Huawei the truth and the myth.
By Philip Ingram MBE
We are hearing one name, causing news presenters angst when it comes to pronouncing it, in the press at the moment, it is that of the Chinese telecom giant Huawei. So why are government ministers interested in Huawei? Why are the 5 Eyes community talking about it so much? What is the truth and what is the hype? Finally is there anything else we should be worried about? Philip Ingram MBE a former Senior British Intelligence officer who has worked with signal intelligence organisations takes a look.
Techadvisor.co.uk said “You can’t ignore Huawei any more. With increasingly premium smartphones on the market,” the Chinese company is challenging Samsung, LG, Sony and Apple who according to analysis by consulting firm Counterpoint Research, it outsells globally.
Given this great accolade then why are the US Government putting certain Chinese companies under increasing scrutiny and even more. In February, FBI Director Chris Wray told the Senate Intelligence Committee that the FBI was “deeply concerned” about the risks posed by the Chinese phone and telecommunications equipment providers Huawei and ZTE. Both Huawei and ZTE have repeatedly insisted that their consumer devices don’t pose a security threat to the US or anywhere else across the globe. (ZTE like Huawei provide telecom infrastructure devices). The Australian Government has decided, reportedly on national security grounds, to exclude Huawei from involvement in their National Broadband Network.
In a report to the UK parliamentary Intelligence and Security Committee, the Security Service (MI5) said in 2008 that, theoretically, the Chinese State may be able to exploit any vulnerabilities in Huawei’s equipment in order to gain some access to the BT network, which would provide them with an attractive espionage opportunity. So the issue in the press today is nothing new!
Looking at the UK market, Huawei makes everything from the routers and switches that steer traffic across the internet, to BT’s green street cabinets, to the transmission equipment used in mobile phone masts. If you send an email from your home computer or make a mobile phone call, wherever you are in the UK, the chances are your private communications and data will be carried over Huawei equipment. However, it is not the private communications that concerns are being raised about. It is the linking of our national infrastructure across the 5G network.
5G is a step change in the ability to transmit high speed data and will enable our already connected life style to reach levels probably unimagined as yet.
On the back of that report, BT who control the communications infrastructure across the county, started a programme to strip Huawei equipment out of the current 3G and 4G networks and have not planned to put Huawei devices into the core of developing 5G Networks. However, Huawei hit back and opened the Huawei Cyber Security Evaluation Centre (HCSEC) (known as “The Cell”) in 2010 just outside Oxford and put it under the oversight of what was then called the CESG and is now NCSC, the public facing part of the UK’s GCHQ.
This is why in recent statements senior personnel from GCHQ have been able to say they had “a unique oversight and understanding of Huawei engineering and cyber security”. One of the major issues over Huawei engineering is around so called ‘back doors’ being engineered into the hardware on the orders of the Chinese Government, so that the Chinese had a secret method of taking control of the hardware when they wanted to.
This fear was enhanced when China introduced its new National Intelligence Law and in particular Article 7 of that law which states, “any organisation or citizen shall support, assist, and cooperate with state intelligence work according to law.” Then Article 14 says, ‘state intelligence work organs, when legally carrying forth intelligence work, may demand that concerned organs, organisations, or citizens provide needed support, assistance, and cooperation.” This just reinforces that the Chinese state can overrule Huawei’s claimed independence. Huawei continue to insist that the law is being mis-interpreted.
This idea of back doors is nothing new and ‘The Cell’ has found no evidence of back doors being deliberately put in Huawei hardware and they have denied they would ever do so, even if there was pressure from the Chinese Government. One area that possibly leaves hardware vulnerabilities however, is in their basic engineering.
Dr Ian Levy, technical director of the National Cyber Security Centre (NCSC), said on BBC Panorama, “The security in Huawei is like nothing else – it’s engineering like it’s back in the year 2000 – it’s very, very shoddy and leads to cyber security issues that we then have to manage long term.” But what does shoddy engineering mean?
As electronics are developed rapidly and for the mass market therefore as cheaply as possible, development is happening continuously. That development is in the hardware – the physical bits connected together and the software. What many don’t realise is those bits are made of bits and individual chips with a role in a device have their own software giving instructions. Developers have ‘development backdoors’ on chips and component so that updates can be quickly coded or integrated and the sides are supposed to be closed down before the production version is manufactured. Frequently this doesn’t happen as it is another process and therefore cost and development is ongoing often even after manufacture has started, so chips are put into production devices with engineering flaws.
The second area is that security is not designed in at chip level. There isn’t enough coding room for this to happen. However, Huawei is not the only international giant with reported security flaws.
Not just Huawei
Last year there were several reports on the blogging site Reddit saying that some Samsung Galaxy S9 and Note 8 phones were sending users’ pictures to their contacts without their permission and linked the issue to the Samsung Messages app.
Then we had Google confirming that it allows some external software developers to read and analyse the inboxes of Gmail users. “External apps can integrate with Gmail, so customers have options around how they use their email,” director of security at Google Cloud Suzanne Frey said in a blog post.
So who is listening to your conversations?
On the 3rd of July 2018 in the UK Parliament, the UK Defence Secretary, Gavin Williamson was updating MPs on Syria was rudely interrupted, not by another MP, but by his iPhone’s AI App Siri which boomed out “Hi Gavin, I found something on the web for: ‘In Syria, democratic forces supported by coalition…”
Trying to make light of the interruption Mr Williamson said, “It is very rare that you’re heckled by your own mobile phone.” Very quickly afterwards sources close to the minister denied that having the voice recognition software switched on posed a security risk, saying he did not carry that phone during confidential and sensitive meetings.
However, what wasn’t said is if he has sensitive conversations on that phone or with people when the phone is in his pocket. It is always listening.
In 2015 Samsung again warned its customers about discussing personal information in front of their smart television set. The warning applied to TV viewers who control their Samsung Smart TV using its voice activation feature. Samsung said, “when the feature is active, such TV sets ‘listen’ to what is said and may share what they hear with Samsung or third parties.”
Many of these companies use Chines made chipsets in their technologies.
Papers leaked from America’s National Security Agency (NSA) by Edward Snowden through Wikileaks, revealed that it had hacked into Huawei’s headquarters, obtaining technical information and monitored the communications of its top executives. One of the reported aims was to try and uncover vulnerabilities or back doors in the products to use them for US surveillance operations.
The US Hacks Huawei
This could be why the US director of national intelligence and heads of CIA, FBI, NSA gave public warnings, but it is likely they know more about Huawei than they would be willing to say publicly. There is a distinct possibility that they found vulnerabilities not just in the software run on the phones, but the firmware (the code that makes components talk to each other) and even in some cases the hardware, the components themselves.
The Chinese Government’s cyber capability is provided by the Strategic Support Force (SSF) and is the military organisation tasked with gaining a strategic advantage in the information and cyber domain via its Network Systems Department. Given Chinese government control over most of its industry and that has been clear reporting for many years that the Chinese government forces its domestic electronic equipment providers to hand over their source code, this will be used by the SSF to exploit vulnerabilities in devices globally. Linking this to the new law reinforces the suspicions with regard to Huawei.
More back doors.
However, when it comes to ‘backdoors,’ it is not the Chinese who have been found out recently. In 2018 five undocumented back doors were found in CISCO routers and detailed in a book entitled No Place to Hide,” by Glenn Greenwald, the journalist who originally broke the Edward Snowden story. Greenwald states that unbeknown to CISCO the NSA intercepts routers and network devices bound for overseas customers and “then implants backdoor surveillance tools, repackages the devices with a factory seal, and sends them on. The NSA thus gains access to entire networks and all their users.”
There is merit to being wary of any one nation having potential access no matter how small it is to critical communications networks by what ever means. However, what is clear is that every nation is at the espionage game and if Huawei routers are being used then possibly another manufacturers tampered with routers are not being used, blinding that intelligence agency.
They are just doing their job.
It is the remit of national intelligence agencies to gain an advantage and they will do so by what ever means. The whole intelligence game revolves around data. Data is key to everything so it can be analysed, cross referenced, processed, assessed and turned into intelligence. The Russians targeting priorities are to gain political advantage and steal military secrets the Chinese focus is primarily on intellectual property; President Trump has stated the US priority, “America First.”
Huawei deny any Chinese state control or vulnerabilities and set up an organisation staffed by UK security cleared personnel to test the equipment they attach into the critical national infrastructure (CNI) and that organisation is called “The Cell.”
Jerry Wang, CEO of Huawei in the UK, wrote to The Times: “Their accusations are a smokescreen for an attack on our recognised technological innovation. They are not based on security concerns, but a barely concealed protectionist trade agenda.”
We have several elements to the current debate, espionage, a distinct probability but all sides do it. Trade, and security is an easy cry to scare the markets into protectionist trade policies. Manufacturing standards, whether one manufacturer should have a monopoly on critical elements of a network and with 5G the way we structure our future Satan enabled world.
One thing to remember about anything you process electronically on a device that is connected to any network, WIFI, mobile provider, is that that data may not be as safe and personal as you think. It is your choice as to what tech you buy but whatever your choice is, think security, think risk, think compromise.
The New IRA is believed to have been responsible for a number of attacks in Derry in recent years, including an attempt to kill a police officer by planting a bomb under his car outside his home in 2017. It claimed responsibility for firing shots and throwing grenades at police during nights of disturbances in Derry last summer.
In January 2019 a car bomb exploded outside Derry City Court House, luckily injuring no one and causing little damage. Two men in their twenties were detained hours after the explosion and two other men aged 34 and 42 were arrested in the city the next day. We have people in their nappies when the Good Friday agreement was signed at the front of this new terror wave.
In March 2019 five parcel bombs were sent from the Irish Republic to addresses in Great Britain, four were delivered, only one partially initiating when it was opened, and one was returned to a sorting office in the Republic of Ireland where it was discovered and dealt with. The New IRA were blamed.
Now, at the height of the Christian Calendar, the PSNI are blaming the New IRA for the death of Lyra McKee, a journalist covering nights of disturbance on the Creggan Estate in Derry, similar to what had happened last year. Two teenagers were arrested for the shooting, at 18 and 19 they weren’t born when the Good Friday Agreement was signed 21 years ago. Somehow in those intervening years they were groomed into thinking republican terror was the way forward. That is clearly a rot at the centre of elements of the community and that rot killed Lyra McKee.
Formed in 2012 following a merger between groups including the Real IRA and Republican Action Against Drugs (RAAD), which was predominantly active in the northwest of Northern Ireland, it has been responsible for the murders of two prison officers.
David Black (52) was shot dead as he drove to work in Co Armagh in 2012, while Adrian Ismay died 11 days after a bomb exploded under his van in Belfast in 2016.
The Real IRA, emerged toward the end of 1997 and were blamed forthe 1998 Omagh bomb, which claimed the lives of 29 people and unborn twins, the worst atrocity of the Troubles.
It was also claimed that the Real IRA were responsible for the deaths of two British soldiers in 2009 outside the Massereene Barracks in Antrim and has been linked to other gun attacks, bombings and other criminality across the UK and Ireland.
In 2014 Forbes Israel carried out a study into the wealth of terror organisations across the globe. Most dissident republican groups, such as the Continuity IRA and all of the loyalist terror groups failed to make the Forbes list.
Forbes Israel top 10 of terror:
1 Isis £1.3bn
2 Hamas £638m
3 Revolutionary Armed Forces of Colombia (Farc) £383m
4 Hezbollah £319m
5 Taliban £255m
6 Al-Qaeda and affiliates £96m
7 Lashkar e-Taiba £64m
8 Al-Shabaab £45m
9 Real IRA £32m
10 Boko Haram £16m
However, significantly the Real IRA came in at number 9 sandwiched between Al-Shabaab and Boko Haram with a £32 million annual turnover. This money comes from extortion, smuggling, drug running, robbery and other organised criminal activities. The link between serious and organised crime and terror couldn’t be clearer.
The New IRA have no cause, they have no political agenda, they are fed by the politics of ‘nay’ espoused by all of the main political parties in Northern Ireland. They are a serious and organised criminal; organisation who, for kicks, use terror tactics to maintain a presence in society. They are no more than little bullies with guns and bombs extorting the future of the children of Northern Ireland. It’s time to stop.
2019 a year of Security Uncertainty
By Philip Ingram MBE
If the security challenges for 2018 weren’t challenging enough what will 2019 bring? Last year we saw the first use of the deadly Novichok nerve agent anywhere in the world, making a household name of a substance only very few had heard of before. Then we have the growth of terror that Andrew Parker the Head of MI5 described as working at unprecedented levels and the CT Police highlighting that the number of active investigations going on at once had grown from 500 to over 700. We also see security challenges caused by Gatwick airport being shut for 36 hours over a peak holiday getaway period because of a drone or drones in its airspace.
So, what does 2019 hold for the Security community in the UK? More of the same or are we likely to see anything new?
The biggest challenge that is occupying many people’s minds is that of BREXIT and the implications that will have on wider security architecture. Peter Franciscus Van-Osselaer, Head of Operations, European Counter Terrorism Centre, EUROPOL told Philip Ingram MBE that, “even in the event of a ‘no deal BREXIT,’ the UK had in place bilateral and other agreements to ensure security working arrangements would remain as close to as they are today with the UK in the EU. No one, not on the UK side or the EU side wanted to lose the working relationship that was in place today.”
Putting BREXIT to one side, the Cyber threat is all pervading through society, continually morphing and finding new ways to threaten networks, businesses and personally identifiable data. The biggest threat we are likely to see in 2019 is through Artificial Intelligence or AI. This will be three-fold, the first, the threat to AI enabled business practices, the second, the criminal use of AI to break into networks and the third is the use of AI to protect networks.
Tied into this growing risk area is the growth of the ‘attack surface’ through the proliferation of Internet of Things (IoT) devices, the always connected and everything connected society we seem to be growing into and this will become worse with the roll out of the 5G data network that is up to 1000 times faster than the current 4G networks.
The traditional ransomware and data theft attacks will continue but we will see a rise in manipulation attacks, manipulating data to create undue influence and potentially reputational damage.
Threats will range from the home based ‘geek’ through to state sponsored like we saw with Wannacry and notPetya and are seeing with increasing wariness for governments to allow tech giants with potential Chinese government influence such as Huawei and ZTE from increasing their access to faster networks such as 5G. The clear message from these attacks are the threat state actors can have on not just enterprise businesses but also SME. However, it is important to balance this ‘wariness’ out as nothing has been proved against the Chinese firms despite intensive testing whereas CISCO had 7 back doors discovered in their equipment’s in 2018, some of which were blamed on the NSA. Security vulnerabilities are as much an economic tool as they are spying tool.
The focus on alleged illicit state activity in the use of manipulated and targeted data in various elections around the globe is being investigated, 2019 will likely be the year of the consequences of those investigations becoming public. However, what this is likely to do, is emphasise the potential of information being used as a weapon designed to cause an effect and in industry that effect could be reputational. Public Relations will probably move a little more towards the centre of risk mitigation activities.
The closure of Gatwick Airport outside London for 36 hours before Christmas brought the drone threat firmly back onto the agenda. The UK Civil Aviation Authority Drone Risk Assessment of January 2018 makes no mention of the use of drones to deliberately disrupt a working airfield and the lack of equipment to deal with the threat shocked a large number of people. One airline working out of Gatwick say the incident cost then £15 Million but the full cost of the incident hasn’t been calculated yet.
A scare at London Heathrow Airport in January was dealt with in less than an hour with only one runway closed, but highlighted the very real threats that drones provide to the safe operation of airports and a after several incidents in the Middle East, the Emirates Authority for Standardisation and Metrology (ESMA) estimated the cost of closure at $100,000 per minute, meaning drone detection technologies would very quickly fall into the cost effective bracket!
Thank goodness our news headlines are not filled with stories of continuing successful terror attacks as seemed to happen in 2017. However, the threat hasn’t gone away and in the words of Andrew Parker the head of the UK Security Service MI5, the threat has reached “unprecedented levels.” This is reflected in the growth of active investigations from 500 in 2018 to 700 towards the end of the year and into 2019 with 3000 active suspects and another 20,000 on a terror watch list.
With the squeeze to near elimination of the ground so called ISIS held in Syria and Iraq it would be easy to assume the terror threat was waning. Not the case says Vasco Amador of the cyber Intelligence Company Global Intelligence Insight, who track extremists online. “In recent months was have seen a relaunch of so-called ISIS cyber capability that used to be called the ‘United Cyber Caliphate’ and has been rebranded as the ‘Caliphate Cyber Shield’ with new leadership and new energy. The groups they operate online have thousands of active followers across the globe,” he said.
The final security threat we must watch out for in 2019 falls into the unknown bracket. Who would have thought a deadly military grade nerve agent would have been used on the streets of England by another state. We don’t know what the next novel threat will be. However, putting all security threats to one side – we can confidently predict that more people will be killed and injured by man-made and natural disasters, than will suffer similar consequences from any security incident. 2019 will certainly be an interesting year.
Click HERE to continue to the International Security Expos’ HQ Magazine for more great insights and content.
Passing the buck
In March 2012 Capita signed the landmark deal pledging to overhaul and improve recruitment across the armed forces in a £1.3 billion recruiting partnership project. In 2019 it was recognised that this had failed but was the failure down to Capita alone, or is the way the MoD looks after its veterans a serious factor in a recruits decision not to proceed? Philip Ingram highlights how the MoD is just passing the buck, making someone else responsible for the people it has broken.
The Armed Forces strategy published in November 2018 was designed to fix the incoherent approach to veteran’s support across the country and set the foundations for a bright future. But has it, or is it perpetuating the issues, just more clearly?
The Armed Forces Covenant Fund Trust is the independent Trust that manages the Armed Forces Covenant Fund of £10 million per annum that is there to support our veterans but where does it go, what does it do and what is the strategy behind it?
The new Armed Forces strategy says, “It is right that we as a nation – government, charities, business and the wider public – support and empower those who have served us in our Armed Forces. We have a long history of doing this in the UK, and it remains our duty to support those who step up to serve this country.”
“Each nation within the UK will assess how they deliver the Strategy in line with local needs and delivery mechanisms.” This means differential treatment depending on local resources and priorities, it is a post code lottery for standards of help and support.”
The Strategy recognises potential issues when it says, “veterans often receive support from many different organisations, across the public, private and charitable sectors. Each time Veterans engage with a new service provider, they may have to repeat their circumstances and historic experiences.”
“This Strategy takes account of the fact that Veterans exist within a wider community of family and friends. It also considers the families of those who have died whilst serving.” Yet Veterans UK and many of the charities will not deal with third parties so where does the ability of the wider community and family come into play, how is this supposed to happen?
The strategy goes on to say, “the Armed Forces Covenant, which was enshrined in law in the Armed Forces Act (2011), has at its core the principles that Service Personnel, Veterans, and their families are not disadvantaged by their Service and that special provision is made for those who have sacrificed the most, including the injured and the bereaved.” So, by failing the Armed Forces Covenant the MoD must be liable for those failures and is leaving itself wide open to class actions for its continued failings.
It adds, “while the Ministry of Defence does provide some services directly to many Veterans, most services accessed by Veterans are delivered by wider public services. The type and remit of provision offered by each public body reflects its wider role within the public sector. The Ministry of Defence has a shared moral obligation and leadership role for Veterans’ issues, delivered by the Minister for Defence People and Veterans on behalf of the Secretary of State for Defence, and in practice the responsibility is delivered across governments. The Ministerial Covenant and Veterans Board agrees priorities and coordinates activities for the UK Government, working with the Scottish Government, Welsh Government and government in Northern Ireland to enable the best outcomes for Veterans wherever they are in the UK.”
In reality this process is so far above the delivery of support and is then added to a long list of priorities and coordinated activities that it get lost in the sea of reality. There is no consistency across the country, between charities or agencies, there is no handover mechanism to ensure a continuity of care once one funding line is finished, there are no coherent mechanisms to manage complex cases. Yet, the MoD had held its high level meetings, so responsibility has been passed.
The Veterans Strategy goes on to say, “public sector services are delivered to Veterans by a combination of local authorities, devolved government and the UK Government, creating a complex picture across the UK.” But no element takes responsibility for coordinating that delivery between the elements of what the MoD calls a ‘complex picture’, what hope is there for a veteran to do so?
In what can only be described as management buzz word babble it says, “the establishment of clearer, consistent principles and aims across the UK will help to ensure that a Veteran’s experience remains consistent with that of the other citizens.” But what is different is no other citizens have been by dint of their employment put in such situations as one of their job roles is to lose their life if necessary, veterans are not just like other citizens in many ways! There seems to be no Role for the MOD?
The Strategy outlines “The role of the charitable sector” when it says, “the UK has a strong and vibrant Armed Forces charitable sector, which supplements the core essential services provided by the public sector, by providing additional and/or bespoke services. Charities provide specialist services for Veterans and the bereaved on a range of issues (including: information helplines, healthcare, and housing) throughout the UK, based on their own organisational eligibility criteria.” Then we have the role of the Private sector but nothing on the role of the MoD? That is a clear derision of responsibility. No-where does it outline where distressed veterans can guarantee to get coherent help across organisations and agencies.
To try and deal with the issues surrounding the £1.3 Billion wasted by the Capita saga, and their woes may not be of all of their making with such a clear example of MoD not caring for service leavers, the military are spending millions on new recruiting campaigns that on the surface are brilliant, but one negative story wasted a large percentage of that recruiting spend.
We have a Veteran’s strategy that passes the buck, we have controversy over legacy prosecutions, we have books, Double Crossed, by Brian Wood MC, The Battle Within by Neil Spencer and Broken By War by Anthony Lock, all recently published and highlighting failings by the MoD.
According to ITV, “71 serving military personnel and veterans who took their own lives in 2018 following mental health struggles. The death toll exceeds the number.” That statistic of more than one per week continues and last weekend the friend of a veteran on crisis reached out to the wider community after hitting silence with veterans charities and failure by the NHS. Hopefully that individual wont become another statistic, but there are plenty more who will.
The result of the strategy is we have wounded service personnel falling in their current field of battle, and believe me having suffered it is a field of battle, being left whilst the MoD, charities, public sector agencies either walk by and don’t notice or debate who should do what and write papers about it whilst spending more on trying to recruit their replacement than they are spending on dealing with veterans. Newtons law is for every force there has to be an equal and opposite force, well for the recruiting and retention force, the Veterans Strategy is the opposite force, except it is stronger and growing!
Skripal and Salisbury an infamous combination
It is now a year since Colonel Dr Alexander Mishkin and Colonel Anatoliy Chepiga, traveling under the false identities of Alexander Petrov and Ruslan Boshirov, both members of the Russian Military Intelligence Service, the GRU, entered Britain through Gatwick airport. They had a deadly intent, kill the double agent who was living in the sleepy city of Salisbury, Sergei Skripal, using the deadly nerve agent Novichok.
Their mission was a simple one but had been carefully planned. Sergei Skripal’s daughter Yulia was landing at Heathrow airport to visit her father and be with him on what would have been her late brother Alexander’s birthday. Her emails and probably her phone, were being monitored by Russian intelligence and they would have known her arrangements in detail.
After checking into a cheap East End of London hotel Mishkin and Chepiga waited until the next morning to take the train to Salisbury from Waterloo, to carry out a final ‘close target recce’ of Sergei Skripal’s house in Christie Millar Road.
Their detailed movements in Salisbury that day have not been revealed completely but it is probably that, in their possession they had a detailed ‘pattern of life’ study on Sergei Skripal, possibly delivered to their hotel, so they knew his normal routine. They knew he left his house through the front door, not the side or back door, they knew he pulled it shut by the handle, not the door frame, they knew everything about him because others will have spent time watching him closely, studying his movements, reading his emails, listening into his phone conversations.
Mishkin and Chepiga’s trip to Salisbury on Saturday 3rdMarch 2018 would be to confirm the route to take to Sergei Skripal’s house from Salisbury Station, look for signs of him being watched by British Intelligence, confirm their escape plan and possibly meet with at least one member of the team that carried out the ‘pattern of life study,’ before returning to London.
Early on Sunday 4thMarch, Mishkin and Chepiga return to Salisbury with a fake Nina Ricci Premier Jour perfume bottle filled with deadly Novichok in Russia having replaced the cap with a special applicator that morning. On arrival in Salisbury they quickly retrace the route they checked out the day before and approached Sergei Skripals house to smear the deadly agent onto his front door.
Whilst it is possible it was dispensed directly from the modified perfume bottle the danger of ‘splash back’ would have meant putting it onto a wipe and smearing that onto the door handle would be safer; we don’t know if this is what they did. Both Mishkin and Chepiga will have been wearing protective gloves and it is probable that Mishkin carried self-injecting epi pens filled with a nerve agent antidote, atropine, just in case anything went wrong.
This is where their movements become a bit of a blur. At some point they will have taken their contaminated gloves off and disposed of them, that is probably the point they dropped the fake Nina Ricci Premier Jour perfume bottle and exactly where all of this happened is not known publicly yet, neither are the details of their movements around Salisbury before catching the train back to London and then to Heathrow. How and where they disposed of their contaminated gloves has never been mentioned and the fate of the fake Nina Ricci Premier Jour perfume is too well known when Charlie Rowley gave it to his girlfriend Dawn Sturgess on 30thJune 2018 and she sprayed its contents onto her skin, exposing herself to a lethal dose of Novichok.
Just after the attack on 15thMarch 2018, I asked the MET police who had taken over the investigation, what had happened to the items the ‘would be’ assassins had used and was met with silence, I published my concerns here: https://greyharemedia.com/clear-and-present-danger/and in the Sunday papers. Statements from Public Health England said the risk to the public was very low, Dawn Sturgess paid with her life months later.
The detail of where Charlie Rowley found the contaminated perfume bottle and when he found it are unclear. It is distinctly possible he found it in early March and put it in his bag, forgetting it was there until he unpacked after moving into new accommodation from a homeless shelter in June.
I now repeat my question, what happed to the gloves they will have worn? I suspect they were put in a local bin and the next day taken by the council to landfill so are now safely disposed of, but no one has said.
Why Sergei Skripal?
The most important point to start with is the reason for the attack on Sergei Skripal. It was not done first and foremost to kill him, it was assumed, given the deadly nature of Novichok, that he would die. However, if that were the sole motivation then he would have been shot, stabbed or had a car accident. Sergei Skripal was a vehicle used to send a message to any Putin dissenters across the globe that he could get them anywhere, any time and in a horrible way. Prime Minister May hinted to this in an answer to a question after her statement in the House of Commons on 5thSep 2018.
The second reason was to stir a nationalistic fervour into his Presidential campaign domestically by having a reason to say the west was attacking poor Russia. Remember the attack happened exactly 14 days before the Russian Presidential election and opposition parties and oligarchs were becoming more threatening to Mr Putin’s position and his desire for an increased majority.
Sergei Skripal was chosen because Salisbury in next to DSTL Porton Down, the UK’s chemical defence laboratory and this allowed an element of plausible deniability where President Putin could claim that this was set up to undermine him in the eyes of the international community.
Of note, this is exactly the messaging that came out in the immediate aftermath of the attack. The Russians have a doctrine called маскировка (maskirovka) which is all about ‘masking’ or deception and is central to all they do. The Russian people have an unhealthy belief in conspiracy theories and that the west is out to get them no matter what and this played into President Putin’s domestic messaging.
Putin and the GRU will have been surprised at the tenacity of the UK’s counter-terror police and Security Services investigation and the level of detail they have managed to ascertain. The public exposure of Mishkin and Chepiga by the investigative website Bellingcat will have severely embarrassed the GRU.
Sergei and Yulia Skripal will now be under the protection of MI5 and being held safely out of the public eye. They will be receiving further medical support for their physical and mental symptoms. Their futures will be being discussed with them and they are an integral part of any and all decisions about what happens next. For Yulia, a complete innocent who had a bright career and future, it must be particularly hard.
What are we missing?
We are missing detail what the police believe happened to other contaminated items, we are missing detail around the movements of Mishkin and Chepiga around Salisbury, very little footage from the city’s new £450,000 public space CCTV has been released, we are missing details of the team that will have carried out the pattern of life study, we are missing details of what Mishkin and Chepiga did in London.
However, we have to remember there is a politically sensitive, highly complex live murder investigation ongoing, so it is unlikely much of this detail will be released because we don’t need to know. A comment on the contaminated detritus to build further public confidence would be good however.
We have to recognise the huge effort the police, security service, ambulance, fire and rescue, NHS, military personnel, DSTL scientists, civilian security staff and council workers have put in to deal with every aspect of this ongoing spy story. If it were not for their professionalism and coordinated effort there would almost certainly be more deaths and much longer lasting consequences for Salisbury and its surrounds.
Note: This blog is written by Philip Ingram MBE, a former British Army Intelligence Officer and Colonel, who was based near Salisbury in the past. If you would like any further comment from Philip, please contact him by clicking HERE
Pokémon GO has numerous security concerns
This article was first published in August 2016 but remains relevant.
Iran has become the first country to outright ban Pokémon GO outright. Despite restrictions on internet usage in Iran the BBC says, “there have been a number of discussion on social media about the game.”
They then added, “The Iranian High Council of Virtual Spaces, which is the official body overseeing online activity took the decision to ban the game after having tried to see to what extent the game’s creators would co-operate with them.” It is not known what cooperation was requested.
What’s on Dubai says Pokémon GO “is slowly beginning to take over.” However, Pokémon GO from developer Niantic has only been released officially in the US, UK and Australia. For those not in the know, it is a craze to catch virtual monsters in real world settings. As well as safety concerns of people playing it in dangerous areas, there seems to be a very real number of security concerns.
So what are the issues and potential threats associated with this growing craze? Philip Ingram MBE takes a look.
In the terms and conditions for the game it clearly states that the data used by the game, and this is personal data, locational data and with the option for the user to photograph themselves with their captured Pokémon character, photo data, could be moved to USA based servers; essentially bypassing any home country security or privacy laws given the option to capture local images. This will “almost certainly have concerned the Iranians”, James Abernethy a former British Intelligence officer told Security News Desk.
Thomas Rid, Professor of Security Studies with King’s College Londonhas said guidelines for US military and government workers when using Pokémon Gowere shared with him by a US government officer. They discuss Operational Security (OPSEC) best practices and include “avoiding playing the game anywhere that shouldn’t be geo-tagged, not using a personal Gmail account with the game or a username associated with your social media accounts, exercising caution when taking pictures of Pokémon with the in-game augmented reality camera, and staying aware of your surroundings.” Rid then notes this is, “generally good advice even if you aren’t an intelligence officer.” The Indonesian police have banned its use whilst on duty.
The issue with Gmail was identified by the blogger Adam Reeve who wrote, “To play the game you need an account. Weirdly, Niantic won’t let you just create one – you need to sign in with an existing account from one of two services – the pokemon.com website or Google. Now the Pokémonsite is for some reason not accepting new signups right now so if you’re not already registered there you’ll need to use a Google account – and that’s where the fun begins.”
He went on to highlight how logging in via your google account gave Pokémon Go full access to all of your Google account services, ie they could see and modify anything to do with your account.
Niantic quickly released a statement on their website saying, “We recently discovered that the Pokémon GO account creation process on iOS erroneously requests full access permission for the user’s Google account. However, Pokémon GO only accesses basic Google profile information (specifically, your User ID and email address) and no other Google account information is or has been accessed or collected. Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google profile information, in line with the data that we actually access. Google has verified that no other information has been received or accessed by Pokémon GO or Niantic. Google will soon reduce Pokémon GO’s permission to only the basic profile data that Pokémon GO needs, and users do not need to take any actions themselves.”
It seems the developers of the game got it out to market before all of the security implications around the app had been considered. If that wasn’t enough a leading cyber security company has commented on potential issues where the game is available on BYOD in the workplace.
Devin Jones, SVP of Product Management at Cyber adapt said, “The release and popularity of Pokémon Go came out of the blue for everyone except the 40 million teenagers in the United States. This application provides an interesting case study that illustrates the risks of BYOD in the enterprise. Businesses can’t prevent users from downloading apps on their personal devices and those apps will drive traffic to and from the corporate network. How does a business maintain control and visibility of their corporate traffic when users are hunting down virtual monsters and sharing GPS coordinates directly with other users? More importantly, how do you know that GPS tracking packets aren’t exfiltrating your financials?”
Vladimir Kuskov, Security expert at Kaspersky Lab outlined another flaw, that could cause the BYOD problem when working on android devices: “The Android version of the Pokémon Go app has been affected with malware called the “HEUR:Trojan-Spy.AndroidOS.Sandr.a” and there has been a lot of advice online about how to get the app early if it has not been made available in a certain country.”
Kuskov concluded, “The use of popular online games as a vehicle for installing malware is well known, and the best way to protect yourself and your device is to only install apps from official app stores and to complement this with an appropriate security solution. Don’t take short cuts, disable device security or download software from an unverified source; it’s just not worth it.”
This article was first published in August 2016 but remains relevant – for further comment from Philip Ingram please visit the contact us page.