All posts in Intelligence

Islamic State fighters number far more than first thought, says CIA

US officials are shocked at the “Islamic State’s rapid growth.” Now, the CIA estimates that the Islamic State has somewhere between 20,000 to 31,500 fighters within its ranks. That number may include “some 15,000 foreign fighters in Syria alone, including 2,000 Westerners,” Al Jazeera reported, which noted the estimate is “far more than first thought.”

Islamic State fighters in Iraq and Syria number around 20,000 to 31,500 — a figure far higher than previously estimated, the Central Intelligence Agency has said.The new calculation includes some 15,000 foreign fighters in Syria alone, including 2,000 Westerners, a U.S. intelligence official told the AFP news agency on Thursday.

“The number is much higher than a previous estimate of 10,000,” Al Jazeera continues.

The scope of the operation, including the territory covered, indicates that tens of thousands of ISIS fighters participated in the recent fighting. The group is estimated to have anywhere around 50,000 members, thousands of foreign fighters and is more of an army rather than a smaller extremist group.

How the U.S. Could Escalate Its Name-and-Shame Campaign Against China’s Espionage

Chinese companies believed to be benefiting from stolen secrets could be the next target of U.S. action to curb industrial espionage.

Earlier this week the U.S. Department of Justice indicted five Chinese military officers for industrial espionage, accusing them of leading attacks on the computers of U.S. companies including U.S. Steel and Westinghouse to gather material to be passed on to Chinese companies.

The move puts U.S. policy in line with experts who have argued that only naming and shaming the perpetrators, and pursuing them through legal action, will rein in such attacks. Digital IP theft is now normal for U.S companies, although few victims disclose the fact.

Dmitri Alperovitch, cofounder and chief technology officer (see “TR35: Dmitri Alperovitch”) of the security company Crowdstrike, a company that offers new ways to trace and fight back against cyberattacks, told MIT Technology Review’s Tom Simonite how the U.S. could use its new strategy to increase the pressure on China even further.

How do you know if an RNG is working?

Last week, Edward Snowden spoke to a packed crowd at SXSW about the many problems (and limited solutions) facing those of us who want to keep our communications private. Snowden said a number of things — including a shout out to Moxie’s company Whisper Systems, who certainly deserve it. But instead of talking about that, I wanted to focus on (in my opinion) one of Snowden’s most important quotes:

We need all those brilliant Belgian cryptographers to go “alright we know that these encryption algorithms we are using today work, typically it is the random number generators that are attacked as opposed to the encryption algorithms themselves. How can we make them [secure], how can we test them?”

Now it’s possible I’m a little biased, but it seems to me this cuts to the core of our problems with building secure systems in an increasingly hostile world. Namely: most encryption relies on some source of “random” numbers, either to generate keys or (particularly in the case of public key encryption) to provide semantic security for our ciphertexts.

What this means is that an attacker who can predict the output of your RNG — perhaps by taking advantage of a bug, or even compromising it at a design level — can often completely decrypt your communications. The Debian project learned this firsthand, as have many others. This certainly hasn’t escaped NSA’s notice, if the allegations regarding its Dual EC random number generator are true.

All of this brings us back to Snowden’s quote above, and the question he throws open for us. How do you know that an RNG is working? What kind of tests can we run on our code to avoid flaws ranging from the idiotic to the highly malicious? Unfortunately this question does not have an easy answer. In the rest of this post I’m going to try to explain why.

UN Team to Begin Syria CW Site Inspections ‘Within Next Week’

The Organisation for Prohibition of Chemical Weapons (OPCW) is reviewing additional information received from Syria about its chemical weapons stockpiles, a United Nations spokesperson has said, ahead of onsite inspections and initial disabling of equipment which could start as early as next week. The OPCW Technical Secretariat, which together with the UN forms the team tasked with overseeing the destruction of Syria’s chemical weapons production facilities, received information that was “additional to the disclosure on its chemical weapons program which Syria submitted on September 21,” UN spokesperson Martin Nesirky told reporters at UN Headquarters in New York on Friday.

India Flooding World with Tainted Drugs, and Getting Away with It

Each time we take medicine, we assume that the manufacturer did its best to produce a quality product. Evidence is mounting, however, that some pharmaceutical manufacturers in countries like India cut corners and send low-quality products to major, developed markets. Worse still, they may have separate production lines for drugs they sell in developing markets like Africa, where poor quality is more likely to go unnoticed.

In mid-2013, India’s largest drugmaker, Ranbaxy, pleaded guilty in a U.S. court to several criminal offenses relating to the fraudulent manufacture and sale of adulterated drugs. (The United States is the biggest importer of generic Indian drugs.) Among other revelations, Ranbaxy’s executives acknowledged that “more than 200 products in more than 40 countries” are affected by “elements of data that were fabricated to support [Ranbaxy’s] business needs.” In other words, Ranbaxy made up facts and figures to demonstrate product safety for myriad drugs, including critical HIV medicines paid for by U.S. tax dollars and destined for the poor in Africa. As a consequence, the company was fined $500 million.

Meet Abu Omar: Al Qaeda Busted Him Out of Abu Ghraib. Now He Fights in Syria

Waiting for the tram in the southern Turkish city of Gaziantep, Abu Omar is on his way to the mall. No groceries today, his shopping list includes a Turkish-made tablet computer and a small GPS navigation device loaded with digital maps of the Middle East.

“It’s nothing special,” says Abu Omar, an Iraqi national, as he puts the goods in his rucksack. “But this stuff might come in handy after I make it to Syria.”

Abu Omar, a handsome young man with long black hair, is not the only one making the trek to Syria. Hundreds of Iraqi prisoners, mostly suspected or convicted jihadists, were freed in July after al Qaeda-linked militants staged a deadly jailbreak at the notorious Abu Ghraib prison near Baghdad. At the time, Iraqi and Western authorities feared that some of those men would travel to Syria, helping to fuel the rise of extremist groups there. Those fears have now become a reality.

Shabaab Plot to Attack London Planned to be ‘Similar to…Mumbai’

A document found after Somali troops killed Fazul Abdullah Mohammed, al Qaeda’s former leader in East Africa and a senior Shabaab commander, details a plot to conduct multiple Mumbai-like attacks that target civilians in London. The plot highlights how al Qaeda and Shabaab seek to strike civilian targets outside Somalia, and foreshadowed Shabaab’s attack on the Eastgate Mall in Kenya this week.

The document and several others found in Fazul’s possession after he was killed by Somali troops at a checkpoint in Mogadishu in June 2011 were obtained by the Toronto Star. A copy of the document was also obtained by The Long War Journal. The Canadian newspaper reported that “dozens of documents, Internet frame grabs and media reports in English, Arabic, Somali and Swahili, along with more than 50 video clips” were also found in Fazul’s car.

Are You Looking at An Official Shabaab Twitter Account?

Not long after Shabaab took responsibility for the Westgate mall attack, Twitter shut down the terror group’s official account. Although Twitter has acted against Shabaab’s accounts a couple times in the past, it had never done so while the jihadist group was live-tweeting one of its attacks.

As in the previous instances, Shabaab quickly returned to the social media platform to spew its hate and propaganda. At the same time, copycat accounts emerged, which led to false reporting and a bit of confusion for observers not used to following the al Qaeda affiliate on Twitter.

Shabaab Threatens ‘Big Surprise’ As Siege at Kenyan Mall Continues

Shabaab-tweet-big-surprise.jpg

As Shabaab fighters continue to hold out inside the Westgate Mall in Kenya for the fourth day after assaulting the upscale shopping center on Saturday, the al Qaeda group’s media arm on Twitter threatened that a “big surprise” was in store for Kenyans. Shabaab released the following statement on Twitter just minutes ago:

The Kenyan govt and FM haven’t the faintest idea of what’s going on inside #Westgate mall. Rest assured, Kenyans are in for a big surprise!

The group did not detail the nature of the “big surprise” (or it wouldn’t be a surprise), but previous tweets over the past few hours indicate that the members of the assault team are holding their ground, despite claims from Kenyan officials last night that the mall has been secured, and the team still has hostages.

How a Crypto ‘Backdoor’ Pitted the Tech World Against the NSA

In August 2007, a young programmer in Microsoft’s Windows security group stood up to give a five-minute turbo talk at the annual Crypto conference in Santa Barbara.

It was a Tuesday evening, part of the conference’s traditional rump session, when a hodge-podge of short talks are presented outside of the conference’s main lineup. To draw attendees away from the wine and beer that competed for their attention at that hour, presenters sometimes tried to sex up their talks with provocative titles like “Does Bob Go to Prison?” or “How to Steal Cars – A Practical Attack on KeeLoq” or “The Only Rump Session Talk With Pamela Anderson.”

Dan Shumow and his Microsoft colleague Niels Ferguson titled theirs, provocatively, “On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng.” It was a title only a crypto geek would love or get.