3 May 2017

*** The Man Who Saved Europe the Last Time


By Henry A. Kissinger

Konrad Adenauer (second from left), Sept. 21, 1949, with the high commissioners of the occupation (left to right), America’s John J. McCloy, Britain’s Sir Brian Robertson and France’s André François-Poncet. PHOTO: BETTMANN ARCHIVE

The attribute of greatness is reserved for leaders from whose time onward history can be told only in terms of their achievements. I observed essential elements of Germany’s history—as a native son, as a refugee from its upheavals, as a soldier in the American army of occupation, and as a witness to its astonishing renewal.

Only a few who experienced this evolution remain. For many contemporary Germans, the Adenauer period seems like a tale from an era long transcended. To the contrary, they live in a dynamic established by Konrad Adenauer, a man whose lifespan, from 1876 to 1967, covered all but five years of the unified German national state first proclaimed in 1871.

Devastated, impoverished, partitioned, the Federal Republic came about after World War II by the merger of the American, British and French zones of occupation, containing just two-thirds of Germany’s prewar population. Five million refugees from Germany’s prewar territories needed integration; they agitated for the recovery of lost territories. The Soviet occupation zone, containing 18 million people, was turned into a communist political entity.

The Federal Republic’s advent capped a century of discontinuity. The Empire after Bismarck had felt beleaguered by the alliances surrounding it; the Weimar Republic after World War I had felt abused by an imposed peace settlement; Hitler had sought an atavistic world dominion; the Federal Republic arose amid a legacy of global resentment.

*** The Afghan War: Creating An Afghan Capability to Win

By Anthony H. Cordesman


The Burke Chair at CSIS has updated its reporting on the Afghan War, and issued a major new report entitled The Afghan War: Creating An Afghan Capability to Win . The updated report is available on the CSIS web site at: 

This report addresses the key causes of the problems that the Afghan government and security forces now face, as well as the fact that the “enemy” is only part of the threat. Enabling Afghan military forces to defeat their enemies at the tactical level is only part of any meaningful form of victory. Today, Afghanistan faces the following eight threats: 

A mix of enemies that now includes the Taliban, Haqqani network, ISIS, other elements linked to Pakistan, and has little incentive to seek a real peace as distinguished from trying to exploit peace negotiations as a form of war by other means . 

A U.S. ally that failed to properly resource the development of Afghan forces until 2011, attempted to rush force development to meet an arbitrary withdrawal date of end-2014, and has since never properly sized its security or civil aid to meet the real world conditions on the ground, but rather slowed its withdrawal of an already inadequate military and train and assist effort. 

** U.S.-China Climate Relations: Beyond Trump

By Jackson Ewing

Jackson Ewing is the Director of Asian Sustainability at the Asia Society Policy Institute (ASPI) in New York, where he leads projects on environmental cooperation, responsible resource development, and international climate change policy. This piece is part of a special RCW series on the U.S.-China geopolitical relationship. The views expressed here are the author’s own.

The days of cooperative climate change action in Washington and Beijing were short-lived.

After decades of friction in the climate arena, the United States and China spent the last three years of former U.S. President Barack Obama’s second term in office building a partnership that caught even close observers by surprise. In a March 2016 joint presidential statement, Obama and Chinese President Xi Jinping declared climate change a “pillar of the U.S.-China bilateral relationship” and committed to ratifying the lauded Paris Agreement. The countries were by then drawing on more than two years of bilateral agreements on clean energy and emissions reduction targets, along with subnational agreements between cities, states, and provinces to bolster technical cooperation in areas ranging from carbon pricing to clean energy to sustainable urban infrastructure.

This cooperation reversed a history of recriminations and posturing that long defined the Sino-American climate change relationship. China would often emphasize its continuing poverty challenges, development needs, and relative lack of historical culpability for the climate problem, while the United States trotted out the common refrain that holding negotiations is well and good, but ultimately pointless if China fails to reduce emissions in internationally verifiable ways. For years, this divide between Beijing and Washington stubbornly persisted.

Halfway through Modi’s first term, what has the prime minister accomplished?

By Richard M. Rossow

Since taking office in 2014, Prime Minister Narendra Modi has become India’s most powerful political figure in a generation. He is successfully leveraging a mixture of vision, slogans, reforms, and party discipline for political success. He has surprised the global community by adopting a thoughtful, robust foreign policy. Yet his government suffers from policy limitations, often driven by the same rural politics that impacted his predecessors.

As we head toward India’s 2019 national election, Modi’s supporters are divided in terms of their hopes for the remainder of his term. Many would like him to use his growing authority to intensify the pace and depth of economic and social reforms. Others hope he will personally push a Hindu fundamentalist agenda. Simultaneously, the world waits to see what new foreign policy goals a stronger India will choose to pursue.

Explained: Why The Government And Military In Pakistan Are At Loggerheads, Again

Swarajya Staff

In a country which has seen three coups since its birth, any conflict between the civilian government and the military is enough to cast a shadow on democracy

Relations between Pakistan’s government and military, already at a low, seem to have hit an even lower phase with the military rejecting the government’s sacking of a top advisor following the ‘Dawn Leaks’ case.

The case refers to leaks around a series of meetings between the government and the military. These meeting were on matters relating to banned terrorist organisations operating freely across the country. Following the leaks, Prime Minister Nawaz Sharif’s Special Assistant on Foreign Affairs, Tariq Fatemi was expected to be shown the door for facilitating the leaks to the newspaper Dawn.

On Saturday (29 April), the Prime Minister’s Office had issued a directive to remove Fatemi from his post. The same, the military stated that it had ‘rejected’ the dismissal, calling it incomplete. This rejection was made in a tweet by Major Asif Ghafoor, Director General of Interservices Public Relations (ISPR), the media arm of the military.

Interior Minister Chaudhry Nisar Ali Khan later dismissed these reports, terming them ‘unnecessary noise’.

Guanxi: How Business Is Done In China

by Scott Stewart

The case of Candace Claiborne, a U.S. State Department employee recently arrested and charged with failing to disclose gifts from Chinese intelligence officers, offers many useful insights into the world of spying. In my April 6 column, I discussed her unusual motive for working with Chinese intelligence: to help pay for her son's education. Another item in the criminal complaint against Claiborne touches on a more commonplace, but equally striking, issue.

The complaint mentions that Claiborne sent her son a message discussing guanxi, the complex cultural system that governs personal relationships in China. Guanxi typically describes the moral obligations that arise from giving and receiving personal gifts or favors. The custom is generally considered a natural way of relating to people and conducting business in China. Many Western businesses, on the other hand, view guanxi as corruption.

Of course, Claiborne's relationship with Chinese intelligence went beyond the boundaries of guanxi, given her top-secret security clearance and access to classified information. Nevertheless, the case seemed to be a good excuse to revisit the topic. The often vast difference between the Chinese and Western views of the practice can cause serious problems and misunderstandings in the world of business. As the underlying principle that guides relationships in China, the convention is far too integral a part of Chinese culture to be completely eliminated. But if Western corporations can't eradicate guanxi, they can at least cultivate a better understanding of the practice to ensure that it stays within the confines of laws such as the U.S. Foreign Corrupt Practices Act or the British Bribery Act.
Diverging Points of View

Chinese Internet Leaders Will Shake The World

Written by Dan Steinbock

A decade ago, Chinese internet companies were still marginal internationally. Today, they are world-class industry innovators. In the internet economy, the leadership is shifting from the advanced West to the emerging East.

Please share this article - Go to very top of page, right hand side for social media buttons.

China's Role in Post-Hegemonic Middle East

By John Calabrese
Dr. John Calabrese teaches U.S. foreign policy at American University and is director of the Middle East Institute's Middle East-Asia Project (MAP). This piece is part of a special RCW series on the U.S.-China geopolitical relationship. The views expressed here are the author’s own.

For more than a decade, the Middle East and North Africa region has experienced a level of violence and instability that is unprecedented in its modern history -- a turbulence that shows no sign of abating. During this period, the long-term sustainability of the U.S. role as security guarantor has increasingly been called into question, both in the United States and within the region. Meanwhile, China’s investments in the Middle East have grown, as has its economic, diplomatic, and security footprint.

Within this context, are there any indications that the United States and China already are, or inevitably will become, strategic rivals in the Middle East?

Will the Chairman turn? China contemplates its North Korea policy

By David Kelly 

With North Korea recently threatening a nuclear strike on Australia, the Communist Party of China's ability to shift gears on the Korean issue comes into stark focus.

When US President Donald Trump told his Chinese counterpart Xi Jinping over chocolate cake that he was launching airstrikes on a Syrian airfield, Chinese observers immediately read it as a message to Xi with implications for North Korea. They read Washington's declaration of an end to 'strategic patience' over North Korea and the rising in prominence of the North Korean nuclear arms issue on the US agenda as decisive changes, and they saw the strike on Assad as heightening the threat of preemptive US action. The speed of Trump's decision to strike distanced him from Obama and reinforced Trump's unpredictability.

All of this raised the stakes for China. A US-North Korean military confrontation is no longer a distant prospect, and China's orthodox stance of preserving North Korea's internal stability at all costs looks myopic, not least at home.

There is deep contention over relations with North Korea in China. North Korea's first nuclear test in 2006 was a critical moment, when public disquiet over Beijing's ties with its neighbour first appeared. More Chinese commentators have recently joined the ranks of those who find North Korea a strategic liability and not an asset that provides China with a buffer.

China’s new military structure emphasizes cyber ops


by Philip Wen and Michael Martina 

BEIJING (Reuters) – Chinese President Xi Jinping has announced a restructure of the People’s Liberation Army (PLA) to transform it into a leaner fighting force with improved joint operations and cyber capabilities, state media said.

Centered around a new, condensed structure of 84 units, the reshuffle builds on Xi’s years-long efforts to modernise the PLA with greater emphasis on new capabilities including cyberspace, electronic and information warfare.

As chair of the Central Military Commission, Xi is also commander-in-chief of the armed forces.

“This has profound and significant meaning in building a world-class military,” Xi told commanders of the new units at the PLA headquarters in Beijing, the official Xinhua news agency said in a report late on Tuesday.

All 84 new units are at the combined-corps level, which means commanders will hold the rank of major-general or rear-admiral, the official China Daily reported on Wednesday, adding that unit members would likely be regrouped from existing forces given the military was engaged in cutting its troop strength by 300,000, one of a range of reforms introduced by Xi in 2015.

Israelis Learn to Live With a New Neighbor: Islamic State


Yaroslav Trofimov

ELIAD, Golan Heights—On one side of a fence that snakes through eucalyptus-covered ridges is a swath of Syrian villages held by Islamic State. On the other, Yitzhak Ribak grows his Merlots, Cabernet Sauvignons and Syrahs.

“My grapes are just 10 meters from the border fence. Sometimes I hear the booms on the other side. Sometimes I see people on the other side. They look like shepherds, but who knows,” said the Israeli winemaker. “It’s crazy.”

So far, Islamic State hasn’t bothered his vineyard. “I am here all alone on my tractor at night and I am not afraid.”

While most attention has focused on Islamic State’s shrinking but still vast territory in eastern Syria and northwestern Iraq, the extremist group has also proved surprisingly resilient in the pocket of land it controls just outside Mr. Ribak’s vineyard. The area sits at the confluence of Syria, Jordan and the Israeli-annexed Golan Heights.

Eugene Kaspersky opens up about Russia, hacking and the frontlines of cyberwar


The Savoy, London. Eugene Kaspersky welcomes IBTimes UK to the exclusive 5-star hotel with a firm handshake. He is, as usual, just passing through, but his topic of conversation – the dark and murky work of cybercrime – has arguably never been more relevant.

For 20 years, experts from Kaspersky Lab, the Moscow-based cybersecurity firm, have fought gallantly to combat malware, spyware and viruses, often state-sponsored. Kaspersky, the firm's founder and chief executive has been on the frontlines of this cyberwar the entire time.

His firm helped detail the computer worm that came to be known as 'Stuxnet' – a state-sponsored creation used to destabilise Iran's nuclear ambitions. Two years ago, it exposed The Equation Group, a hacking team allegedly linked to the National Security Agency (NSA).

Kaspersky, as a result, is no longer surprised by developments in the cybersecurity industry that may appear shocking to those on the outside looking in. Only one scenario ruffles his otherwise calm demeanour: the danger posed by critical infrastructure hacking.

In 2015, Ukraine suffered a major blackout. Upon investigation, Kaspersky's Global Research and Analysis Team (GReAT) linked the attack to a strain of malwareknown as BlackEnergy.

Africa Growing? Past, Present and Future

By Morten Jerven 

Until the 2000s, economists deplored the stagnant incomes, slow growth and uncertain development that marred Africa. As a result, they spent much of their time elaborating on the historical roots of these problems. So, with African economies growing for more than a decade now, and fuelling a counter-narrative of ‘Africa rising’, what do the analysts do now? Morten Jerven thinks they need to explain the development that has taken place and explore its future prospects.

Until the late 2000s, the economic development performance of postcolonial Africa was summarised as a failure of economic growth. Accordingly, since the 1990s academic literature sought to determine which factors could explain slow growth. In addition, alleged failure and permanent stagnation cohered well with GDP per capita distribution of income in Africa, providing the impetus for an economic and political science literature that investigated the historical causes of low income persistence in African economies. However, African economies have been growing for more than a decade, fuelling the counter-narrative of ‘Africa rising’. This information changes the questions that should be asked when looking at African economies. There is now a need to focus on explaining the growth that has taken place in Africa and explore its future prospects.

The Fight in Hungary Is Over George Soros's Legacy

By Leonid Bershidsky

Hungarian Prime Minister Viktor Orban has long avoided effective censure by the European Union, even though he has long since stopped adhering to the bloc's common values, denouncing liberalism and adopting an authoritarian style of government. But his attempt to close down the Central European University in Budapest, funded by George Soros, seems to be the last straw; the EU intends to sue Hungary over it, and sanctions may follow unless Orban leaves the CEU alone.

It's remarkable that the controversy over the Soros project is what has brought European unhappiness with Orban to a boil. But then, the stakes are especially high for the octogenarian philanthropist: This may be his final stand in a region where he has accomplished so much -- and yet seen at least as much failure.

In the final paragraph of her 2015 book, "Buying a Better World: George Soros and Billionaire Philanthropy," Anna Porter wrote:

It would be ironic if the Soros legacy -- as viewed through the lens of the next century -- is the Central European University in Budapest. Ironic, because the one thing that Soros never wanted was an edifice, a building to house his ideas. But it is also fitting because CEU may yet turn out to be the incubator of future leaders and, with a bit of luck, they will lead to a better world.

SIPRI Military Expenditure Database


Military expenditure in local currency at current prices is presented according to both the financial year of each country and according to calendar year, calculated on the assumption that, where financial years do not correspond to calendar years, spending is distributed evenly through the year. Figures in constant (2015) and current US $, as a share of GDP and per capita are presented according to calendar year. Figures as a share of government expenditure are presented according to financial year.

The availability of data varies considerably by country, but for a majority of countries that were independent at the time, data is available from at least the late 1950s. Estimates for regional military expenditure have been extended backwards depending on availability of data for countries in the region, but no estimates for total world military expenditure are available before 1988 due to the lack of data for the Soviet Union.

Pdf files:





Tactical CEMA in Cognitive Spaces

By Patrick Duggan
B. H. Liddell Hart

Modern warfare is founded on networks and tactical cyber and electromagnetic activities (CEMA) provide critical keyholes to unlocking their cognitive spaces. Over the last 16 years, advances in regional adversary technical capabilities have eroded the U.S. military’s multi-domain superiority and now pose sophisticated challenges that require the re-examination of all assumptions. But more difficult doesn’t mean unwinnable. Recent U.S. Army CEMA initiatives promise to be indispensable new means for commanders to gain tactical advantage, not just in the physical sense, but in the cognitive as well. Spurred by the recent U.S. Army and Marine Corps concept of multi-domain battle,[2] this paper advances the notion of ‘window-chaining’ as a new cognitive term of art to help visualize its “temporary windows of advantage”[3] and use CEMA as the means to arrange their multi-simultaneity into cognitive networks at the tactical level. Magnified by important corollaries of war, near-peer parity will force commanders to increasingly step-back from direct, tangible, and kinetic solutions, to examine indirect, invisible, and psychological ones instead. In the end, to win a fight against a rival competitor isn’t about overpowering his technical capabilities, as much as overwhelming his mind.

A Tactical Example

Consider a hypothetical scenario where an Infantry Platoon Leader on a reconnaissance mission, spots two enemy tanks in an open desert. While the tanks present ripe targets to destroy at the physical level, what would window-chaining do instead? In lieu of destroying the two tanks with airpower, which depends upon air superiority, or attacking them with direct or indirect fires, which jeopardize his position, the Platoon Leader can use CEMA to detect and compromise a vulnerability in one of the tank’s communication access points. Then, he could inject malware that spreads throughout the entire tank squadron which sends an urgent call for a quick reaction force (QRF) stating that the two tanks are under attack. The Platoon Leader could then jam all follow on communication, leaving the tanks unwitting to their own compromise and QRF on the way. Then, the Platoon Leader could link the abstract to the physical and send a false indirect fire mission to a previously compromised enemy artillery battery timed to land when the QRF arrives.

Lone-Actor vs Remote-Controlled Jihadi Terrorism: Rethinking the Threat to the West

By Sam Mullins

At approximately 2:40 in the afternoon of March 22nd, British-born Khalid Masood — a violent criminal who had previously been investigated by MI5 for links to extremists — deliberately drove into pedestrians making their way across Westminster Bridge. He killed a mother on her way to collect her children from school, a pensioner, and two tourists. After crashing the rented vehicle into the gates of Parliament, Masood ran into New Palace Yard and stabbed an unarmed policeman to death before being shot and killed by plainclothes officers. In contrast to other recent attacks in Western nations, which have frequently (sometimes incorrectly) been labeled acts of “lone-actor” terrorism, Masood’s assault was followed by a volley of articles with titles such as “Remote-Control Terror,” “Don’t Bet on London Attacker Being a Lone Wolf,” and “The Myth of the ‘Lone Wolf’ Terrorist.” Analysts were keen to point out that “lone-actors” are very rarely truly alone and that instead they tend to emerge from within broader, extremist milieus. Moreover, what sometimes seems like lone-actor terrorism at first glance turns out to be connected to, if not directed by, foreign terrorist organizations. Yet the official word on Masood is that, regardless of his associations, he acted “wholly alone.” To accurately understand the nature of terrorism today, patient, measured analysis and consistent use of terminology are necessary. It is therefore important to re-examine the concept of lone-actor terrorism and to try and appreciate where it fits within the overall spectrum of jihadist terrorist activity in the West.

The Changing of the Global Economic Guard



China has profited immensely from the open global trading system. But whether it remains open depends on the actions of the West’s increasingly reactive democracies.

East German citizens climb the Berlin wall at the Brandenburg Gate as they celebrate the opening of the East German border on November 10, 1989.Reuters

In January 2017 the global economy changed guard. The venue was Davos, the annual gathering of the world’s wealthiest recyclers of conventional wisdom—and consistently one of the last places to anticipate what is going to happen next. This time was different. The assembled hedge-fund tycoons, Silicon Valley data executives, management gurus, and government officials were treated to a preview of how rapidly the world is about to change. Xi Jinping, the president of China, had come to the Swiss Alpine resort to defend the global trade system against the attacks of the U.S. president-elect, Donald Trump. With minimal fanfare, the leader of the world’s largest developing economy took over the role of defending the global trading system in the teeth of protectionist war cries from the world’s most developed nation. It portended a new era in which China would apparently play the role of the responsible global citizen. The bad guys were swapping places with the good. “Some people blame economic globalization for the chaos in our world,” Xi told Davos. “We should not retreat into the harbor whenever we encounter a storm or we will never reach the other shore. … No one will emerge as a winner from a trade war.”

 A Communist Party Man at DavosAfter more than 70 years of U.S.-led globalization, Xi’s declaration of global stewardship in the spiritual home of capitalism was an Alice in Wonderland moment. A few days later President Trump gave his by now notorious “American carnage” inaugural address. Much has changed since then. For the time being at least, Trump has dialed back his more outlandish protectionist rhetoric. A U.S.-China trade war looks less likely than it did in January. But things can change fast in Trumpland. In the space of half a day this week, Trump was reported to be considering scrapping NAFTA but then seemed to change his mind after talking to his Canadian and Mexican counterparts. Earlier in the week he slapped steep tariffs on Canadian softwood lumber imports. Even if Trump’s protectionism ceasefire with Xi sticks, that switch in roles—the changing of the global economy’s sentinel from the U.S. to China—is taking place nonetheless.

The Power of Botnets: Intensifying Crime, Disinformation, and Espionage


Imagine an army of computers, acting under the instructions of a criminal syndicate, terrorist group, or foreign government. These so-called botnets can disrupt the internet’s infrastructure, facilitate theft and surveillance on a mass scale, and even sway political opinion. While many experts focus on the disruptive capabilities of botnet DDoS attacks and the disinformation campaigns they can mount, botnets can facilitate other types of malicious activity. They are probably best known for profit-motivated cybercrime via botnets-for-hire. By pilfering credentials, criminals can steal financial information, disseminate spam, and deploy ransomware to extort money from businesses around the world. Spies also commonly leverage criminal botnets to facilitate intelligence collection efforts. An expert says, “identifying a bot is hard, almost impossible, but identifying humans is still possible. If you are able to identify human behavior, then you are able to block any bot.”

A Beginner’s Guide to the Musical Scales of Cyberwar

By Jessica Malekos Smith

This article is a beginner’s guide to understanding the ‘musical scales’ of cyberwar. As such, it addresses what constitutes a use of force in cyberspace and how states may lawfully respond. Understanding the legal confines of offensive and defensive cyber operations is a burgeoning area of study. In fact, as the former legal advisor to the U.S. State Department, Harold Koh, famously remarked at U.S. Cyber Command in 2012: “How do we apply old laws of war to new cyber-circumstances, staying faithful to enduring principles, while accounting for changing times and technologies?”[i]

To provide granularity in answering this question, this article uses the analogy of a piano keyboard. The accompanying graphic illustrates how the core principles of the law of war apply to cyberspace. Using the concept of Middle C and musical intervals known as octaves, it displays the range of permissible state conduct during times of conflict. By juxtaposing the law of war with a keyboard, the process of how states evaluate the scale and effects of a cyber operation, and determine a basis for resorting to a use of force under the Law of Armed Conflict (LOAC), can be more readily conceptualized. For as the illustrious American poet, Henry Wadsworth Longfellow wrote, “music is the universal language of mankind.”[ii]

‘Algorithmic Warfare:’ DSD Work Unleashes AI On Intel Data

By SYDNEY J. FREEDBERG JR.

Military imagery analysts can’t keep up with the vast amount of data pouring in from drones, so DepSecDef Bob Work wants artificial intelligence to help.

WASHINGTON: The technophilic Deputy Defense Secretary, Bob Work, just stood up a task force to advance the use of artificial intelligence in military intelligence. This is not SkyNet, an AI with its finger on the launch button.

Instead, the first project for this Algorithmic Warfare Cross-Functional Team will be developing AI to sort through vast amounts of video collected by surveillance drones, a flood of data that’s overwhelming human analysts.


The AWCFT will ” consolidate existing algorithm-based technology initiatives” related to intelligence under the oversight of the undersecretary of intelligence, the memo says. The task force will be run by the Director for Defense Intelligence – Warfighter Support, with a steering committee and support staff drawn from across the Defense Department.

Doctor Google Will See You Now

-- this post authored by Martin Armstrong

For many people nowadays, the first port of call upon discovering an unusual rash or feeling a worrying pain is not the doctor, but rather Google.

Figures from Eurostat show the countries which are relying the most on medical information from the internet. In Luxembourg, almost three quarters of respondents said that they had turned to the web for health-related information - an increase of 44 percentage points on 2006. Denmark, Germany and the Netherlands are also among the top European countries turning to Google et al for advice.

This chart shows the share of 16-74 year-olds using the internet for seeking health-related information in 2006 and 2016.

Safeguarding America’s nuclear weapons from emerging cyber threats



BUFFALO, N.Y. (WIVB) – It’s a nightmare scenario.

Some nation state or terrorist organization unleashes a cyber-attack on U.S. nuclear command and control systems.

Could it happen?

“The threat is there. The threat is real,” said Shambhu Upadhyaya, a University at Buffalo professor of computer science who specializes in cyber security.

He says possible attacks could involve gaining physical access to a system or sneaking in through cyberspace.

What’s the likelihood of that?

“I would say the weapons facilities, nuclear weapons facilities are very difficult to break in,” he said.

Upadhyaya’s research at UB includes beefing up the authentication process to prevent cyber intruders.

Chinese and Russian Cyber Communities Dig Into Malware From April Shadow Brokers Release

by Insikt Group

As of April 15, the Chinese cyber community had begun to investigate the most recent release of malware from the Shadow Brokers group. Security researchers and cyber actors reversed several of the tools and were particularly interested in the exploit framework (named FUZZBUNCH), the SMB malware (ETERNALBLUE), and the privilege escalation tool (ETERNALROMANCE).

Chinese-speaking actors additionally focused on the unique malware trigger point and some claimed that the patches for CVE-2017-0143 through -0148 were insufficient because they did not address the base code weaknesses.


Mentions of one of the tools, ETERNALBLUE, on the Chinese language web over time.

Your inbox is probably out to get you, says Symantec 2017 threat report


by Tony Ware

Malicious emails, politically motivated cyberattacks and internet of things compromises are all on the rise, according to a new Internet Security Threat Report from security products and solutions company Symantec.

With 1 in 131 emails containing an infected link or attachment, and spear-phishing targeting 400 businesses every day, cyber criminals are ramping up efforts to compromise systems for the purpose of economic and political gain. Email is a particularly popular vector because it does not require a preexisting vulnerability to be exploited, just simple deception of victims to make a single click or disclose credentials.

New ransomware families identified in 2016 have tripled to 101, infections worldwide have increased in frequency by 36 percent, and the average ransom demand has ballooned 266 percent from around $300 to over $1,000 because 64 percent of Americans (the No. 1 targeted group) are willing to pay. 

Once in a system, cyber criminals are exploiting simple, commonly installed tools to exfiltrate information. The scripting language PowerShell, as well as Microsoft Office files, are commonly having their macros weaponized. They are also reviving tools for sabotage, such as the disk-wiping Trojan Shamoon, and targeting utilities such as power stations.