ColdWarUSAF

14 ARRESTS IN SPAIN AFTER COCAINE FOUND IN BOXES OF A4 PAPER

Europol supported the Central Narcotics Unit and the Central Money Laundering Unit of regional Catalan police (Mossos D’esquadra) in arresting 14 members of an international criminal organization trafficking cocaine and laundering money.

Ten members of the criminal organization have been sent to prison.

The investigation began in December 2018 when 1 413kg of cocaine was found at a company near Barcelona. The drugs were hidden inside 800 boxes of A4 paper that came from Brazil. The true content of the boxes was only discovered when a company employee took one of the boxes and dropped it by accident. Two people were arrested in Spain and the investigation revealed that ten people had been smuggling drugs from Brazil as part of a criminal organization.

To launder the money they gained from drug trafficking, the suspects created a whole business structure with different companies, such as real estate investments or fashion stores in Barcelona. Another way to launder money was to use people (‘mulas’) that periodically made small cash deposits at several bank branches.

On 4 February the regional Catalan police carried out 13 simultaneous house and company searches to dismantle the structure of this smuggling organization, and, together with the Spanish National Police (Policía Nacional), carried out one house search on the Balearic Island of Mahon. Money in several currencies, mobile phones, four simulated weapons, three cars, two motorcycles and several properties were all seized and two marijuana plantations were dismantled.

Two Europol experts were deployed for on-the-spot support to extract data from the mobile phones of two of the detainees. A member of Spain’s Europol National Unit also assisted during the action day.

Europol.europa.eu (February, 2020) 14 ARRESTS IN SPAIN AFTER COCAINE FOUND IN BOXES OF A4 PAPER

DOD Has Enduring Role in Election Defense

The Defense Department plays an important role in that whole-of-government partnership, spearheaded by the NSA and Cybercom’s Election Security Group, formed in the wake of the successes of the Russia Small Group during the 2018 midterms.

Voting has begun for the 2020 presidential election primary season — but it’s not the beginning of the U.S. government’s defense against foreign interference and influence in our elections.

At the Reagan National Defense Forum in December 2019, Army Gen. Paul M. Nakasone, U.S. Cyber Command commander and director of the National Security Agency, laid out the Defense Department’s role in election security. “We began the ability for us to defend the presidential elections not today, not six months from now. We began it the day after the midterm elections,” he said, “We have not let up in terms of our ability to understand what our adversaries are doing.”

David Imbordino, the NSA election security lead, and Army Brig. Gen. William Hartman, Cybercom’s election security lead and commander of Cyber National Mission Force, co-lead the joint Election Security Group. Its purpose is to align the two organizations’ resources, efforts and actions to disrupt, deter and degrade adversaries’ ability to interfere and influence the U.S. elections.

“The biggest success out of 2018 wasn’t the 2018 midterms,” Hartman said. “The biggest success was we put in place, both organizationally and from a business practice standpoint, a focus on an enduring mission to protect the democratic process.”

The Election Security Group’s primary objectives are to generate insights on foreign adversaries that lead to improved cyber defenses and to impose costs on countries that seek to interfere. It directly supports partners, such as the Department of Homeland Security and the FBI, by collecting, declassifying and sharing vital information to enable agencies’ efforts in election security.

“[The FBI will] engage with social media companies,” Imbordino said. “That information can enable a social media company to then use their platform, where they have very unique insights that we don’t have, to mitigate and potentially unravel [malicious] social media influence campaigns.”

When NSA and Cybercom see a cyberattack happening against a certain victim, they communicate that information to appropriate government offices, which, in turn, work with private-sector partners to provide notification and enable future cyber defense.

“We look at adversary meddling in an election on two different fronts. One is covert influence, and then there’s interference,” Imbordino said. “For interference, what we’re talking about is an adversary trying to go change a vote total, targeting election infrastructure, voter rolls. Influence is more of the social media component of trying to influence public opinion.”

“It’s not enough to just know and understand what our adversaries are doing,” he continued. “The nation expects us to do something about it. Enabling our partners with the right information at the right classification level they need to take action to defend our democracy against these threats is essential and allows all of the tools of the government to be employed in this fight.”

Guiding all of Cybercom’s efforts is their underlying framework for the continuous execution of cyberspace operations, known as persistent engagement — the concept of constant contact with adversaries in cyberspace, engaging beyond DOD networks to “defend forward,” officials said, noting that persistent engagement enables Cybercom to be postured to impose cost against foreign malicious actors before they reach the homeland.

An example of persistent engagement in action is “hunt forward” operations that involve deploying defensive cyber teams around the world at the invitation of allies and partners to look for adversaries’ malicious cyber activity. These teams send insights back from these missions, enabling defense for U.S. and partner networks, and providing real-time situational awareness for Cybercom to better protect the nation from foreign attacks in cyberspace.

“In a hunt forward operation, we are able to work with partner nations and receive an invitation to execute operations in their country,” Hartman said. “These are generally countries that are in the near abroad of adversaries that we’re potentially concerned about.”

Hunt forward operations produce detailed information identifying risks and threats to critical infrastructure, networks and data. These insights will enable the U.S. to detect and defend against potential cyber threats to the upcoming 2020 elections, he explained.

If malware is discovered on hunt forward operations, Cybercom can publicize malicious software through antivirus portals, imposing costs of time, money and access on the adversary.

Another way the combined Cybercom and NSA Election Security Group enables defense is through the National Guard Bureau.

National Guard members supporting their state and local elections have the ability to share information to various organizations within the Election Security Group. The group will then use national-level intelligence to assess whether there is a foreign threat before providing that information to the National Guard, DHS and FBI.

“The primary way that we work with the states is really working by, with and through DHS and FBI, which is absolutely a critical component of how we interact,” Hartman said. “And the National Guard is present in all 50 states, three territories, and District of Columbia, which allows us to potentially look at something that may be occurring in the United States and see if we can track that activity to any foreign actor or to any foreign space.”

As election security continues to be an enduring mission of the DOD, national security officials stress the importance of allowing Americans to exercise their right to vote — a vote cast is a vote counted.

Defense.gov (February, 2020) DOD Has Enduring Role in Election Defense

Child Predators Arrested as a Result of “Operation Broken Arrow” Online Undercover Investigation

As a result of a proactive online undercover investigation coordinated by the Georgia Internet Crimes Against Children (ICAC) Task Force, the Georgia Bureau of Investigation’s Child Exploitation and Computer Crimes Unit (CEACC), the Lowndes County Sheriff’s Office, and the Southern Judicial Circuit District Attorney’s Office, fourteen (14) people were arrested over a four-day period beginning Thursday, February 6, 2020.

“Operation Broken Arrow” was a four-day proactive effort centered in Valdosta, GA.

Those arrested were charged with O.C.G.A. 16-12-100.2, Computer or Electronic Pornography and Child Exploitation Prevention Act of 2007 and/or O.C.G.A 16-5-46, Trafficking of Persons for Labor or Sexual Servitude.

Additional charges and arrests may be forthcoming.

“Operation Broken Arrow” was a four-day proactive effort centered in Valdosta, GA.

The operation took several months of planning. The arrestees, ranging in age from 24 to 57, traveled from areas around South Georgia with the intent to meet a child for sex. Every individual arrested during the operation believed they were going to a location to meet with a child and engage in prearranged sex acts.

The Georgia Internet Crimes Against Children Task Force had previously received information from the National Center for Missing and Exploited Children on at least one person who was arrested during Operation Broken Arrow. That same person had been previously arrested on peeping tom charges.

Two persons were arrested in possession of a firearm and two persons were arrested in possession of illegal narcotics. At least two other arrestees were investigated for sex related crimes in the past. Nineteen (19) mobile devices and several additional electronic devices were seized as evidence during the operation.

The goal of “Operation Broken Arrow” was to arrest persons who communicate with children on-line and then travel to meet them for the purpose of having sex. Additionally, the operation targeted those that are willing to exploit children by purchasing sex with a minor. On-line child predators visit chat rooms and websites on the internet, find children, begin conversations with them, introduce sexual content and arrange a meeting with the children for the purpose of having sex. The children these predators target are both boys and girls.

Since 2014, the Georgia ICAC Task Force has arrested over 150 people in similar operations.

Over the course of the operation, investigators had more than 120 exchanges with persons on various social media or internet platforms. During many of these exchanges, the subjects directed conversations towards sex with persons they believed to be minors. Over 40 cases were established that met the threshold for arrest.

Fourteen (14) of those cases were concluded with arrests. In some of these cases, the subject introduced obscene or lude content, often exposing the minor (UC) to pornography or requesting the child take nude or pornographic images for them. About half of the exchanges involved websites used for dating, socializing, or even websites used for classified advertisements.

Although some websites promote themselves as being for “adults-only” it is not uncommon for law enforcement to work cases in which children access these sites, establish profiles claiming to be older, and then find themselves vulnerable to victimization, harassment, blackmail, or assault.

Several subjects were identified as communicating simultaneously with multiple investigators posing as minors. Such activity confirms what investigators uncover conducting these types of investigations: that many predators specifically seek out minors on such websites to groom them as potential victims for sexual contact.

Along with those agencies who participated in the planning and coordinating of the operation, sixteen (16) additional law enforcement agencies participated in “Operation Broken Arrow” as members of the Georgia ICAC Task Force.

These agencies were:

Alpharetta Police Department
Atlanta Police Department
Floyd County Police Department
Forsyth County Sheriff’s Office
GBI-Georgia Information Sharing and Analysis Center (GISAC)
Glynn County Police Department
Gwinnett County Police Department
Hall County Sheriff’s Office
Homeland Security Investigations
Johns Creek Police Department
Lilburn Police Department
Marietta Police Department
Polk County Police Department
Savannah Police Department
United States Air Force – Office of Special Investigations
Woodstock Police Department

The proactive on-line investigation was a coordinated effort among the participating law enforcement agencies to combat this activity. Lowndes County Sheriff Ashley Paulk stated, “The Lowndes County Sheriff’s Office is proud to partner with the GBI and other federal, state, and local area law enforcement agencies in these continuing efforts to identify and apprehend those who prey on our most vulnerable victims. Thanks to this coordinated four-day effort, multiple predators have been removed from our streets and are no longer free to victimize our children.”

GBI Special Agent in Charge, and Commander of the Georgia Internet Crimes Against Children (ICAC) Task Force, Debbie Garner remarked “The Lowndes County Sheriff’s Office is one of our most active member agencies. We appreciate their daily efforts to combat child exploitation. This type of cooperation and collaboration is invaluable in the effort to keep our children safe from predators who seek to harm them. This successful operation was a true partnership between all the agencies involved. We will continue to aggressively work together to protect our children.”

The following were arrested and charged in Lowndes County as part of “Operation Broken Arrow”:

Dave Vincent Almon, W/M, 43, retail manager
Billy Stephen Carter, W/M, 57, truck driver
Eric Bernard Copeland, B/M, press operator
Walter Lee Curry, B/M, 33, laborer
Jamian Hogan, B/M, 34, retail associate
John Henry Hursey, W/M, 45, carpenter
Eugene Andega Mainah, B/M, 35, unemployed
Keith Morrison, B/M, 43, truck driver
Wyman Rene Phillips, W/M, 36, electrician
Wilford Sermons, B/M, 28, customer service representative
Josue Trejo, H/M, 31, forklift driver
Bronson Jamari D. Tripp, B/M, 24, retail associate
Keith Walters, W/M, 44, university Dean
Justin Na’eem Warren, B/M, 24, student

The Georgia ICAC Task Force is comprised of 240+ local, state, and federal law enforcement agencies, other related criminal justice agencies and prosecutor’s offices. The mission of the ICAC Task Force, created by the U. S. Department of Justice and managed and operated by the GBI in Georgia, is to assist state and local law enforcement agencies in developing an effective response to cyber enticement and child pornography cases. This support encompasses forensic and investigative components, training and technical assistance, victim services, prevention and community education. The ICAC Program was developed in response to the increasing number of children and teenagers using the internet, the proliferation of child pornography, and the heightened online activity by predators searching for unsupervised contact with underage victims. By helping state and local law enforcement agencies develop effective and sustainable responses to online child victimization and child pornography, the ICAC program delivers national resources at the local level. Arrests made by the Georgia ICAC Task Force have been steadily increasing over the last 3 years. In 2017, The Georgia ICAC Task Force made 350 arrests. In 2018, The Georgia ICAC Task Force made 307 arrests. In 2019, the Georgia ICAC Task Force made 474 arrests. The Georgia ICAC Task Force has made over 2,000 arrests since its inception in 2002.

GBI.Georgia.gov (February, 2020) “Operation Broken Arrow” Targets On-line Child Predators

Chinese Military Personnel Charged with Computer Fraud, Economic Espionage and Wire Fraud for Hacking into Credit Reporting Agency Equifax

A federal grand jury in Atlanta returned an indictment last week charging four members of the Chinese People’s Liberation Army (PLA) with hacking into the computer systems of the credit reporting agency Equifax and stealing Americans’ personal data and Equifax’s valuable trade secrets.

Indictment Alleges Four Members of China’s People’s Liberation Army Engaged in a Three-Month Long Campaign to Steal Sensitive Personal Information of Nearly 150 Million Americans

The nine-count indictment alleges that Wu Zhiyong (吴志勇), Wang Qian (王乾), Xu Ke (许可) and Liu Lei (刘磊) were members of the PLA’s 54^th Research Institute, a component of the Chinese military. They allegedly conspired with each other to hack into Equifax’s computer networks, maintain unauthorized access to those computers, and steal sensitive, personally identifiable information of approximately 145 million American victims.

“This was a deliberate and sweeping intrusion into the private information of the American people,” said Attorney General William P. Barr, who made the announcement. “Today, we hold PLA hackers accountable for their criminal actions, and we remind the Chinese government that we have the capability to remove the Internet’s cloak of anonymity and find the hackers that nation repeatedly deploys against us. Unfortunately, the Equifax hack fits a disturbing and unacceptable pattern of state-sponsored computer intrusions and thefts by China and its citizens that have targeted personally identifiable information, trade secrets, and other confidential information.”

According to the indictment, the defendants exploited a vulnerability in the Apache Struts Web Framework software used by Equifax’s online dispute portal.

They used this access to conduct reconnaissance of Equifax’s online dispute portal and to obtain login credentials that could be used to further navigate Equifax’s network.

The defendants spent several weeks running queries to identify Equifax’s database structure and searching for sensitive, personally identifiable information within Equifax’s system. Once they accessed files of interest, the conspirators then stored the stolen information in temporary output files, compressed and divided the files, and ultimately were able to download and exfiltrate the data from Equifax’s network to computers outside the United States. In total, the attackers ran approximately 9,000 queries on Equifax’s system, obtaining names, birth dates and social security numbers for nearly half of all American citizens.

The indictment also charges the defendants with stealing trade secret information, namely Equifax’s data compilations and database designs. “In short, this was an organized and remarkably brazen criminal heist of sensitive information of nearly half of all Americans, as well as the hard work and intellectual property of an American company, by a unit of the Chinese military,” said Barr.

The defendants took steps to evade detection throughout the intrusion, as alleged in the indictment. They routed traffic through approximately 34 servers located in nearly 20 countries to obfuscate their true location, used encrypted communication channels within Equifax’s network to blend in with normal network activity, and deleted compressed files and wiped log files on a daily basis in an effort to eliminate records of their activity.

“Today’s announcement of these indictments further highlights our commitment to imposing consequences on cybercriminals no matter who they are, where they are, or what country’s uniform they wear,” said FBI Deputy Director David Bowdich. “The size and scope of this investigation — affecting nearly half of the U.S. population, demonstrates the importance of the FBI’s mission and our enduring partnerships with the Justice Department and the U.S. Attorney’s Office. This is not the end of our investigation; to all who seek to disrupt the safety, security and confidence of the global citizenry in this digitally connected world, this is a day of reckoning.”

The defendants are charged with three counts of conspiracy to commit computer fraud, conspiracy to commit economic espionage, and conspiracy to commit wire fraud. The defendants are also charged with two counts of unauthorized access and intentional damage to a protected computer, one count of economic espionage, and three counts of wire fraud.

The investigation was conducted jointly by the U.S. Attorney’s Office for the Northern District of Georgia, the Criminal and National Security Divisions of the Department of Justice, and the FBI’s Atlanta Field Office. The FBI’s Cyber Division also provided support. Equifax cooperated fully and provided valuable assistance in the investigation.

Assistant U.S. Attorneys Nathan Kitchens, Samir Kaushal, and Thomas Krepp of the Northern District of Georgia; Senior Counsel Benjamin Fitzpatrick of the Criminal Division’s Computer Crime and Intellectual Property Section; and Trial Attorney Scott McCulloch of the National Security Division’s Counterintelligence and Export Control Section are prosecuting this case. Attorneys with the Office of International Affairs provided critical assistance in obtaining evidence from overseas.

The details contained in the charging document are allegations. The defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Justice.gov (February, 2020) Chinese Military Personnel Charged with Computer Fraud, Economic Espionage and Wire Fraud for Hacking into Credit Reporting Agency Equifax

Perdue, Loeffler Push Fort Benning As Home Of New Army Corps Headquarters

U.S. Senator David Perdue (R-GA), a member of the Senate Armed Services Committee, and U.S. Senator Kelly Loeffler (R-GA) are urging the U.S. Army to select Fort Benning as the Army’s fourth corps headquarters.

“Fort Benning is a crown jewel of the Army uniquely qualified to host the new corps headquarters.”

The Army recently announced Fort Benning as one of three finalists to host the new headquarters, which is needed to fulfill requirements of the National Defense Strategy.

In a letter to Secretary of the Army Ryan McCarthy, Perdue and Loeffler highlighted Fort Benning’s unmatched training, support, and command facilities and its ability to quickly activate the new headquarters.

USA Armed Forces Super Soft Fleece Throw Blanket (United States Army)

“We commend your decision to realign forces under a new corps headquarters in support of the National Defense Strategy and strongly recommend that you consider Fort Benning for its basing. Fort Benning is a crown jewel of the Army uniquely qualified to host the new corps headquarters,” the Senators said.

“Fort Benning stands ready to meet all facility, deployment support infrastructure, and community support requirements needed for activation in October 2020. As the home to the Army’s Maneuver Center of Excellence, Fort Benning provides unmatched training, support, and command facilities. It includes 26 million square feet of facilities and 102,000 acres of maneuver training areas capable of supporting all manner of maneuver operations, tactics, and training,” Perdue and Loeffler said.

Fort Benning Army post straddles the Alabama and Georgia border near Columbus, Georgia and supports more than 120,000 active-duty military, family members, reserve component soldiers, retirees, and civilian employees on a daily basis.

View the full text of the letter here.

Perdue.senate.gov (February, 2020) Perdue, Loeffler Push Fort Benning As Home Of New Army Corps Headquarters