South Korea spy agency sees signs of planned new missile test by North

North Korean leader Kim Jong Un visits a cosmetics factory in this undated photo released by North Korea's Korean Central News Agency (KCNA) in Pyongyang on October 28, 2017.

By Hyonhee Shin

SEOUL (Reuters) – North Korea may be planning a new missile test, South Korea’s spy agency told lawmakers on Thursday, after brisk activity was spotted at its research facilities, just days before U.S. President Donald Trump visits Seoul.

Reclusive North Korea has carried out a series of nuclear and missile tests in defiance of U.N. Security Council resolutions, but has not launched any missiles since firing one over Japan on Sept. 15, the longest such lull this year.

However a flurry of activity including the movement of vehicles has been detected at the North’s missile research facilities in Pyongyang, where the most recent missile test was conducted, pointing to another possible launch, South Korea’s Intelligence Service said in a briefing to lawmakers.

It did not say how the activity was detected.

North Korea has made no secret of its plans to perfect a nuclear-tipped missile capable of reaching the U.S. mainland. It regularly threatens to destroy the United States and its “puppet”, South Korea.

“There is a possibility of a new missile launch given the active movement of vehicles around the missile research institute in Pyongyang. The North will constantly push for further nuclear tests going forward, and the miniaturization and diversification of warheads,” the intelligence agency said at the briefing.

The North’s nuclear testing site in the northwestern town of Punggye-ri could have been damaged by its sixth and largest nuclear test on Sept. 3, according to Kim Byung-kee, Yi Wan-young and Lee Tae-gyu, members of South Korea’s parliamentary intelligence committee.

The explosion triggered an aftershock within eight minutes and three additional shocks.

Japanese broadcaster TV Asahi, citing unnamed sources, said on Tuesday a tunnel at the test site collapsed after that explosion, possibly killing more than 200 people. Reuters has not been able to verify the report which North Korea on Thursday denounced as false and defamatory.

Pyongyang will likely detonate more devices as it tries to master the miniaturization of nuclear warheads to put atop missiles, the lawmakers said.

The third tunnel at the Punggye-ri complex remained ready for another test “at any time”, while construction had resumed at a fourth tunnel, making it unable to be used “for a considerable amount of time”, they added.

Trump is to visit five Asian nations in coming days for talks in which North Korea will be a major focus. The visit includes the North’s lone major ally, China, and U.S. allies Japan and South Korea, which have watched with increasing worry as Trump and North Korea have exchanged bellicose rhetoric.

 

(Reporting by Hyonhee Shin in Seoul; Editing by Nick Macfie)

 

Suspect in hit-and-run on French soldiers unknown to spy agencies: source

Suspect in hit-and-run on French soldiers unknown to spy agencies: source

PARIS (Reuters) – The Algerian national suspected of ploughing a hire car into a group of soldiers in a wealthy Paris suburb is believed to be unknown to French intelligence services and had no criminal record, a police source said on Thursday.

Investigators late on Wednesday raided several addresses associated with the 36-year-old suspect, who was cornered by armed police from elite units on a motorway some 260 kilometers (162 miles) north of the capital.

Interior Minister Gerard Collomb said the incident was a “deliberate act” and prosecutors opened a counter-terrorism investigation. The police source said the suspect is called Hamou Benlatreche, confirming local media reports.

Benlatreche was not thought to be on a secret service list of people linked to radical Islam, the police source said.

“When a suspect is on the list, we know immediately,” the source said. “But in this case we’ve not been given any indication that he is.”

Benlatreche’s uncle described his nephew as a faithful Muslim who prayed regularly, and expressed shock at hearing that his relative was linked to the attack.

“I couldn’t believe it. It totally stunned us,” Mohammed Benlatreche told BFM TV.

The attack targeted a group of soldiers as they began a morning patrol in the upscale area of Levallois-Perret, home to France’s domestic intelligence agency and only a few kilometers from landmarks such as the Arc de Triomphe and Eiffel Tower.

Six of the soldiers were injured, three of them seriously.

They were part of Operation Sentinel, a 7,000-strong force launched in the wake of Islamist attacks in Paris in early 2015.

Wednesday’s attack was the sixth on troops belonging to the force and has raised questions about the strain the operation on home soil has placed on an army facing budget cuts.

Opponents say it is overstretching the army, reducing time between operational rotations, depriving regiments of time for training for foreign deployments and hurting morale. Some say the troops are sitting ducks for would-be militants.

“All it has done is hand Daesh clear targets,” Vincent Desportes, former director of France’s Ecole de Guerre, was quoted as saying in daily newspaper Le Parisien. Daesh is the commonly used Arabic name for Islamic State.

Supporters of Operation Sentinel, which costs hundreds of millions of euros a year, say the force has served as a deterrent and given French citizens and tourists greater peace of mind.

Jacques Bessy, president of the Association for the Defence of Soldiers’ Rights, acknowledged the strains placed on the military but said the mission was essential.

“It is true that the operation is tiring and stressful,” said Bessy. “We need to examine the resources in order to refocus the patrols on priority areas such as stations, tourist sites, certain places of worship.”

 

(Reporting by Caroline Pailliez, Cyril Camy and Miranda Alexander-Webber; Writing by Richard Lough; Editing by Catherine Evans)

 

Russia causing cyber mayhem, should face retaliation: ex-UK spy chief

The director of Britain's GCHQ Robert Hannigan delivers a speech at Government Communications Headquarters in Cheltenham, November 17, 2015.

By Michael Holden

LONDON (Reuters) – Russia is causing cyberspace mayhem and should face retaliation if it continues to undermine democratic institutions in the West, the former head of Britain’s GCHQ spy agency said on Monday.

Russia denies allegations from governments and intelligence services that it is behind a growing number of cyber attacks on commercial and political targets around the world, including the hackings of recent U.S. and French presidential election campaigns.

Asked if the Russian authorities were a threat to the democratic process, Robert Hannigan, who stepped down as head of the UK’s intelligence service in March, said: “Yes … There is a disproportionate amount of mayhem in cyberspace coming from Russia from state activity.”

In his first interview since leaving GCHQ, Hannigan told BBC radio that it was positive that French President Emmanuel Macron and German Chancellor Angela Merkel had publicly “called this out recently”.

Standing alongside Russian President Vladimir Putin in May, Macron said state-funded Russian news outlets had sought to destabilize his campaign while the head of Germany’s domestic intelligence agency said last week it was expecting Russia to try to influence the German election in September.

“Ultimately people will have to push back against Russian state activity and show that it’s unacceptable,” he said.

“It doesn’t have to be by cyber retaliation, but it may be that is necessary at some time in the future. It may be sanctions and other measures, just to put down some red lines and say that this behavior is unacceptable.”

Hannigan also said it would be a mistake to force social media companies to allow intelligence agencies to access services protected by encryption through so-called “back door” access.

“The best you can do with end-to-end encryption is work with companies in a cooperative way to find ways around it frankly,” he said. He said such “back doors” would weaken systems.

Hannigan also said governments should wait to see how a global working group on tackling online extremism established by Facebook, Google’s YouTube, Twitter and Microsoft performed before seeking new laws.

“Legislation is a blunt last resort because frankly extremism is very difficult to define in law and you could spend all your time in court arguing about whether a particular video crosses the line or not,” he said.

Last month, Germany approved a plan to fine social media networks up to 50 million euros ($57 million) if they failed to remove hateful postings promptly. Britain has also mooted bringing in possible sanctions for tech firms that failed to remove extremist content.

 

 

(Editing by Raissa Kasolowsky)

 

U.S. spy agencies probe another flank in Russian hacking

Reality Leigh Winner, 25, a federal contractor charged by the U.S. Department of Justice for sending classified material to a news organization, poses in a picture posted to her Instagram account. Reality Winner/Social Media via REUTERS

By Joseph Menn

SAN FRANCISCO (Reuters) – Russian hacking of the 2016 U.S. election included sophisticated targeting of state officials responsible for voter rolls and voting procedures, according to a top secret U.S. intelligence document that was leaked and published this week, revealing another potential method of attempted interference in the vote.

The month-old National Security Agency document outlined activities including impersonating an election software vendor to send trick emails to more than 100 state election officials. Analysts at the NSA believed the hackers were working for the Russian military’s General Staff Main Intelligence Directorate, or GRU, according to the document.

The document’s publication on Monday by The Intercept, a news outlet that focuses on security issues, received particular attention because an intelligence contractor, Reality Leigh Winner, was charged the same day with leaking it.

U.S. intelligence agencies have previously said the Kremlin tried to influence the election outcome in favor of Republican candidate Donald Trump through leaks during the campaign of hacked emails from Democratic Party officials, aimed at discrediting Democratic candidate Hillary Clinton.

The new revelations suggest that U.S. investigators are also still probing a more direct attempt to attack the election itself, and a federal official confirmed that is the case. However, there is no evidence that hackers were able to manipulate votes, or the vote tally.

The document says at least one employee of the software vendor had an account compromised but does not cover whether any of the elections officials were also successfully compromised.

If they did compromise the officials, hackers could have planted malicious software, then captured proof of the infection to suggest that there had been fraud on Clinton’s behalf, had she won the Nov. 8 election, experts said.

“If your goal is to disrupt an election, you don’t need to pick the winner or actually tamper with tally result,” said Matt Blaze, a University of Pennsylvania computer science professor who has written on the security of voting machines. Simply casting doubt on the legitimacy of the results could achieve the goals of a government-sponsored hacking campaign, he said.

U.S. intelligence officials had previously stated that Russian intelligence had won access to “multiple” election officials but had said that compromised machines were not involved with vote tallies. But they had not said how sophisticated and extensive the effort was or how it worked.

Russian President Vladimir Putin has strongly denied Russian government involvement in election hacking, though he said last week that “patriotic” Russians could have been involved. Trump has denied any collusion.

SPEAR-PHISHING ON ELECTIONS OFFICIALS

The newly leaked NSA report said the hackers used so-called “spear-phishing” techniques on election officials, trying to convince targets to click on links in emails that seemed to come from legitimate correspondents.

The report describes just one phishing campaign, which hit state officials a week before the election, but does not give any locations or say if it was successful. Although there may have been many others, security experts said one coming so late in the game would be more likely to be about sowing chaos than trying to alter vote counts.

The report did not say what the hackers were trying to accomplish, and any investigation of the computers of people who were targeted would be the jurisdiction of the FBI.

An FBI spokeswoman declined to comment Tuesday, as did the office of the special counsel Robert Mueller, who is investigating possible collusion between Trump campaign officials and the Russian government.

ATTACKING VOTER ROLLS

The “bait” used in the spear-phishing campaign involved software for managing voter registration rolls. The hackers might have been considering deleting some records and forcing officials to turn legitimate voters away, said elections technology security expert Alex Halderman, of the University of Michigan.

There were no wide reports of mass rejections of voters, so perhaps that plan was abandoned or proved too hard to execute, he said.

It is also possible that the idea was to get onto the machines of officials who oversaw both registration and voting software. Elections are run by counties in the United States.

“Depending on the county’s configuration and security practices and what is separated from what, they could have access to potentially every aspect, from lists of registered voters, to voting machines, to firmware on those machines, to the ballots that are presented, to the software that controls the final tally,” Blaze said.

“This is the holy grail of what an attacker would want to compromise.”

Members of Congress said they hoped to learn more about the hacking attempts.

“It’s important that the American people understand that the Russian attempts to break into a number of our state voting processes – we talked about this in the fall – was broad-based,” Democrat Mark Warner, vice chairman of the Senate Intelligence committee, told reporters.

“It’s my hope in the coming days that we can get more information out about that.”

(Reporting by Joseph Menn in San Francisco; Additonal reporting by Dustin Volz, Jim Finkle and Mark Hosenball in Washington; Editing by Jonathan Weber and Frances Kerry)