All posts by Bernd Pulch

Syria’s clandestine chemical weapons programme

Page Count: 7 pages
Date: April 14, 2018
Restriction: None
Originating Organization: France
File Type: pdf
File Size: 516,717 bytes
File Hash (SHA-256):4E40B6B03296279E6E50FA2DA343CF10EBF0A55392DB5F4B64E6A4CC1AD8AA5D

Download File

Following the Syrian regime’s resumption of its military offensive, as well as high levels of air force activity over the town of Douma in Eastern Ghouta, two new cases of toxic agents employment were spontaneously reported by civil society and local and international media from the late afternoon of 7 April. Non-governmental medical organizations active in Ghouta (the Syrian American Medical Society and the Union of Medical Care and Relief Organizations), whose information is generally reliable, publicly stated that strikes had targeted in particular local medical infrastructure on 6 and 7 April.

A massive influx of patients in health centres in Eastern Ghouta (at the very least 100 people) presenting symptoms consistent with exposure to a chemical agent was observed and documented during the early evening. In total, several dozens of people, more than forty according to several sources, are thought to have died from exposure to a chemical substance.

The information collected by France forms a body of evidence that is sufficient to attribute responsibility for the chemical attacks of 7 April to the Syrian regime.

1. — Several chemical attacks took place at Douma on 7 April 2018.

The French services analysed the testimonies, photos and videos that spontaneously appeared on specialized websites, in the press and on social media in the hours and days following the attack. Testimonies obtained by the French services were also analysed. After examining the videos and images of victims published online, they were able to conclude with a high degree of confidence that the vast majority are recent and not fabricated. The spontaneous circulation of these images across all social networks confirms that they were not video montages or recycled images. Lastly, some of the entities that published this information are generally considered reliable.

French experts analysed the symptoms identifiable in the images and videos that were made public. These images and videos were taken either in enclosed areas in a building where around 15 people died, or in local hospitals that received contaminated patients. These symptoms can be described as follows (cf. annexed images):

Suffocation, asphyxia or breathing difficulties,
Mentions of a strong chlorine odour and presence of green smoke in affected areas,
Hypersalivation and hypersecretions (particularly oral and nasal),
Cyanosis,
Skin burns and corneal burns.

No deaths from mechanical injuries were visible. All of these symptoms are characteristic of a chemical weapons attack, particularly choking agents and organophosphorus agents or hydrocyanic acid. Furthermore, the apparent use of bronchodilators by the medical services observed in videos reinforces the hypothesis of intoxication by choking agents.

On the basis of this overall assessment and on the intelligence collected by our services, and in the absence to date of chemical samples analysed by our own laboratories, France therefore considers (i) that, beyond possible doubt, a chemical attack was carried out against civilians at Douma on 7 April 2018; and (ii) that there is no plausible scenario other than that of an attack by Syrian armed forces as part of a wider offensive in the Eastern Ghouta enclave. The Syrian armed and security forces are also considered to be responsible for other actions in the region as part of this same offensive in 2017 and 2018. Russia has undeniably provided active military support to the operations to seize back Ghouta. It has, moreover, provided constant political cover to the Syrian regime over the employment of chemical weapons, both at the UN Security Council and at the OPCW, despite conclusions to the contrary by the JIM.

Advertisements

U.S. Department of Homeland Security Cybersecurity Strategy

Page Count: 35 pages
Date: May 15, 2018
Restriction: None
Originating Organization: Department of Homeland Security
File Type: pdf
File Size: 278,548 bytes
File Hash (SHA-256):65DED01F461679F5028AFE8C2B0FE08CBFE0EE17BD530F4815D12EF738FB3656

Download File

The American people are increasingly dependent upon the Internet for daily conveniences, critical services, and economic prosperity. Substantial growth in Internet access and networked devices has facilitated widespread opportunities and innovation. This extraordinary level of connectivity, however, has also introduced progressively greater cyber risks for the United States. Long-standing threats are evolving as nation-states, terrorists, individual criminals, transnational criminal organizations, and other malicious actors move their activities into the digital world. Enabling the delivery of essential services—such as electricity, finance, transportation, water, and health care—through cyberspace also introduces new vulnerabilities and opens the door to potentially catastrophic consequences from cyber incidents. The growing number of Internet-connected devices and reliance on global supply chains further complicates the national and international risk picture. More than ever, cybersecurity is a matter of homeland security and one of the core missions of the U.S. Department of Homeland Security (DHS).

At DHS, we believe that cyberspace can be secure and resilient. We work every day across the Department and with key partners and stakeholders to identify and manage national cybersecurity risks. We do this by adopting a holistic risk management approach. Like every organization, no matter how big or small, we must minimize our organizational vulnerability to malicious cyber activity by protecting our own networks. DHS also has broader responsibilities to protect the larger federal enterprise and improve the security and resilience of other critical systems. At the same time, we seek to reduce cyber threats by preventing and disrupting cyber crimes, and to lessen the consequences of cyber incidents by ensuring an effective federal response when appropriate. Finally, we work to create conditions for more effective cyber risk management through efforts to make the cyber ecosystem more fundamentally secure and resilient. This strategy sets forth our goals, objectives, and priorities to successfully execute the full range of the Secretary of Homeland Security’s cybersecurity responsibilities.

During the last several decades, advances in technology have fundamentally changed the world. Substantial growth in Internet access, use of Internet-enabled devices, and the availability of high speed information technology systems and large datasets have facilitated productivity, efficiencies, and capabilities across all major industries. The proliferation of technology also presents new cybersecurity challenges and leads to significant national risks. More than 20 billion devices are expected to be connected to the Internet by 2020. The risks introduced by the growing number and variety of such devices are substantial.

The United States faces threats from a growing set of sophisticated malicious actors who seek to exploit cyberspace. Motivations include espionage, political and ideological interests, and financial gain. Nation-states continue to present a considerable cyber threat. But non-state actors are emerging with capabilities that match those of sophisticated nation-states. Criminal actors are increasingly empowered by modern information and communications technologies that enable them to grow in sophistication and transnational reach. Transnational criminal organizations also increasingly collaborate through cyberspace. Complicating the threat picture, nation-states are increasingly using proxies and other techniques that blur the distinction between state and non-state cyber activities. In a number of cases, malicious actors engaged in significant criminal cyber activity appear to have both criminal and nation-state affiliations.

These diverse threats can impact federal and nonfederal information systems. Attempted incursions into government networks occur on a daily basis; the number of cyber incidents on federal systems reported to DHS increased more than ten-fold between 2006 and 2015. In 2015, a high-profile intrusion into a single federal agency resulted in the compromise of personnel records of over 4 million federal employees and ultimately affected nearly 22 million people. The growing interconnection of cyber and physical systems within critical infrastructure also creates the potential risk for malicious cyber activity to result in direct physical consequences; for example, the December 2015 overriding of controls in the Ukrainian electric grid resulted in widespread loss of power. Ransomware incidents such as WannaCry and NotPetya demonstrate how the rapid growth of the internet-of-things further complicates the threat as everyday devices can be targeted by malicious cyber actors with potentially far-reaching consequences.

Guiding Principles

DHS advances our mission and will accomplish our cybersecurity goals by aligning departmental activities according to the following guiding principles:

1. Risk prioritization. The foremost responsibility of DHS is to safeguard the American people and we must prioritize our efforts to focus on systemic risks and the greatest cybersecurity threats and vulnerabilities faced by the American people and our homeland.

2. Cost-effectiveness. Cyberspace is highly complex and DHS efforts to increase cybersecurity must be continuously evaluated and reprioritized to ensure the best results for investments made.

3. Innovation and agility. Cyberspace is an evolving domain with emergent risks. Although the proliferation of technology leads to new risks, it also provides an opportunity for innovation. DHS must lead by example in researching, developing, adapting, and employing cutting-edge cybersecurity capabilities and remain agile in its efforts to keep up with evolving threats and technologies.

4. Collaboration. The growth and development of the Internet has been primarily driven by the private sector and the security of cyberspace is an inherently cross-cutting challenge. To accomplish our cybersecurity goals, we must work in a collaborative manner across our Components and with other federal and nonfederal partners.

5. Global approach. Robust international engagement and collaboration is required to accomplish our national cybersecurity goals. DHS must engage internationally to manage global cyber risks, respond to worldwide incidents, and disrupt growing transnational cyber threats as well as encourage other nations and foreign entities to adopt the policies necessary to create an open, interoperable, secure, and reliable Internet.

6. Balanced equities. Cyberspace empowers people and enables prosperity worldwide. Cybersecurity is not an end unto itself, and efforts to mitigate cybersecurity risks must also support international commerce, strengthen international security, and foster free expression and innovation.

7. National values. DHS must uphold privacy, civil rights, and civil liberties in accordance with applicable law and policy. The Department empowers our cybersecurity programs to succeed by integrating privacy protections from the outset and employing a layered approach to privacy and civil liberties oversight.

Putin – Macht, Moneten, Morde