000 watts of solar power to operate a synthetic aperture radar, which can produce imagery at night and penetrate clouds and thin materials like tarps.  The document also said the balloon had a large 1.2 meter-diameter parabolic dish, a possible mast antenna and more unidentified sensors. Reuters

U.S. Wiretapped Gulf Cartel After Fatal Kidnapping.  Additional documents from the U.S. intelligence breach show U.S intelligence agencies were wiretapping and eavesdropping on the Gulf Cartel last month after members of the drug gang kidnapped four Americans, killing two.  The leaked files say the U.S. monitored the group using “FISA-derived signals intelligence,” which includes wire taps.  The documents say the Gulf Cartel was preparing for possible retaliation from the Mexican military in response to the abduction, which was committed in response to an alleged hit-and-run incident.  The survivors of the kidnapping did not mention any vehicle collision, but they have said that one of their captors acknowledged the attack was a mistake.  The Washington Post

Document Leak Shows Increased Russian Prowess At Evading Social Media Monitoring, Spreading Propaganda. Classified documents recently leaked on Discord suggest that the Russian government believes it has become more successful at manipulating search engine rankings and social media than previously known. For example, one document says that the Russian operators of accounts that thrive on spreading misinformation boast that they are only detected by social media network monitors only about 1 percent of the time. The undated analysis in the leak was apparently presented to U.S. military leaders in recent months, and focuses on Russia’s effectiveness on boosting misinformation and propaganda on Twitter, YouTube, TikTok, Telegram, and other platforms. While experts think that this claim was probably exaggerated or misleading, it demonstrates the complexity of the fight that companies like Google and Meta are facing in their attempts to counter misinformation, and as Elon Musk and some Republicans in Congress point to federal government identifications of Russian attempts at foreign influence as evidence of collusion with tech companies that want to suppress right-wing and independent views. Washington PostClassified Document Leak Raises Questions about Security Procedures, Monitoring. The Pentagon continues its internal investigation into the classified document leak, in which a low-level Air National Guard member allegedly removed hundreds of documents from his office on base, brought them home, and then uploaded them to an online platform for friends to view. Although it remains unclear how closely Airman Jack Teixeira was monitored, if at all, he was able to remove pages of classified material for months with apparently no notice, and his case is raising new questions about whether efforts to contain previous leaks were sufficient or if there is a larger, systemic problem within the U.S. intelligence system. Past leaks resulted in measures like the prohibition of thumb drives and “continuous evaluation” of those who hold clearances by the DoD and Intelligence Community (IC) agencies, neither of which stopped the alleged leaks from Teixeira. On Friday, President Biden said that he had directed DoD and the IC to put more controls over the distribution and security of sensitive information. Congress has pledged to investigate how Teixeira’s actions were able to go unnoticed for months and how to prevent future leaks. Washington Post

Accused Leaker Charged With Two Federal Offenses. On Friday, Airman Jack Teixeira was charged in a U.S. District Court with two federal offenses: the “unauthorized retention and transmission of national defense information”, which falls under the Espionage Act, and “unauthorized removal and retention of classified documents or material”. Court documents allege Teixeira committed these crimes on or around February 28. The two charges carry a potential maximum sentence of 15 years in prison, but at the moment are only connected to one classified record that described the status of the Russia-Ukraine war and included details about troop movements. U.S. Magistrate Judge David Hennessy ordered him held pending a hearing this Wednesday. Experts expect more charges to follow as investigators continue their examination of each leaked document. Teixeira could also face more counts for each instance that he uploaded and transmitted each document. Politico Reuters

Pro-Kremlin Social Media Account Overseen by Former U.S. Naval NCO Spread Leaked Files. A pro-Kremlin social media account overseen for a former US Navy noncommissioned officer (NCO) helped spread the classified documents leaked by Airman First Class Jack Teixeira, according to a Wall Street Journal investigation. The Donbass Devushka account is the “face of a network of pro-Kremlin social-media, podcasting, merchandise, and fundraising accounts” whose podcast producer and account administrator are a Washington-state-based former US Navy NCO named Sarah Bils. They are among the most widely-followed English-language outlets promoting Russia’s talking points. On April 5, the Donbass Devushka Telegram account posted four of the allegedly leaked classified documents, which then led several Russian social media accounts to focus on the documents, after which point the Pentagon launched its investigation. Ms. Bils claims another administrator posted the files, and that she later deleted them. Wall Street Journal

SpaceX Postpones Test Launch Massive Starship.  SpaceX has postponed the launch of its 400-foot Starship rocket – the most powerful rocket ever constructed out of its facilities in South Texas.  The vehicle was set to launch today, after the Federal Aviation Administration gave the green light on Friday for an uncrewed launch of the rocket, but had to be postponed due to a valve in the booster’s pressurization system that appears to be frozen.  The launch was to be SpaceX’s first attempt to put the rocket into orbit.  When it does launch it could be incredibly lucrative for the company as it will be able to carry far more cargo and many more people than the current capability used by NASA, Falcon 9. NASA has already awarded SpaceX more than $3 billion of contracts and options to use Starship to bring U.S. astronauts to the moon under the agency’s Artemis program. The spacecraft is also central to Elon Musk’s vision of one day sending people to Mars. SpaceX says it will try to launch the rocket again in the coming days. CNN Reuters Tech Crunch Washington PostNew York Times

Opinion: The U.S. Needs to Relearn How to Tell Its Story to the World.  Former CIA Director and Secretary of Defense Robert M. Gates is out with a piece in the Washington Post that examines the issue of strategic communications in the ongoing competition between the US, Russia and China.  Gates highlights that Russia, in its attempt to restore its previous empire resorts to attacking the US and the West to cover up the fact that it has no positive narrative of its own.  China, Gates says, is far more strategic in its global messaging with its Xinhua news agency boasting more than 180 bureaus globally and more than 500 Confucius Institutes around the world.  Gates points to the dismantling of the US strategic communication capabilities following the end of the Cold War as a short-sighted failure and says that in the communications arena, a key component of soft-power competition, that Russia and China are “running rings” around the U.S.   The Washington Post

Western Europe

E.U. Says China-Europe Relationship Dependent on Beijing.  E.U. foreign policy chief Josep Borell on Sunday said Europe’s relationship with China is dependent on China’s actions, including towards Taiwan.  He said China is a "partner, competitor and systemic rival" all at once and that its behavior will inform which of those relations the E.U. will lean more into.  Borrell’s comments came at the meeting of G7 foreign ministers in Japan where participants called for a united, constructive approach to China, given all members’ deep economic ties  with Beijing, and raised shared concerns over rising tensions in the Taiwan Strait.  Reuters

Finland Begins Constructing Russian Border Fence. Less than two weeks after joining the NATO alliance, Finland intends to start building the first stretch of a fence along its border with Russia. The Finnish government decided last year to construct the fence over fears Russia would send immigrants over the border, and now fears have risen over possible ramifications of Finland’s membership to NATO. These concerns come after Belarus was accused of flying migrants from the Middle East into Poland and creating a migration crisis in response to Poland’s support of Ukraine. The fence is set to cover 125 miles of the border and will be finished by the end of 2026, and will be equipped with surveillance equipment.  Reuters Associated Press

Italian PM Admits ‘Anomalies’ in Russian Citizen’s Escape from Italian Custody.   Italian Prime Minister Georgia Meloni has admitted that there are ‘anomalies’ in the case of a Russian businessman who recently escaped from house arrest.  Artyom Uss, the son of a Russian regional governor, was detained in Italy in 2022.  He is wanted by the United States on charges of violating sanctions.  Following his arrest an Italian appeals court agreed to a house arrest sentence with Uss being outfitted with an electronic monitoring bracelet.  Uss escaped from Italy on March 22, one day after an Italian court ruled that the US extradition request was legitimate.  Uss arrived back in Russia following his escape according to the Associated Press who reported on the escape earlier this month.  Italian media has suggested that Russian intelligence was responsible for Uss’s escape.  Meloni says she has spoken with the Italian Justice Minister and vows to investigate what happened.  Associated Press 

Central & Eastern Europe

Putin Meets China’s China’s Defense Minister. Russian President Vladimir Putin met with Chinese Defense Minister Li Shangfu in Moscow on Sunday.  The two hailed expanding security ties between Russia and China; Putin highlighted joint military drills between both countries and Li said expanding military-technical cooperation between Russia and China will help regional stability and global security.  Putin and Li did not mention Ukraine during their meeting, which experts say may have been meant to signal that the Ukraine war is not affecting China and Russia’s close ties.  Li’s visit to Moscow marks his first official trip abroad since being appointed defense minister last month.  Li was sanctioned by the U.S. in 2018 after facilitating purchases of warplanes and military equipment from Russian arms exporter Rosoboronexport.  South China Morning Post  Associated Press CNN  Al Jazeera  

Eleven Dead, 21 Wounded in Russian Assault.  Russian air strikes on the eastern Ukrainian city of Sloviansk hit residential buildings on Friday, killing 11 people and injuring 21 others, according to emergency services.  The governor of the Donetsk region, Pavlo Kyrylenko, said at least seven spots in the city were hit by seven Russian S-300 missiles. Russian President Volodymyr Zelenskyy condemned the attack, saying “the evil state” of Russia is “just killing people in broad daylight” even in the hours ahead of Orthodox Easter services this past weekend.   Reuters Wall Street Journal

Conflict in Bakhmut Reaches Greatest Severity Since War Began.   Fighting in the eastern Ukrainian city of Bakhmut appears to have reached its highest intensity as Russian forces continue their assault.  Russia’s defense ministry claims Wagner Group mercenaries have taken two more parts of the embattled city in the north and south and are being supported by Russian army paratroopers.  Ukraine’s military maintains that its defenses are holding and that Ukrainian forces are fighting valiantly to keep the city.  Reuters Wall Street Journal

Russia Claims Spring Draft is Moving on Schedule.  Russia’s military says draft plans for the spring are going as scheduled.  The draft will call up 147,000 men between April 1 and July 15 for compulsory military service.  Colonel Andrei Biryukov, a top official overseeing the draft, said first conscripts will be deployed to Russian territory, possibly referring to occupied areas in Ukraine, starting Thursday.  He maintained that some men can still defer service and that the draft does not entail a mass summoning of people of conscript age.  Reports on the conscription effort come after the Russian government passed legislation on Friday that calls for the electronic delivery of draft papers, which is aimed at targeting men who are trying to evade the draft.   Reuters

Poland, Hungary Ban Ukraine Grain, Food Imports.  Poland and Hungary banned imports of Ukrainian grain and other agricultural products to protect their own domestic agricultural industries. Farmers in both countries had raised concerns that their livelihoods were being threatened due to the flood of Ukrainian food imports, which aimed to help Ukraine’s economy amid Russia’s invasion but also caused a drastic decline in food pieces.  The Polish ban reportedly also applies to the transit of Ukrainian goods through Poland, which will block them from reaching other European markets — a move Warsaw said “open the eyes of the E.U.” to the need for Ukrainian food imports to go beyond Poland.  The E.U. criticized the ban as an unacceptable unilateral action and Ukraine said it is engaging with Poland and Hungary on the matter.  Meanwhile, Bulgarian officials said they are considering a similar ban as well.  Reuters New York Times 

130 Ukrainian Prisoners of War Return Home in Latest Prisoner Exchange.  Russia and Ukraine held another prisoner exchange, which has taken place over the last few days, to commemorate the Orthodox Easter.  Russia released 130 Ukrainians for the swap and it is unclear how many Russians Ukraine freed.  Ukraine added it also received 82 bodies of Ukrainian military personnel.  Reuters Al Jazeera

Asia

U.S. Navy Destroyer in Taiwan Strait after Chinese Drills. The USS Milius passed through the Taiwan Strait Sunday as part of a “routine” transit according to the US Navy. Chinese military officials said in a social media post that they monitored the US ship during its transit.  This comes days after China ended a round of three-day exercises around Taiwan.  Al Jazeera Reuters  

War Will Bring “Global Catastrophe,” Claims Taiwan Presidential Candidate. Taiwanese Presidential Candidate and current Vice President William Lai said on Saturday that War with Taiwan would bring about a “global catastrophe” that even China would not be able to withstand. Lai, who is the presidential candidate for the Democratic Progressive Party, made the comment during a campaign event in Tainan Lai.  Reuters

U.S., South Korea, Japan Perform Defense Drills in Response to North Korea. South Korea, the US, and Japan began trilateral naval drills on Monday in response to growing nuclear threats from North Korea. This comes just several days after the three countries agreed to hold regular missile defense and anti-submarine drills with each other. The drills were held in international waters between Korea and Japan, and involved South Korea’s Aegis destroyer, the US guided-missile destroyer Benfold, and the Japanese Atago destroyer. The drills focused primarily on response procedures including detection and information sharing.  Reuters 

Ex-Indian Law Maker in Police Custody Killed on Live TV.  Former Indian lawmaker Atiq Ahmed and his brother Ashraf Ahmed were shot and killed on live television.  The incident happened while the pair were being escorted by police for a medical check up. The two were in prison on convictions of kidnapping. Police have detained three men suspected of being responsible for the shooting. According to media reports, the shooters were posing as journalists and shouted Hindu nationalist chants.  Reuters  Al Jazeera

India Fears Potential Sikh Insurgency, Notices Signs of Separatism. Concerns over a potential revival by a Sikh separatist movement in the northern state of Punjab have risen within the Indian government. Senior security officials say the concerns are due to a rise in conflict in the state over the last five years, with members of the Sikh religion calling for the independent state of Khalistan. There have been several isolated bombings, attacks on religious leaders, and police stations in recent years. Police and reporters are also reportedly hunting for the separatist Amritpal Singh, who many see as trying to take over the place of former Sikh militant leader Jarnail Singh Bhindranwale.  The Washington Post

Japanese Prime Minister Kishida Unharmed in Smoke Bomb Scare During Campaigning.  Japanese Prime Minister Fumio Kishida is reportedly unharmed following a smoke bomb attack at a campaign speech in western Japan. There were no casualties at the event, but a police officer did receive minor injuries. An attendant of the event told Reuters that the suspect who threw the bomb was reportedly taken down by a bystander first before being apprehended by police. The bystander also said that security seemed very relaxed, which has become a concern following former Prime Minister Shinzo Abe’s assassination last July. Reuters

US and Vietnam Hope to Strengthen Ties During Blinken Visit to Hanoi.  Vietnamese Prime Minister Pham Minh Chinh and US Secretary of State Anthony Blinken met in Hanoi on Saturday during Blinken’s first visit to the country. Blinken also met with several other top Vietnamese officials, where they discussed strengthening bilateral diplomatic ties. According to Blinken, strengthening the relationship between the two countries is a top priority for the Biden administration. There were no further details on when there may be a formal agreement, but Blinken did add that he hopes it could happen sometime in the next few months. Reuters

Middle East & Northern Africa

26 Killed by Islamic State Militants in Syria Countryside. Opposition and Syrian state media reported on Sunday that Islamic State militants have killed 26 people who were reportedly foraging for wild truffles in the country’s Hama region.  Among those killed were civilians and military personnel. Islamic State militants have repeatedly preyed on truffle hunters, who work in large groups in remote areas, including an attack in February that killed 53 people. Associated Press

Pahlavi, Exiled Son of Deposed Iranian Shah, Will Visit Israel. Israel’s government said on Sunday that Reza Pahlavi, the exiled son of the Iranian Shah toppled in the 1979 revolution, will visit Israel this week. Mr. Pahlavi’s visit is intended to “create a bridge between Israel and the Iranian people and express joint opposition to the Ayatollah regime”, according to Tel Aviv’s statement. Pahlavi will take place in Israel’s official Holocaust memorial ceremony. Iran’s foreign ministry spokesperson was dismissive when asked about the trip. Reuters

Saudi Arabia Suspends Flights from Sudan, Calls For Return to Dialogue Amidst Clashes. Saudi Arabian Airlines suspended operations at Khartoum International Airport on Saturday after one of its planes came under fire during clashes between the Sudanese military and paramilitary Rapid Support Forces. Separately, the foreign ministers of Saudi Arabia, the United Arab Emirates, and the U.S. held a phone call on Saturday to discuss the ongoing situation in Sudan, according to Saudi’s state news agency, and called for a halt to military escalation and return to a framework agreement intended to transition the country from military to civilian rule. Reuters Al-Arabiya

Sub-Saharan Africa

Clashes Between Sudanese Military and Paramilitary Forces Rage Throughout Sudan, Killing Dozens. Active clashes between the Sudanese military, specifically the Army and Air Force, and Sudan’s Rapid Support Forces (RSF), a paramilitary unit, erupted in full force over the weekend, resulting in the deaths of nearly 100 civilian casualties throughout the country. The fighting has destroyed key infrastructure, including Khartoum International Airport, and left civilians trapped inside their homes with no information about what is happening on the streets. The clashes are the result of a power struggle between Sudanese Army chief General Abdel Fattah al-Burhan and the head of the RSF, General Mohamed Hamdan Dagalo, also known as Hemedti, who are former allies that orchestrated a 2021 military coup that thwarted the country’s transition to democratic elections. On Sunday, the army appeared to gain the upper hand after conducting air strikes on strategic targets in Khartoum, Merowe, and other strategic locations. The military and RSF have respectively claimed to be in control of a variety of strategic locations throughout the country, but their claims cannot be independently verified. The US, China, Russia, UN, African Union, and numerous other countries have called for a cessation of hostilities by both sides and urged them to return to political negotiations, which until last week had been ongoing. Both sides have thus far refused the international community’s pleas; the Sudanese armed forces said they would not negotiate with the RSF unless that force resolved, and Hemedti has called Burhan a criminal. Al Jazeera BBC Reuters NPR

Attackers Kill 40 in Assault on Army and Volunteers in North Burkina Faso. Forty people were killed and another 33 were injured in an attack on army and volunteer forces in northern Burkina Faso on Saturday according to the government. The attack, which was carried out by unidentified attackers, took place in the village of Aorema, near the border with Mali. The area is a hotspot for Islamist groups that have been linked to al Qaeda and the Islamic State. The attack comes just nine days after a similar attack in the same area.   Reuters

Cyber & Tec

China Conducts “Rule Breaking” AI Experiment in Space.  Chinese researchers claim to have conducted a breakthrough artificial intelligence experiment where they gave temporary full control to an AI machine to a satellite in near-Earth orbit.  According to a scientific paper, the scientists gave control of a small observation satellite to a ground-based AI for 24 hours. The AI was directed to look closely at several sites, including the ancient city of Patna in India, which is also where a key Indian Army unit is stationed along the disputed India-China border, and Osaka, a key Japanese port which occasionally hosts U.S. Navy warships.  The test was aimed to see what the AI would do without any human orders.  Researchers say the decision making process the AI used in choosing the locations to monitor was extremely complicated.  South China Morning Pos

Chinese Cyberattacks on US Targets Likely to Coincide with Taiwan Invasion.  U.S. experts and officials are looking more closely at the potential for China to launch cyber attacks at U.S. targets in tandem with an invasion of Taiwan.  Such attacks would hit critical transport, communications and utilities infrastructure operators and take down the networks of key businesses to disrupt U.S. military installations and operations.  While China has yet to launch such devastating attacks, the intelligence community says Beijing is capable of doing so.  The Cipher Brief also covered this topic here with expert commentary from Gen. (Ret.) Keith Alexander and others.  Politico The Cipher Brief

CISA Warns of Chinese App Exploiting Android Bug to Spy on Users. On Sunday, CISA warned of a high-severity Android vulnerability it believes has been exploited by a Chinese e-commerce app, Pinduoduo, as a zero-day to spy on its users. The Android Framework security flaw allows attackers to escalate privileges on unpatched Android devices without user approval. Google suspended the app on March 21 after discovering malware in off-Play versions of the app, and Kaspersky researchers revealed later that month that they had also found versions of the app exploiting Android vulnerabilities. Federal agencies have until May 4 to secure their devices against the new vulnerability. CISA also ordered federal agencies to patch iPhones and Macs against two security vulnerabilities by May 1. BleepingComputer

Cyberspace Commission Calls for Designating Space Systems as Critical Infrastructure.  The Cyberspace Solarium Commission is recommending that the White House designate space systems as critical infrastructure which requires stronger protection against cyberattacks.  The panel argued that the designation would close gaps in the security of vital space systems, like satellites and ground stations, and signal that cybersecurity and resilience is a top priority for the U.S.  And since no signal agency oversees space infrastructure, the panel is also recommending that NASA be designated the “risk management sector agency” in charge of space systems and that it should receive an initial $15 million in additional funding annually to take on these new risk management duties.  CyberScoop FDD The Record

German Interior Ministry Examining Chinese Components in 5G Network. German Interior Minister Nancy Faeser told Bild am Sonntag newspaper that the ministry is planning to look into Chinese components installed in Germany’s 5G network. This comes as Berlin considers banning components from Chinese companies Huawei and ZTE, and evaluates China and Germany’s trade relationship.  Reuters

Israeli Irrigation Industrial Control System Disrupted by Cyberattack. Irrigation systems at farms in the Jordan Valley, as well as wastewater treatment plants owned by the Galil Sewage Corporation were reportedly targets of a cyberattack according to The Jerusalem Post. According to the report, farms in the region had been notified by Israel’s National Cyber Directorate to disable remote connections to the irrigation systems due to the risk of a cyberattack. Around a dozen farms failed to do so, and were victims of the cyberattack. According to Michael Langer of Radiflow, the hackers targeted programmable logic controllers made by the company Unitronics. These attacks are part of an ongoing anti-Israel hacktivist campaign known as OpIsrael.  Security Week

Kremlin-Backed Hackers Tied to Spying on EU, NATO Diplomatic Agencies. A report from Poland’s cybersecurity agency alleges that the Kremlin linked hacking group Nobelium is responsible for a spying campaign that has targeted several NATO, EU, and African countries. Most prominently, the group is linked to the 2020 SolarWinds supply chain attack that led to a series of data breaches in thousands of worldwide companies. The group has also reportedly carried out cyberattacks against Ukraine, international governments, think tanks, and nonprofits that are supporting Ukraine. The group has recently launched a new phishing campaign targeting international personnel by posing as the embassies of European countries. The email typically includes a malicious PDF or link that invites the targeted person to access the ambassador’s calendar. It then leads the personnel to a compromised website which allows the hackers to place malicious files on the victims’ computer.  The Record

Fake ChatGPT Extension Risks Compromise of Thousands of Facebook Accounts. A fake ChatGPT browser extension downloaded by thousands of people has put their Facebook accounts at risk of compromise, according to researchers at CybelAngel. CybelAngel declined to share which specific fake ChatGPT browser extension was the source, but noted it was available for Chrome. Unidentified threat actors laced the extension with what is known as “infostealer” malware that collects all of the data stored in someone’s browser, including stored passwords and credit card information. The database reportedly includes more than 4 million login credentials across personal and corporate accounts, but the threat actors appeared to only be abusing collected Facebook credentials from 40,000 users to take over those accounts. The Chrome extension in question has been removed from the Play Store, but the database included login credentials for at least 6,000 corporate accounts and 7,000 VPN accounts. It has since been wiped and held for ransom by another threat actor. Axios

Read deeply-experienced, expert-driven national security news, analysis and opinion inThe Cipher Brief