Wednesday, April 19, 2023 // (IG): BB // Financial Enabler // Coffee for Bob
China’s new security role in the Middle East under President Xi Jinping
Analyst Comments: The article provides a detailed analysis of China's increasing involvement in the Middle East and the challenges it poses to the United States. It highlights the strategic importance of the region and the competition between the two superpowers for influence. The article's information is well-supported by evidence, including the recent Saudi-Iranian reconciliation step, mediated by China. However, the article does not provide a balanced view of the situation, focusing more on China's actions and the US response, rather than addressing the perspectives and interests of the Middle Eastern countries involved.
FROM THE MEDIA: Since Chinese President Xi Jinping came to power in 2012, China has been increasing its political activity in the Middle East. Chinese involvement in the region has expanded beyond trade to include security cooperation and coordination with Arab organizations in the region. The deteriorating security situation in the Middle East has been a challenge to China and its regional policies, and there are indications that China may establish military bases in the region to secure its interests. The United States is concerned about China's growing influence in the region and is taking steps to limit it. China is building its soft power in the region through various projects under the Belt and Road Initiative. The recent success of Chinese mediation efforts in achieving Saudi-Iranian rapprochement has led to an increase in China's political and diplomatic involvement, challenging the long-term role of the United States as a dominant power in the region.
READ THE STORY: Modern Diplomacy
Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems
Analyst Comments: The findings highlight the continuing threat from Iranian cyber espionage groups targeting critical infrastructure in the US. It shows that these groups remain capable of rapidly adapting their tactics to circumvent security measures and that they continue to pose a serious threat to global security. The shift in Microsoft's naming taxonomy is noteworthy and demonstrates the growing complexity, scale, and volume of cyber threats.
FROM THE MEDIA: Microsoft has linked a government-backed Iranian hacking group, Mint Sandstorm, to a series of cyberattacks aimed at critical infrastructure in the US. The attacks targeted seaports, transit systems, energy companies, and a significant US utility and gas company, between late 2021 and mid-2022. The hacking group has been identified as being technically and operationally mature, with the ability to develop bespoke tools and use zero-day vulnerabilities. It is believed to be part of a retaliatory attack following the targeting of its own maritime, railway, and gas station payment systems between May 2020 and late 2021.
READ THE STORY: THN
Russian sabotage in place to strand Nordics in event of war, claims documentary
Analyst Comments: The use of 'ghost boats' to conduct espionage is not a new tactic by Russia, but the revelation that it is being employed in the Nordic region is concerning. The fact that these boats can locate and map the critical infrastructure of these countries could give Russia a significant advantage in any conflict. The withholding of location information by turning off AIS transmitters highlights the need for improved maritime security measures in the region.
FROM THE MEDIA: A new documentary co-funded by Nordic broadcasters DR, NRK, SVT, and Yle, has revealed that Russia is using 'ghost boats' to conduct espionage in the Nordic region. The documentary uncovered that Russia's military program is using these boats to map the region's infrastructure, including gas pipelines, significant cables, and offshore wind farms in the waters around Denmark, Norway, Finland, and Sweden. The 'ghost ships' have turned off their AIS transmitters to withhold their location. In one case, the reporters were able to confirm the location of the Russian naval vessel 'Admiral Vladimirsky' in Danish waters in November 2021. There are concerns that Russia could use this knowledge to sabotage the region by cutting off power supplies and severing key cables, thereby paralyzing the society of these countries in the event of a conflict with the West.
READ THE STORY: CPH post
Tracers on the stage: Talking with the sleuths who cracked the big crypto cases of the 2010s
Analyst Comments: The article provides an interesting look at the birth and evolution of the cryptocurrency tracing industry, with Gronager and Gambaryan providing valuable insights into their early experiences in the field. The discussion about how Bitcoin transactions are not really anonymous and how they can be traced on the blockchain was also informative. However, the article lacks details on some of the key investigations mentioned, such as the BTC-e trading platform laundering scheme, which could have provided more context and depth to the discussion.
FROM THE MEDIA: The advent of Bitcoin gave birth to a new industry of cryptocurrency trading, with Michael Gronager and Tigran Gambaryan being among the first practitioners in the field. Gronager went on to start Chainalysis, a multibillion-dollar company providing cryptocurrency trading services to clients in law enforcement, intelligence, and finance, while Gambaryan worked as a crime-fighting IRS agent and was involved in several high-profile cryptocurrency investigations. In a recent conference, they discussed the evolution of the industry and how they got started in it. They also talked about the misconception of Bitcoin transactions being anonymous and how they helped prove otherwise.
READ THE STORY: The Record
APT41 Taps Google Red Teaming Tool in Targeted Info-Stealing Attacks
Analyst Comments: The use of publicly available tools such as GC2 and legitimate software like Cobalt Strike and Brute Ratel is becoming increasingly common among Chinese APT groups. These "living off the land" tactics are intended to evade detection during their attacks, which is concerning since APT groups are better resourced and can develop custom tools. APT41, in particular, has been very prolific, targeting a range of entities, including government, healthcare, high-tech manufacturing, NGOs, and targets in line with China's political and economic interests. The recent shift in tactics by APT41 towards the use of legitimate tools and cloud services for stealth and legitimacy is worrisome, as it makes it harder to detect and prevent cyber espionage attacks.
FROM THE MEDIA: Chinese Advanced Persistent Threat (APT) group, APT41, also known as HOODOO, Winnti, and Bronze Atlas, has shifted its tactics by using the open-source, red-teaming tool, Google Command and Control (GC2), in cyber espionage attacks. According to the Google Threat Analysis Group (TAG), APT41 recently targeted a Taiwanese media organization with phishing emails containing links to a password-protected file hosted in Drive. When opened, the file fetched the GC2 payload, which gets its commands from Google Sheets, and exfiltrates data to Google Drive, while also enabling the attacker to download additional files from Drive onto the victim's system. The GC2 tool was also used by APT41 in July 2022 to target an Italian job search website, according to TAG.
READ THE STORY: DARKReading
Record EU gas storage raises hopes of cutting Russian dependence
Analyst Comments: The EU’s record levels of natural gas storage could allow the bloc to reduce its reliance on Russian LNG imports. The increase in storage could also impact global gas markets, with analysts suggesting that stopping Russian LNG imports could provoke retaliation from President Putin. However, the EU has so far struggled to curb its LNG imports from Russia, and its target of gas storage levels of 90% of capacity by November may be difficult to achieve. Prices for European benchmark TTF contracts for delivery in Q4 2022 have risen by around 20% in the past month, indicating the challenge faced in securing enough supplies.
FROM THE MEDIA: The European Union (EU) has reached its highest natural gas storage levels for early April since at least 2011, with storage reaching 55.7% capacity at the beginning of the month. The increased storage levels reflect a mild winter, and the EU now has a greater scope to reduce its reliance on imports of Russian liquefied natural gas (LNG). However, the EU still faces challenges in reducing LNG imports from Russia, which have funneled billions of dollars to the Kremlin through taxes on Russian gas companies. Last year, Russia cut pipeline supplies amid its invasion of Ukraine, and the EU was forced to increase LNG imports to stock up for the winter. The EU aims to reach gas storage levels of 90% of capacity by November, but experts believe that achieving this goal could prove challenging, given that gas prices are still high. The European benchmark TTF contract price for delivery in Q4 2022 has risen by around 20% in the past month to €55/MWh, indicating the challenge the bloc faces in securing sufficient supplies.
READ THE STORY: FT
UK says ‘Wagner-like cyber groups’ attacking critical infrastructure
Analyst Comments: The announcement made by Oliver Dowden on the emerging cyber groups attempting to cause damage to the UK's critical national infrastructure is concerning. This warning should be taken seriously by infrastructure operators and companies across the UK. The fact that these hacking groups are ideologically motivated means they may not be easily deterred, making it necessary for the government and companies to take extra steps to protect their networks and systems.
FROM THE MEDIA: The UK government has issued a threat notice to infrastructure operators in the country warning them that emerging cyber groups, which the chancellor of the Duchy of Lancaster Oliver Dowden has compared to Russia’s Wagner Group, are attempting to cause maximum damage to the UK's critical national infrastructure. Dowden will use his speech at the CyberUK conference in Belfast to warn infrastructure operators that several hacking groups aligned with Russia have turned their focus towards the UK in recent months. The attackers are primarily motivated to disrupt or destroy their targets and are ideologically, rather than financially, motivated. Dowden will use his speech to highlight the UK's world-class cybersecurity measures but will also highlight the government's need to break through its own glass ceiling when it comes to hiring cybersecurity talent.
READ THE STORY: The Record
North Korea Set to Launch Military Spy Satellite
Analyst Comments: The launch of North Korea’s first military reconnaissance satellite has not been confirmed by independent sources, and satellite images do not show signs of an imminent launch. Nonetheless, the development highlights North Korea’s increasing space capabilities and its focus on military technology. The news follows a recent test of a new type of intercontinental ballistic missile (ICBM) that can be launched from mobile launchers. The development of a military reconnaissance satellite could provide North Korea with greater intelligence capabilities, which could be used to threaten regional security.
FROM THE MEDIA: North Korean leader Kim Jong Un has ordered the launch of the country’s first military reconnaissance satellite, according to state media KCNA. During his visit to the National Aerospace Development Administration on Tuesday, Kim said the country’s military reconnaissance satellite production has been completed and ordered the dispatching of “several reconnaissance satellites,” KCNA reported. North Korea says it will finish preparations for the first military reconnaissance satellite by April 2023. However, satellite images of the country’s space launch center show no signs of an imminent launch, according to Dave Schmerler, senior research associate at the James Martin Center for Nonproliferation Studies in the United States.
READ THE STORY: CNN
Ukrainian Grain Vessel Inspections Resume In Turkey
Analyst Comments: The ongoing dispute over grain transportation between Ukraine and Russia highlights the continuing tensions between the two countries. The accusations made by the Russian Foreign Ministry against Ukraine and the United Nations are likely to add to the already strained relations between the two countries. The resumption of inspections is a positive development and may help to de-escalate the situation, but it remains to be seen if the grain deal will continue without further interruptions.
FROM THE MEDIA: Ukraine and the United Nations are being accused by the Russian Foreign Ministry of creating difficulties with ship inspections and the registration of new vessels for the transportation of grain from Ukrainian ports. However, according to a spokesperson for the Joint Coordination Center in Istanbul, inspections of vessels carrying grain from Ukrainian ports have resumed after two days of discussions between Kyiv and Moscow. The spokesperson also mentioned that the sides have agreed on new vessels to participate in the initiative and inspection teams are already at work.
READ THE STORY: RFERL
China’s Belt and Road Initiative: Past, Present, and Future
Analyst Comments: The Belt and Road Initiative (BRI) is a global infrastructure development strategy launched by China's President Xi Jinping in 2013. The initiative aims to promote connectivity and cooperation between China and other countries, particularly in Asia, Africa, and Europe, through the construction of transportation networks, energy infrastructure, and other projects. The BRI comprises two main components: the Silk Road Economic Belt, which focuses on land-based transportation and infrastructure projects, and the 21st Century Maritime Silk Road, which focuses on sea-based projects and ports. China sees the BRI as a means of expanding its global influence, promoting its interests, and shaping the international order. The initiative also aims to address China's domestic challenges, such as overcapacity in key industries and regional disparities. Through the BRI, China seeks to boost its exports, create new markets for its products and services, and diversify its sources of energy and raw materials.
FROM THE MEDIA: The Belt and Road Initiative (BRI) is a global infrastructure development strategy launched by China's President Xi Jinping in 2013. It aims to connect China with the rest of the world, particularly developing countries, through the construction of transportation networks, energy infrastructure, and other projects. The BRI has become China's globalization strategy and promotes Chinese businesses and organizations to go global. While many host countries have benefited from Belt and Road projects, some have experienced negative consequences. Experts predict that China may recalibrate its strategy after a decade of implementing Belt and Road projects and fighting the pandemic.
READ THE STORY: VOA
Keep reading with a 7-day free trial
Subscribe to Bob’s Newsletter to keep reading this post and get 7 days of free access to the full post archives.