21 december 2012

Lockerbie bombing: Libyan government set to release files

 

21 December 2012 Last updated at 06:33 GMT

 

Lockerbie plane

The new Libyan government in Tripoli is prepared to open all files relating to the Lockerbie bombing, the country's ambassador to the UK has confirmed.

However, Mahmud Nacua said it would be at least another year before Libya was in a position to release whatever information it holds.

The move comes on the 24th anniversary of the of bombing of Pan Am flight 103 over Scotland, which killed 270 people.

Bomber Abdelbaset al-Megrahi died this year after being released in 2009.

Megrahi, a Libyan agent, was released by the Scottish government on compassionate grounds, suffering from terminal prostate cancer.

He remains the only person ever convicted of the bombing, but Scottish police hope to pursue other suspects in Libya following the country's revolution and downfall of Colonel Gaddafi in 2011.

Abdelbaset al-Megrahi Abdelbaset al-Megrahi was released from a Scottish prison suffering from cancer

Scotland's top prosecutor recently wrote to the new Libyan prime minister for help and the UK government has said it was pressing Tripoli "for swift progress and co-operation" on the Lockerbie case.

Mr Nacua told the BBC no formal agreement had yet been reached, but that Libya would open the files it holds on the case.

He said that would only come when his government had fully established security and stability - a process he believes will take at least a year.

In April of this year, Scotland's Lord Advocate Frank Mulholland travelled to Tripoli with the director of the FBI, Robert Mueller, requesting co-operation after the fall of Gaddafi.

This was followed in May by a meeting with Libya's interim prime minister in London to discuss further inquires into the bombing.

At the time, a Crown Office spokesman said: "The prime minister asked for clarification on a number of issues relating to the conduct of the proposed investigation in Libya and the lord advocate has undertaken to provide this.

"The prime minister made it clear that he recognised the seriousness of this crime and following the clarification he would take this forward as a priority."

05 december 2012

Did Iran’s Cyber-Army Hack Into the IAEA’s computers?

Amateur hackers or Iranian pros? Clues suggest the most recent cyber-attack on the International Atomic Energy Agency may be more than a prank.

by Eli Lake | December 5, 2012 Newsweek/The Daily Beast 

The latest hack against the computer servers of the International Atomic Energy Agency (IAEA) that culminated with the posting of a smattering of blueprints, charts, and other data online in late November could be a bunch of kids on the Internet having fun, as is often the case with many small-time hacks. But some early signs suggest it may be the latest assault from Iran’s shadowy cyber-army formed in early 2011 to respond to the nasty worms and trojans launched by Israel and the United States against the country’s nuclear centrifuges. A group calling itself by the Persian name Parastoo claimed responsibility for the hacking. Some experts are saying the previously unknown group appeared to have ties, or at least common goals, with the Iranian government.

IAEA

IAEA headquarters in Vienna, Austria. (Hans Punz, dapd / AP Photo)

Assigning responsibility for cyber attacks is a persistent problem for governments. A hacker in one country could route his malicious code through servers in a third country. There are often steps taken by hackers to use sophisticated mathematical formulas to encrypt their communications. For instance, in October, U.S. officials anonymously told reporters that a hack that disabled the servers of Saudi Arabia’s national oil company was the work of Iran. But Mohsen Kazemeini, the commander of the Greater Tehran division of the Iran Revolutionary Guard, not surprisingly denied any role in those attacks. Even if a U.S. intelligence agency had evidence the attack was from Iran, public disclosure of that evidence would provide hackers with handy road map as to how to make sure the next illicit cyber-intrusion would not be detected.

“It’s very hard to know who is behind the clickety clack of the keyboard at the time of a breach,” said Frank Cilluffo, the director of the Homeland Security Policy Institute at George Washington University. But regarding the most recent hacking, he said there were clues. “[C]learly whoever was behind the IAEA incident shares the intentions of the Iran Revolutionary Guard Corps, and if not them directly, this could be a cyber-assassin, a hired gun Iran has enlisted to do their bidding.”

James Lewis, a senior fellow and cyber expert at the Center for Strategic and International Studies, would not say he knew for sure Iran was responsible for the IAEA hack. But he did say that the attack “serves Iranian purposes. It’s similar to earlier Iranian actions and it’s within their capabilities.”

The latest attack is from a group called Parastoo, which is the Persian word for the small bird, the swallow. Last Friday, Parastoo published what it said were sensitive diagrams, satellite photos, and other documents it had pilfered from the IAEA servers on a website devoted to exposing state secrets called Cryptome.

In a message that included downloadable images, email addresses of IAEA officials, and other IAEA data, Parastoo issued an open letter demanding the IAEA “start an INVESTIGATION into activities at Israel’s secret nuclear facilities.” Unlike Iran, Israel is not a signatory to the Nuclear Non-proliferation Treaty, which requires member states to allow IAEA inspections of nuclear facilities.

“This could be a cyber assassin, a hired gun Iran has enlisted to do their bidding.”

IAEA officials have confirmed the hack, but also downplayed its damage, saying the new group managed to get inside an older server. IAEA spokesperson Gill Tudor said Monday, “The IAEA deeply regrets this publication of information stolen from an old server that was shut down some time ago. In fact, measures had already been taken to address concern over possible vulnerability in this server." One of the items published by Parastoo was a blueprint for a substation at a proposed nuclear plant in South Carolina. A spokesman for Duke Energy, the company building the nuclear plant, said the item that was published was already publicly available on the website of the Nuclear Regulatory Commission. “This schematic is not sensitive,” the spokesman, Jason Walls, said.

Efforts to contact Parastoo and Iranian government spokespeople were not successful. But John Young, a proprietor of Cryptome, the website that published the IAEA data, said he received the information through anonymizer software that hides the IP address of the sender of a message.

“I know nothing about the source except what is in the messages,” Young said. “The two hacks came from via anonymizer and may not be a single source—the second one could have adopted and phished the features of the first.”

Young said that most hacks are either from governments or are hackers he believes are “hoping to be hired or contracted as a result of preening hacks.” Bob Gourley, the former chief technology officer for the Defense Intelligence Agency and the editor of CTOvision, said it would be unwise to underestimate Iran’s cyber capabilities. “The Iranians have great universities, a lot of computer scientists, and savvy technical teams. I believe they do have the capabilities to hit our banks and infrastructure,” he said.

Cilluffo said one of the key challenges for analysts of Iran's cyber army is determining the extent of cooperation between independent hackers based in Iran and the country’s security services like the Revolutionary Guard Corps.

On the IAEA hack, Gourley said he did not know that it was Iran, but he also said he didn’t think it was just a prank either. “I would caution everyone away from saying the IAEA hack was a just a bunch of kids,” he said. “It could be teams of hackers working in coordination with more sophisticated teams, the open attacks and obvious intrusions might be covering more sophisticated intrusions at the same time.”