Tuesday, May 16, 2023
The Cipher Brief curates open source information from around the world that impacts national security. Here's a look at today's headlines, broken down by region of the world:
In the Americas
US Special Counsel’s Highly Critical of FBI's Handling of 2016 Trump-Russia Investigation. US Special Counsel John Durnham has concluded his four-year probe of the FBI’s handling of the investigation into potential links between former President Donald Trump and Russia. The 306-page report, which was released on Monday, concludes that the FBI and the Intelligence Community did not possess any actual evidence that warranted a full investigation of Trump. The report stops short of saying that political bias drove the investigation but does cite evidence of strong political views present in some of the investigators. Durnham says that “confirmation bias” that there was a connection between Trump and Russia was clearly present during the investigation. Durnham also accuses the bureau of treating the Trump investigation differently than other politically sensitive investigations including Trump’s Democratic rival at the time, Hillary Clinton. In response to the report the FBI says it has implemented dozens of corrective measures. Reuters Politico New York Times CNN
White House Says Russia Seeking Drone Replenishment. On Monday, White House National Security spokesman John Kirby told reporters that the US believes Russia has used up almost all of the 400 Shahed drones it purchased from Iran, and is seeking to replenish its inventory. Kirby says Russia used most of the drones to attack Ukrainian critical infrastructure and accused Iran of “directly enabling” Russia’s war against Ukraine. Kirby also says that Russia is looking to purchase even more advanced drones with increased “lethality”. The latest announcement by the US is part of a consistent ‘drip’ of intelligence designed to show the strengthening defense partnership between Tehran and Moscow. Moscow’s reliance on Iran and North Korea to support its war in Ukraine also demonstrates, the Biden administration has said, the desperation that Russia faces. Associated Press
Congressional Staffers Attacked. A man is in custody after attacking two staffers at the Virginia offices of Democratic US Representative Gerry Connolly on Monday. The attacker allegedly walked into the office with a metal baseball bat and asked to meet Rep. Connolly before attacking the two staffers. One of those attacked was an intern on their first day of work. The two staff members were treated for the non-life-threatening injuries. Speaking to the media, Rep. Connolly told reporters that the suspect had never made any threats towards them, so the attack was unexpected. Associated Press Wall Street Journal
Former US Embassy Employee Allegedly Being Held in Moscow. According to Russia’s state news agency Tass, Robert Shonov, a former US Embassy employee in Russia, is being held in Moscow after being arrested and charged with conspiracy. The report from Tass came from an anonymous law enforcement official, while the US State Department spokesperson Vedant Patel told reporters that the State Department has seen the report, but they do not have any information to offer at the time. Shonov is allegedly being held in Lefortovo prison in Moscow, and a court date has not been set. New York Times
U.S. Returned 2,400 Migrants to Mexico Since Title 42 Expiration. Since the Covid-19-related Title 42 border control policy expired last week, the U.S. has returned 2,400 migrants, many of them Nicaraguan, Cuban, and Venezuelan, back to Mexico. Thousands more were sent back to their home countries, and Mexico and Guatemala have begun to bolster their borders by deploying military forces and police. Thus far, there has been no significant increase in the amount of border crossings after the expiration of Title 42 as feared, according to a top DHS official. A new asylum policy has appeared to prevent this by helping restrict illegal migration by expelling migrants if they failed to apply for protection in countries they passed through on their way to the US or go through the proper US immigration application procedure. Al Jazeera
TSA Testing Facial Recognition Tech, Faces Scrutiny for Privacy Concerns. The Transportation Security Administration is implementing a pilot project testing facial recognition at airports around the U.S. The program, which is available at 16 American airports and is optional for travelers, has raised many concerns over privacy rights. Critics of the new technology are raising issues such as the possibility of bias against minorities, concerns over the way data is collected and who has access to it, and the technology’s vulnerability to hackers. Five US senators argued in a letter to TSA that such technology and surveillance “represents a risk to civil liberties and privacy rights.” Though participation in the program is voluntary at this point, the chief of TSA said in April that the technology will eventually be rolled out in a mandatory manner because of its efficiency. Associated Press
Western Europe
Russia Rejects Emmanuel Macron’s Comments on Russian Subservience to China. Moscow pushed back on French President Emmanuel Macron’s recent comments on the Russia-China relationship by saying that the West should get used to a world with a strategically aligned Russia and China. Macron, speaking to French media, said that Russia was becoming a vassal state to Beijing, brought on by the rapid isolation Russia now felt following the Ukraine war. Macron highlighted the growth in NATO in the Baltic region with the addition of Finland and the expected membership of Sweden as changes that would have been unthinkable just a few years ago. Kremlin spokesman Dmitri Peskov rejected that assertion and says the relationship between Beijing and Moscow is based on strategic partnership and has nothing to do with dependance. Russian Deputy Foreign Minister Alexander Grushko said in a statement that Macron and other western leaders would have to reconcile with a new world order that includes “strong, equitable and mutually respectful relations between Moscow and Beijing.” (Ed. Note- numerous Cipher Brief Experts with deep experience in Russia also share the view that Moscow is the “JV partner” in the relationship with China, and the strategic partnership with Beijing is one of convenience that strongly favors China.) South China Morning Post
European Leaders Meeting on Ukraine in Iceland. European leaders will meet for a two-day Council of Europe summit in Iceland starting Tuesday to show support for Ukraine. It is only the fourth time that the 46-member Council of Europe has called a summit since it was founded after World War II. According to a draft of the summit’s final declaration seen by media outlets, leaders at the meeting are expected to establish a Register of Damages, a mechanism to record and document evidence and claims of damage and loss caused by Russian forces in the Ukraine war. Reuters
Central and Eastern Europe
Ukraine Claims it Repelled Significant Russian Hypersonic Missile Attack. Russia launched a significant missile and drone assault early Tuesday, including against the capital Kyiv, Ukrainian air defenses thwarted much of the attack, including by allegedly downing six Russian hypersonic Kinzhal missiles. Ukrainian Armed Forces chief General Valerii Zaluzhnyi reported that the Kinzhals were intercepted, along with nine Kalibir cruise missiles and three land-based Iskander missiles. It is the first time Ukraine has claimed to have destroyed a volley of hypersonic Kinzhal missiles, which Russia has touted as an unstoppable super weapon. If confirmed, the successful Ukrainian defense against the weapon would demonstrate the effectiveness of new Western-provided air defense systems in Ukraine. Earlier this month, Ukraine claims it shot down a single Kinzhal missile for the first time with a newly deployed U.S. Patriot air defense system. The latest Russian missile attacks came a day after Ukrainian intelligence claimed that Russia can no longer launch “large-scale offensive actions” due to a lack of resources. The claim added that Russia is facing some missile shortages, though it still has enough S-300 anti-air missiles for continued air attacks. CNN Reuters
Zelensky Concludes Europe Tour With Reaffirmed Support, New Weapons. Ukrainian President Volodymyr Zelensky has completed his tour of Western Europe, which included stops in Italy, Germany, France, and the UK. The visits were aimed at shoring up long-term European political and military support for Ukraine amid Russia’s ongoing invasion. Zelensky’s Western counterparts pledged most military support he asked for, including new missiles, tanks, and drones, though they remain reluctant on supplying Kyiv with long sought after fighter jets over concerns about escalating NATO’s role in the conflict. Associated Press Reuters
Ukraine Hits Russian Forces in Luhansk. Ukraine has reportedly launched air strikes against targets deep inside Russian-held territory, including in the eastern Luhansk region. Local Russian-installed officials say Ukrainian forces hit an administrative building used by the Russian military in Luhansk city on Monday using new British-supplied Storm Shadow missiles. Separately, another explosion in the city seriously injured the Luhansk separatist “republic’s” interior minister. The latest attacks suggest Ukraine is quickly making use of new long-range missile capabilities from the West to target Russian command and control centers alongside other military targets ahead of an expected Ukrainian offensive. The Guardian
Chinese Envoy Headed to Ukraine and Russia. Former Chinese ambassador to Moscow Li Hui is traveling across Europe, with stops planned in Ukraine, Russia, Poland, France, and Germany, to help facilitate peace in Ukraine. The Chinese foreign ministry said Li’s European visit will show “China’s commitment to promoting peace and negotiations.” However, most experts do not yet see an end to the conflict, as neither Ukraine nor Russia appears ready to enter negotiations. China has sought to position itself as a mediator in the war, seen most clearly in its February peace plan proposal, which the US has rejected, and Ukraine has said lacks requirements for the withdrawal of Russian forces. Despite the professed neutrality of China in the conflict, Beijing has maintained close ties with Moscow. Associated Press
Analysis: Latvia’s Struggle to Contain Russian Influence. Deutsche Welle is out with a lengthy analysis that examines the issue of Russian language and media and its influence in Latvia, a former Soviet State and now member of the EU and NATO. Citing local sources and regional experts, the report analyzes the nature of Latvian populations in areas that border Russia, examines Russia’s sizable influence in the country through the use of its media and what steps the current Latvian government is taking to limit Moscow’s ability to spread influence in its borders. Deutsche Welle
Asia and Oceania
Top Chinese General Urges Focus on Unconventional Warfare Capabilities. General Wang Haijiang, the commander of China’s People’s Liberation Army’s Western Theater Command is calling for the expansion of China’s unconventional warfare capabilities. In an article in an official newspaper, Wang wrote that the Ukraine war has shown that hybrid warfare has expanded, seen in the use of "political warfare, financial warfare, technological warfare, cyber warfare, and cognitive warfare.” Wang argues that Beijing must consider these areas to successfully counter perceived threats from the West and other new “black swan” and “gray rhinoceros” security challenges. He adds that despite China’s significant level of defense spending, its military has not seen serious combat since a brief conflict with Vietnam in 1979, so it must invest in novel capabilities, including artificial intelligence, information networks and space systems, to ensure combat-readiness. (Ed. Note- Black Swan events are commonly described as unlikely and unpredictable but with high impact if they do occur. Gray Rhino events are probable, likely to occur and also have high impact, but are generally ignored.) Reuters
China Sentences American to Life in Prison on Espionage Charges. A Chinese court on Monday sentenced 78-year-old American and Hong Kong resident John Shing-Wan Leung to life-in-prison on espionage charges, in a case that could intensify the already heightened tensions between Washington and Beijing. Leung, who has been imprisoned since April 2021, was tried in the city of Suzhou near Shanghai. There has not been much information provided concerning the details of his charges, as is typical for Chinese trials involving spying. Leung’s sentencing comes after China expanded its anti-espionage laws last month. Associated Press Wall Street Journal
China, Central Asia to Boost Ties in Major Summit. China and five Central Asian countries – Kazakhstan, Kyrgyzstan, Tajikistan, Turkmenistan and Uzbekistan – are meeting on Thursday for the first China-Central Asia summit. Beijing says the summit, which will be led by Chinese President Xi Jinping, will be the “first major diplomatic event that China hosts this year” and that it is a “milestone” which will “open a new era of cooperation” between China and Central Asian partners. The summit will reportedly focus on issues like the Ukraine war and Afghanistan. It will take place in the northwestern Chinese city of Xian and coincide with the Group of Seven leaders’ summit in Hiroshima, Japan. China has sought to expand ties with Central Asia to bolster its energy security and expand trade, as well as ensure stability in its western Xinjiang region. Central Asian nations, which have traditionally been in Russia’s sphere of influence, are seeking stronger relations with Beijing amid the Ukraine war; the conflict has caused Central Asian countries to reassess their dependency on Russia’s economy and sparked concerns that their territories may be targeted by Moscow next. South China Morning Post
Middle East and Northern Africa
Palestinian President Abbas Calls for Israel UN Suspension on Nakba Anniversary. Palestinian President Abbas pressed the UN on Monday to suspend Israel’s membership until the implementation of resolutions creating Arab and Jewish states and permitting the return of Palestinian refugees. The urgings came at the first UN sponsored commemoration of the 7th anniversary of the Nakba, the displacement of an estimated 700,000 Palestinians following the 1948 partition of Palestine into Arab and Jewish states. Abbas spoke at the commemoration, criticizing Britain and the US for their roles in the “catastrophe” and the broken vows of Israel to form an Palestinian state in 1947 and 1948. Israel condemned the commemoration as an “abominable event” and an attempt to “distort history.” Israel and the U.S. boycotted the event. The commemoration comes amid increased tensions and violence between Palestine and Israel. Al Jazeera Associated Press
Libya’s Eastern-Based Parliament Suspends PM. Libya’s eastern-based parliament voted to suspend its appointed Prime Minister Fathi Bashagha on Tuesday. Bashagha was appointed last year but has been unable to enter the capital Tripoli to remove his rival Prime Minister Abdulhamid al-Dbeibah, who heads the UN-recognized Government of National Unity. The eastern-based parliament has assigned finance minister Osama Hamada to fill Bashagha’s position. Al Jazeera
Sub Saharan Africa
Russia, Ukraine to Receive African Delegation for Peace Negotiations. South African President Cyril Ramaphosa announced Tuesday that Russian President Vladimir Putin and Ukrainian President Volodymyr Zelensky have agreed to meet a group of African leaders to discuss a potential peace plan to end the Ukraine war. The South African Presidency said Putin and Zelensky will meet the African delegation in their respective capitals Moscow and Kyiv. Ramaphosa says the US and Britain have expressed “cautious” support for the plan, which is backed by the heads of Senegal, Uganda, Egypt, the Republic of Congo, and Zambia. Further details on the plan have not been made public, though Ukraine has made clear any peace proposals must include provisions for Russia to withdraw from all Ukrainian territory. Reuters
Cyber and Tech
Space Force Plans First ‘Orbital Warfare’ Exercise This Summer. The first exercise by the U.S. Space Force focused on “orbital warfare” will be held this summer. Maj. Gen. Shawn Bratton, commander of the Space Training and Readiness Command (STARCOM), said the “Red Skies” exercise will explore how to deal with an orbital warfare problem set, including challenges of intelligence, command and control, and operations. Bratton noted that a series of “Skies” exercises have prepared Space Force units through tactical experiences testing “the specific readiness issues of each of the units, the crew force, within the Space Operations Command.” Previous “Black Skies” exercises focused on electronic warfare and defense of space assets against jamming attacks. In preparing for “Red Skies,” Bratton described a STARCOM experiment in which “orbital warfare and aggressor units” operated a Tetra-1 experimental small-sat in an orbit above the altitudes normally used by operational satellites. The satellite undertook maneuvers simulating a close approach to another satellite which required exercise units to consider “implications” of the maneuvers. Breaking Defense
Annual Beijing Technology Forum To Focus on AI, Global Cooperation. A state-backed technology exhibition known as the Zhongguancun Forum will begin in Beijing on May 25 and will spotlight artificial intelligence and global cooperation, according to event organizers. The theme of the forum, “Open Cooperation for a Shared Future,” will bring together representatives of nearly 200 foreign government and private-sector organizations representing 80 countries. Foreign speakers during the six-day event account for more than 40 percent of the presentations planned. Included among the 650 exhibitors are the German industrial technology firm Siemens and healthcare company Merck Sharp & Dohme. According to Beijing Vice Mayor Yu Yingjie, 120 foreign exhibitors will participate in the forum. The Zhongguancun Forum has been held each year since 2007 under the sponsorship of state bodies, including the Ministry of Science and Technology, the National Development and Reform Commission, the Ministry of Industry and Information Technology and the Chinese Academy of Sciences. South China Morning Post
New Ransomware Group Employing Babuk Code Claims 2.5 Terabyte Theft. Taking advantage of the widely available Babuk ransomware code, a new threat actor, RA Group, has posted data on its leak site it claims was extracted from four targets, including three in the U.S. The group says that it has stolen 2.5 terabytes of data from an insurance company as well as a firm dealing with financial services and an electronics component supplier to the aerospace and military sectors. Ransom notes obtained by the Cisco Talos cybersecurity firm warn that the victims must pay within three days before a sample of stolen data is posted, and seven days before a “full set” is exposed. On Thursday, SentinelLabs researchers identified 10 distinct ransomware families deploying VMware ESXi hypervisor lockers derived from the leaked Babuk code. CyberScoop
Canadian Oversight Body Cites 'Systemic Difficulties' in Reviewing Digital Spy Agency. Records from a Canadian government oversight agency conclude that a culture of “resisting and impeding” outside reviews has hampered efforts to ensure the country’s cyberspy service is following the law. Assessments of the National Security and Intelligence Review Agency (NSIRA) from 2021 indicate that Canada’s digital espionage agency, the Communications Security Establishment (CSE), was responsible for “long-standing and systemic difficulties'' that prevented NSIRA from carrying out its review functions for national security activities. Reportedly, steps toward better relations between the oversight agency and the CSE have been taken “in recent months.” The CSE is a key player in the “Five Eyes'' intelligence-sharing community involving Canada, the U.S., Britain, Australia and New Zealand. Toronto Sun
Pentagon Updates Cyber Doctrine for ‘Expeditionary Cyberspace Operations.’ An important update of Department of Defense doctrine cyber operations defines “expeditionary cyberspace operations,” that is, cyber activities requiring cyber force deployments. Published in December, the doctrine articulated in “Joint Publication 3-12 Cyberspace Operations” reflects the need for tactical capabilities to access targets beyond the scope of current cyber forces. While enhanced tactical capabilities still require central coordination, the document acknowledges circumstances that require close-in access using “expeditionary [cyber operations].” Operations of this kind, the document states, “are key to addressing the challenge of closed networks and other systems that are virtually isolated.” The doctrine also recognizes the global scope of cyber operations that might require “reach-forward” capabilities supporting “multiple combatant commands simultaneously.” DefenseScoop
UK Experimental Web Surveillance Program Poised to Expand Nationwide. Britain is testing a surveillance technology that collects and stores “Internet connection records” (ICR’s), the web histories of individuals’ online activity. Plans are under way to introduce the system nationally, a prospect that would give law enforcement a potent tool for monitoring web data. The ICR system has been criticized as an intrusive tool in the hands of authorities who have “a history of not properly protecting personal data.” Under the Investigatory Powers Act (IPA) passed in 2016, provision was made for law enforcement and intelligence agencies to store ICR’s with the approval of a senior judge. A Home Office review of the IPA concludes that the National Crime Agency (NCA) has tested the “operational, functional, and technical aspects” of ICR’s and found a “significant operational benefit” of collecting the records. A separate independent IPA review is due to be published this summer. The NCA says it is still evaluating the use of ICRs, and that “data exploitation is essential” to its work. Wired
Apparent Cyber Attack Impacts Philadelphia Inquirer Operations. An apparent cyberattack has forced the Philadelphia Inquirer to remain closed through Tuesday even as the newspaper’s reporters are covering the city’s Democratic mayoral race primary. Inquirer computer systems affected by an “anomalous activity” have been taken offline. The newspaper’s CEO, Lisa Hughes, said “we continue to provide Philly and the region with the latest news at Inquirer.com, on our e-Edition, and through print editions.” The newspaper has hired a risk advisory firm to restore affected systems and investigate the incident. A newspaper spokesperson declined to say if the disruption was a ransomware attack. CNN The Inquirer
Read deeply-experienced, expert-driven national security news, analysis and opinion inThe Cipher Brief
