High-risk Colombians say GPS devices only add to dangers

By FRANK BAJAK

August 1, 2022

The bulletproof vehicles that Colombia’s government assigns to hundreds of high-risk individuals are supposed to make them safer. But when an investigative reporter discovered they all had GPS trackers, she only felt more vulnerable — and outraged.

No one had informed Claudia Julieta Duque — or apparently any of the 3,700-plus journalists, rights activists and labor and indigenous leaders who use the vehicles — that the devices were keeping constant tabs on their whereabouts. In Duque’s case, it happened as often as every 30 seconds. The system could also remotely cut off the SUV’s engine.

Colombia is among the world’s most dangerous countries for human rights defenders — with more than 500 killed since 2016. It is also a country where right-wing extremists have a track record of infiltrating national security bodies. For Duque, the GPS revelation was chilling: Movements of people already at risk of political assassination were being tracked with technology that bad actors could weaponize against them.

“It’s something super invasive,” said Duque, who has been a persistent target of rogue security agents. “And the state doesn’t seem to care.”

The government agency responsible has said the trackers were installed to help prevent theft, to track the bodyguards who often drive the vehicles and to help respond to dangerous situations.

For a decade, Colombia had been installing trackers in the armored vehicles of at-risk individuals as well as VIPs, including presidents, government ministers and senators. The agency’s director made that disclosure after Duque learned last year through a public records request that the system was recording her SUV’s location an average of five times an hour.

The director dismissed privacy concerns and called the practice “fundamental” to guaranteeing security.

Considering the tracker a danger to her and her sources, Duque pressed for details on its exact features. But the National Protection Unit, known as UNP in Spanish, offered little. She then demanded the agency remove the device. It refused. So in February, Duque returned the vehicle, left the country and filed a legal challenge.

Now back in Bogotá, she is hoping for satisfaction when Gustavo Petro, Colombia’s first leftist president, takes office Aug. 7.

MORE

In Ukraine war, a race to acquire smarter, deadlier drones

By OLEKSANDR STASHEVSKYI and FRANK BAJAK

July 14, 2022

KYIV, Ukraine (AP) — Drone camera footage defines much of the public’s view of the war in Ukraine: grenades quietly dropped on unwitting soldiers, eerie flights over silent, bombed-out cities, armor and outposts exploding in fireballs.

Never in the history of warfare have drones been used as intensively as in Ukraine, where they often play an outsized role in who lives and dies. Russians and Ukrainians alike depend heavily on unmanned aerial vehicles to pinpoint enemy positions and guide their hellish artillery strikes.

But after months of fighting, the drone fleets of both sides are depleted, and they are racing to build or buy the kind of jamming-resistant, advanced drones that could offer a decisive edge.

The urgency was reflected by the White House’s disclosure Monday that it has information that Iran will be rushing “up to several hundred” unmanned aerial vehicles to Moscow’s aid. Iranian-supplied drones have effectively penetrated U.S.-supplied Saudi and Emirati air-defense systems in the Middle East.

“The Russian drone force may still be capable, but exhausted. And Russians are looking to capitalize on a proven Iranian track record,” said Samuel Bendett, an analyst at the CNA military think tank.

Meanwhile, Ukraine wants the means “to strike at Russian command and control facilities at a significant distance,” Bendett said.

The demand for off-the-shelf consumer models remains intense in Ukraine, as do efforts to modify amateur drones to make them more resistant to jamming. Both sides are crowdfunding to replace battlefield losses.

“The number we need is immense,” a senior Ukrainian official, Yuri Shchygol, told reporters Wednesday, detailing the first results of a new fundraising campaign called “Army of Drones.” He said Ukraine is initially seeking to purchase 200 NATO-grade military drones but requires 10 times more.

Outgunned Ukrainian fighters complain that they simply don’t have the military-grade drones needed to defeat Russian jamming and radio-controlled hijacking. The civilian models most Ukrainians rely on are detected and defeated with relative ease. And it’s not uncommon for Russian artillery to rain down on their operators within minutes of a drone being detected.

Compared with the war’s early months, Bendett now sees less evidence of Russian drones getting shot down. “The Ukrainians are on the ropes,” he said.

MORE

Deadly secret: Electronic warfare shapes Russia-Ukraine war

By OLEKSANDR STASHEVSKYI and FRANK BAJAK

June 4, 2022

KYIV, Ukraine (AP) — On Ukraine’s battlefields, the simple act of powering up a cellphone can beckon a rain of deathly skyfall. Artillery radar and remote controls for unmanned aerial vehicles may also invite fiery shrapnel showers.

This is electronic warfare, a critical but largely invisible aspect of Russia’s war against Ukraine. Military commanders largely shun discussing it, fearing they’ll jeopardize operations by revealing secrets.

Electronic warfare technology targets communications, navigation and guidance systems to locate, blind and deceive the enemy and direct lethal blows. It is used against artillery, fighter jets, cruise missiles, drones and more. Militaries also use it to protect their forces.

It’s an area where Russia was thought to have a clear advantage going into the war. Yet, for reasons not entirely clear, its much-touted electronic warfare prowess was barely seen in the war’s early stages in the chaotic failure to seize the Ukrainian capital of Kyiv.

It has become far more of a factor in fierce fighting in eastern Ukraine, where shorter, easier-to-defend supply lines let Russia move electronic warfare gear closer to the battlefield.

“They are jamming everything their systems can reach,” said an official of Aerorozvidka, a reconnaissance team of Ukrainian unmanned aerial vehicle tinkerers, who spoke on the condition of anonymity because of safety concerns. “We can’t say they dominate, but they hinder us greatly.”

A Ukrainian intelligence official called the Russian threat “pretty severe” when it comes to disrupting reconnaissance efforts and commanders’ communications with troops. Russian jamming of GPS receivers on drones that Ukraine uses to locate the enemy and direct artillery fire is particularly intense “on the line of contact,” he said.

MORE

Tripwire for real war? Cyber’s fuzzy rules of engagement

By FRANK BAJAK

February 14, 2022

BOSTON (AP) — President Joe Biden couldn’t have been more blunt about the risks of cyberattacks spinning out of control. “If we end up in a war, a real shooting war with a major power, it’s going to be as a consequence of a cyber breach of great consequence,” he told his intelligence brain trust in July.

Now tensions are soaring over Ukraine with Western officials warning about the danger of Russia launching damaging cyberattacks against Ukraine’s NATO allies. While no one is suggesting that could lead to a full-blown war between nuclear-armed rivals, the risk of escalation is serious.

The danger is in the uncertainty about what crosses a digital red line. Cyberattacks, including those that cripple critical infrastructure with ransomware, have been on the rise for years and often go unpunished. It’s unclear how grave a malicious cyber operation by a state actor would have to be to cross the threshold to an act of war.

“The rules are fuzzy,” said Max Smeets, director of the European Cyber Conflict Research Initiative. “It’s not clear what is allowed, what isn’t allowed.”

MORE

AP Exclusive: Polish opposition senator hacked with spyware

By VANESSA GERA and FRANK BAJAK

December 23, 2021

Polish Senator Krzysztof Brejza on the night of parliamentary elections on Oct. 13, 2019. An investigation by The Associated Press and Citizen Lab, a watchdog at the University of Toronto, has found that Brejza's mobile phone was hacked with military-grade Pegasus spyware nearly three dozen times in 2019 as he ran an opposition campaign to unseat the right-wing populist government in parliamentary elections. The ruling party won a slim majority and Brejza is convinced that the hacking of his phone gave it an unfair advantage. (AP Photo)
Polish Senator Krzysztof Brejza on the night of parliamentary elections on Oct. 13, 2019 (AP Photo)

WARSAW, Poland (AP) — Polish Sen. Krzysztof Brejza’s mobile phone was hacked with sophisticated spyware nearly three dozen times in 2019 when he was running the opposition’s campaign against the right-wing populist government in parliamentary elections, an internet watchdog found.

Text messages stolen from Brejza’s phone — then doctored in a smear campaign — were aired by state-controlled TV in the heat of that race, which the ruling party narrowly won. With the hacking revelation, Brejza now questions whether the election was fair.

It’s the third finding by the University of Toronto’s nonprofit Citizen Lab that a Polish opposition figure was hacked with Pegasus spyware from the Israeli hacking tools firm NSO Group. Brejza’s phone was digitally broken in to 33 times from April 26, 2019, to Oct. 23, 2019, said Citizen Lab researchers, who have been tracking government abuses of NSO malware for years.

The other two hacks were identified earlier this week after a joint Citizen Lab-Associated Press investigation. All three victims blame Poland’s government, which has refused to confirm or deny whether it ordered the hacks or is a client of NSO Group. State security services spokesman Stanislaw Zaryn insisted Thursday that the government does not wiretap illegally and obtains court orders in “justified cases.” He said any suggestions the Polish government surveils for political ends were false.

MORE

African internet riches threatened by lawsuit and corruption

Two young boys use a computer at an internet cafe in the low-income Kibera neighborhood of Nairobi, Kenya Wednesday, Sept. 29, 2021. Instead of serving Africa's internet development, millions of internet addresses reserved for Africa have been waylaid, some fraudulently, including in insider machinations linked to a former top employee of the nonprofit that assigns the continent's addresses. (AP Photo/Brian Inganga)

By ALAN SUDERMAN, FRANK BAJAK and RODNEY MUHUMUZA

November 23, 2021

KAMPALA, Uganda (AP) — Outsiders have long profited from Africa’s riches of gold, diamonds, and even people. Digital resources have proven no different.

Millions of internet addresses assigned to Africa have been waylaid, some fraudulently, including through insider machinations linked to a former top employee of the nonprofit that assigns the continent’s addresses. Instead of serving Africa’s internet development, many have benefited spammers and scammers, while others satiate Chinese appetites for pornography and gambling.

New leadership at the nonprofit, AFRINIC, is working to reclaim the lost addresses. But a legal challenge by a deep-pocketed Chinese businessman is threatening the body’s very existence.

The businessman is Lu Heng, a Hong Kong-based arbitrage specialist. Under contested circumstances, he obtained 6.2 million African addresses from 2013 to 2016. That’s about 5% of the continent’s total — more than Kenya has.

AFRINIC made no claim of graft when it revoked Lu’s addresses, now worth about $150 million, saying his company was not adequately serving Africa’s interests. Lu fought back. His lawyers in late July persuaded a judge in Mauritius, where AFRICNIC is based, to freeze its bank accounts. His company also filed a $80 million defamation claim against AFRINIC and its new CEO.

It’s a shock to the global networking community, which has long considered the internet as technological scaffolding for advancing society. Some worry it could undermine the entire numerical address system that makes the internet work.

MORE

Big Pentagon internet mystery partially solved

By FRANK BAJAK

April 25, 2021

This image has an empty alt attribute; its file name is 1000.jpeg



BOSTON (AP) — A very strange thing happened on the internet the day President Joe Biden was sworn in. A shadowy company residing at a shared workspace above a Florida bank announced to the world’s computer networks that it was now managing a colossal, previously idle chunk of the internet owned by the U.S. Department of Defense.

That real estate has since more than quadrupled to 175 million addresses — about 1/25th the size of the current internet.

”It is massive. That is the biggest thing in the history of the internet,” said Doug Madory, director of internet analysis at Kentik, a network operating company. It’s also more than twice the size of the internet space actually used by the Pentagon.

After weeks of wonder by the networking community, the Pentagon has now provided a very terse explanation for what it’s doing. But it has not answered many basic questions, beginning with why it chose to entrust management of the address space to a company that seems not to have existed until September.

FULL STORY

A chilling Russian cyber aim in Ukraine: Digital dossiers

By FRANK BAJAK
April 28, 2022

BOSTON (AP) — Russia’s relentless digital assaults on Ukraine may have caused less damage than many anticipated. But most of its hacking is focused on a different goal that gets less attention but has chilling potential consequences: data collection.

Ukrainian agencies breached on the eve of the Feb. 24 invasion include the Ministry of Internal Affairs, which oversees the police, national guard and border patrol. A month earlier, a national database of automobile insurance policies was raided during a diversionary cyberattack that defaced Ukrainian websites.

The hacks, paired with prewar data theft, likely armed Russia with extensive details on much of Ukraine’s population, cybersecurity and military intelligence analysts say. It’s information Russia can use to identify and locate Ukrainians most likely to resist an occupation, and potentially target them for internment or worse.

“Fantastically useful information if you’re planning an occupation,” Jack Watling, a military analyst at the U.K. think tank Royal United Services Institute, said of the auto insurance data, “knowing exactly which car everyone drives and where they live and all that.”

As the digital age evolves, information dominance is increasingly wielded for social control, as China has shown in its repression of the Uyghur minority. It was no surprise to Ukrainian officials that a prewar priority for Russia would be compiling information on committed patriots.

“The idea was to kill or imprison these people at the early stages of occupation,” Victor Zhora, a senior Ukrainian cyber defense official, alleged.

Aggressive data collection accelerated just ahead of the invasion, with hackers serving Russia’s military increasingly targeting individual Ukrainians, according to Zhora’s agency, the State Service for Special Communications and Information Protection.

Serhii Demediuk, deputy secretary of Ukraine’s National Security and Defense Council, said via email that personal data continues to be a priority for Russian hackers as they attempt more government network breaches: “Cyberwarfare is really in the hot phase nowadays.”

There is little doubt political targeting is a goal. Ukraine says Russian forces have killed and kidnapped local leaders where they grab territory.

Demediuk was stingy with specifics but said Russian cyberattacks in mid-January and as the invasion commenced sought primarily to “destroy the information systems of government agencies and critical infrastructure” and included data theft.

MORE

War censorship exposes Putin’s leaky internet controls

By FRANK BAJAK and BARBARA ORTUTAY
March 13, 2022

BOSTON (AP) — Long before waging war on Ukraine, President Vladimir Putin was working to make Russia’s internet a powerful tool of surveillance and social control akin to China’s so-called Great Firewall.

So when Western tech companies began cutting ties with Russia following its invasion, Russian investigative journalist Andrei Soldatov was alarmed. He’d spent years exposing Russian censorship and feared that well-intentioned efforts to aid Ukraine would instead help Putin isolate Russians from the free flow of information, aiding the Kremlin’s propaganda war.

“Look, guys the only space the Russians have to talk about Ukraine. and what is going on in Russia. is Facebook,” Soldatov, now exiled in London. wrote on Facebook in the war’s first week. “You cannot just, like, kill our access.”

Facebook didn’t, although the Kremlin soon picked up that baton, throttling both Facebook and Twitter so badly they are effectively unreachable on the Russian internet. Putin has also blocked access to both Western media and independent news sites in the country, and a new law criminalizes spreading information that contradicts the government’s line. On Friday, the Kremlin said it would also restrict access to Instagram. By early Monday, the network monitor NetBlocks found network data showing the social network restricted in Russia across multiple users.

Yet the Kremlin’s latest censorship efforts have revealed serious shortcomings in the government’s bigger plans to straightjacket the internet. Any Russian with a modicum of tech smarts can circumvent Kremlin efforts to starve Russians of fact.

For instance, the government has so far had only limited success blocking the use of software known as virtual private networks, or VPNs, that allows users to evade content restrictions. The same goes for Putin’s attempts to restrict the use of other censorship-evading software.

That puts providers of internet bandwidth and associated services sympathetic to Ukraine’s plight in a tough spot. On one side, they face public pressure to punish the Russian state and economic reasons to limit services at a time when bills might well go unpaid. On the other, they’re wary of helping stifle a free flow of information that can counter Kremlin disinformation — for instance, the state’s claim that Russia’s military is heroically “liberating” Ukraine from fascists.

Amazon Web Services, a major provider of cloud computing services, continues to operate in Russia, although it says it’s not taking on any new customers. Both Cloudflare, which helps shield websites from denial-of-service attacks and malware, and Akamai, which boosts site performance by putting internet content closer to its audience, also continue to serve their Russian customers, with exceptions including cutting off state-owned companies and firms under sanctions.

Microsoft, by contrast, hasn’t said whether it will halt its cloud services in the country, although it has suspended all new sales of products and services.

U.S.-based Cogent, which provides a major “backbone” for internet traffic, has cut direct connections inside Russia but left open the pipes through subsidiaries of Russian network providers at exchanges physically outside the country. Another major U.S. backbone provider, Lumen, has done the same.

MORE

In crosshairs of ransomware crooks, cyber insurers struggle

By FRANK BAJAK

July 5, 2021

BOSTON (AP) — In the past few weeks, ransomware criminals claimed as trophies at least three North American insurance brokerages that offer policies to help others survive the very network-paralyzing, data-pilfering extortion attacks they themselves apparently suffered.

Cybercriminals who hack into corporate and government networks to steal sensitive data for extortion routinely try to learn how much cyber insurance coverage the victims have. Knowing what victims can afford to pay can give them an edge in ransom negotiations. The cyber insurance industry, too, is a prime target for crooks seeking its customers’ identities and scope of coverage.

FILE - In this Feb. 21, 2019, file photo, people stand in front of the logo of AXA Group prior to the company's 2018 annual results presentation, in Paris. The cyber insurance industry, once a profitable niche, is now in the crosshairs of ransomware criminals. Pressure is building on the industry to stop reimbursing for ransoms, but so far only one major cyber insurer, AXA, is doing so — and only with new policies in France. To try to absorb the growing onslaught and stay profitable, insurers are retooling coverage, demanding clients up their security.  (AP Photo/Thibault Camus, File)

Before ransomware evolved into a full-scale global epidemic plaguing businesses, hospitals, schools and local governments, cyber insurance was a profitable niche industry. It was accused of fueling the criminal feeding frenzy by routinely recommending that victims pay up, but kept many from going bankrupt.

Now, the sector isn’t just in the criminals’ crosshairs. It’s teetering on the edge of profitability, upended by a more than 400% rise last year in ransomware cases and skyrocketing extortion demands. As a percentage of premiums collected, cyber insurance payouts now top 70%, the break-even point.

FULL STORY