Pakistan police battle militants after deadly airport raid

Updated 16 December 2012
0

Pakistan police battle militants after deadly airport raid

PESHAWAR, Pakistan: Police battled militants armed with automatic weapons, grenades and mortars in northwest Pakistan’s Peshawar on Sunday, a day after a deadly Taleban raid on the city’s airport.
Fierce firing broke out after officers acting on an intelligence report tried to storm a house near the aiport, where a suicide and rocket attack on Saturday evening killed five civilians and the five attackers and wounded 50 other people.
The assault late Saturday, claimed by the Pakistani Taleban, sparked prolonged gunfire and forced authorities to close the airport, a commercial hub and Pakistan Air Force (PAF) base in Peshawar on the edge of the tribal belt.
It was the second Islamist militant attack in four months on a military air base in nuclear-armed Pakistan. In August 11 people were killed when heavily-armed insurgents wearing suicide vests stormed a facility in the northwestern town of Kamra.
Two police officers were wounded in Sunday’s renewed fighting during which militants threw a hand grenade, senior police officer Imtiaz Altaf told AFP.
“A militant has been killed. The encounter is still continuing. Militants are fully equipped with automatic weapons, hand grenades and mortars,” Altaf said.
Imran Shahid, a second police official, confirmed the shootout but said it was not yet clear how many attackers were involved.
Live television footage showed troops and police entering a street amid gunfire, while an AFP reporter heard fierce firing in the area.
A PAF statement said five attackers were killed on Saturday and no damage was done to air force equipment or personnel.
Doctor Umar Ayub, chief of Khyber Teaching Hospital near the airport, said five civilians had also been killed and some 50 wounded.
“The Base is in total control and normal operations have resumed. The security alert was also raised on other PAF air bases as well,” the air force added.
Peshawar airport is a joint military-civilian facility. Civil Aviation Authority spokesman Pervez George said the passenger side remained closed but there had been no damage to the terminals.
The air force said Saturday’s attackers used two vehicles loaded with explosives, hand grenades, rocket-propelled grenades and automatic weapons. One vehicle was destroyed and the second badly damaged.
Security forces found three suicide jackets near one of the vehicles, it said.
“Security forces consisting of Pakistan Air Force and Army personnel who were on full alert, cordoned off the Base and effectively repulsed the attack,” the air force said.
Television pictures showed a vehicle with a smashed windscreen, another damaged car, bushes on fire and what appeared to be a large breach in a wall.
Five nearby houses were destroyed after rockets landed on them and several other houses developed cracks, while the bomb squad detonated five out of eight bombs found near the base after the attack.
Pakistani Taleban spokesman Ehsanullah Ehsan told AFP by telephone from an undisclosed location that the group would continue to target the airport.
“Our target was jet fighter plans and gunship helicopters and soon we will target them again,” he said.
The armed forces have been waging a bloody campaign against the Taleban in the country’s northwest in recent years and the militants frequently attack military targets.
Aside from the August attack on Kamra, in May 2011 it took 17 hours to quell an assault on an air base in Karachi claimed by the Taleban. The attack piled embarrassment on the armed forces just three weeks after US troops killed Al-Qaeda leader Osama Bin Laden in Pakistan.
Pakistan says more than 35,000 people have been killed as a result of terrorism in the country since the 9/11 attacks on the United States. Its forces have for years been battling homegrown militants in the northwest.


FBI may have disrupted major cyber attack on Ukraine

Updated 24 May 2018
0

FBI may have disrupted major cyber attack on Ukraine

  • Ukraine has been locked in a years-long struggle with Russia-backed separatists in the country’s east and has repeatedly been hit by cyberattacks of escalating severity. Last year witnessed the eruption of the NotPetya worm, which crippled critical system
  • Network technology company Cisco Systems and antivirus company Symantec have warned that a half-million Internet-connected routers had been compromised in a possible effort to lay the groundwork for a cyber-sabotage operation against targets in Ukraine.

LONDON: The FBI has put a spoke in the wheel of a major Russian digital disruption operation potentially aimed at causing havoc in Ukraine, evidence pieced together from researchers, Ukrainian officials and US court documents indicates.
On Wednesday, network technology company Cisco Systems and antivirus company Symantec warned that a half-million Internet-connected routers had been compromised in a possible effort to lay the groundwork for a cyber-sabotage operation against targets in Ukraine.
Court documents simultaneously unsealed in Pittsburgh the same day show the FBI has seized a key website communicating with the massive army of hijacked devices, disrupting what could have been — and might still be — an ambitious cyber attack by the Russian government-aligned hacking group widely known as Fancy Bear.
“I hope it catches the actors off guard and leads to the downfall of their network,” said Craig Williams, the director of outreach for Talos, the digital threat intelligence unit of Cisco that cooperated with the bureau. But he warned that the hackers could still regain control of the infected routers if they possessed their addresses and the right resources to re-establish command and control.
FBI Assistant Director Scott Smith said the agency “has taken a critical step in minimizing the impact of the malware attack. While this is an important first step, the FBI’s work is not done.”
Much about the hackers’ motives remains open to conjecture. Cisco said the malicious software, which it and Symantec both dubbed VPNFilter after a folder it creates, was sitting on more than 500,000 routers in 54 countries but mostly in Ukraine, and had the capacity to render them unusable — a massively disruptive move if carried out at such a scale.
“It could be a significant threat to users around the world,” said Williams.
The US Justice Department said the malware “could be used for a variety of malicious purposes, including intelligence gathering, theft of valuable information, destructive or disruptive attacks, and the mizattribution of such activities.”
Ukraine’s cyberpolice said in a statement that it was possible the hackers planned to strike during “large-scale events,” an apparent reference either to the upcoming Champions League game between Real Madrid and Liverpool in the capital, Kiev, on Saturday or to Ukraine’s upcoming Constitution Day celebrations.
Ukraine has been locked in a years-long struggle with Russia-backed separatists in the country’s east and has repeatedly been hit by cyberattacks of escalating severity. Last year witnessed the eruption of the NotPetya worm, which crippled critical systems, including hospitals , across the country and dealt hundreds of millions of dollars in collateral damage around the globe. Ukraine, the United States and Britain have blamed the attack on Moscow — a charge the Kremlin has denied.
Cisco and Symantec both steered clear of attributing the VPNFilter malware to any particular actor, but an FBI affidavit explicitly attributed it to Fancy Bear, the same group that hacked into the Democratic National Committee in 2016 and has been linked to a long series of digital intrusions stretching back more than a decade. The US intelligence community assesses that Fancy Bear acts on behalf of Russia’s military intelligence service.
An FBI affidavit — whose existence was first reported by The Daily Beast — said the hackers used lines of code hidden in the metadata of online photo albums to communicate with their network of seeded routers. If the photo albums disappeared, the hackers turned to a fallback website — the same site whose seizure the FBI ordered Tuesday.
An email sent to the website’s registered owner was returned as undeliverable.
When asked why the FBI specifically named Fancy Bear where Cisco did not, Williams noted that while attribution was extremely tricky based on malware analysis alone, “if you combine that knowledge with a traditional intelligence apparatus interesting things can come to light.”
In any case, he said, “we have a high degree of confidence that the actor behind this is acting against the Ukraine’s best interest.”
Cisco said in a research note that the malware affected devices geared for small and home offices from manufacturers including Netgear, TP-Link and Linksys and had the potential to disable “Internet access for hundreds of thousands of victims worldwide or in a focused region.”
The malware’s principal capabilities, the company said, included stealthy intelligence-collecting, monitoring industrial-control software and, if triggered, “bricking” or disabling routers. It also persists on the infected routers after they are rebooted.