For Your Eyes Only Military News

Syria: Killing Kids For The Cause

June 5, 2012: The Israeli government is debating how to deal with chaos in Syria and Islamic terror groups (particularly Hezbollah) getting possession of ballistic missiles and chemical weapons. Decades of “destroy Israel” propaganda by the Arab states in the region make it impossible for open cooperation with Israel to take direct action in Syria. Israel is cooperating with Turkey and Arab states with intelligence. Turkey provides sanctuary for the rebels and Arab states (particularly from the Persian Gulf) are supplying cash, weapons and other equipment. No foreign state or coalition is yet willing to openly aid the rebels. The UN is powerless as long as Russia uses its veto to block anti-Assad measures. Russia insists the violence is caused by outsiders. The growing violence against civilians has caused Russia to suggest some changes in the Assad government, but that’s it.

The Assads have too many armed rebels for their security forces to handle. The Assads must defend the cities and military bases (most of them are near cities).

If the rebels control a city, the chance of foreign intervention goes way up. If the rebels capture a military base, they gain weapons and documents embarrassing to the government (because of discussions of how to handle violence against civilians.) The UN sponsored ceasefire that began on April 12, has failed to halt the violence. That deal called for soldiers to withdraw from urban areas and for rebels to stop shooting. Neither side complied, although the army went through the motions for a while. The government cannot afford to lose control of any large city.

The government has sent more troops to guard the borders, especially the one with Lebanon, to slow down weapons and other supplies coming in for the rebels. Smuggling clans have been operating along this border for over half a century, and can switch to new routes whenever soldiers show up.

Casualties are now over 2,000 a week, with more than 500 dead. While the pro-government militias have started killing large numbers of civilians, soldiers are also doing it on a smaller scale with indiscriminate executions at checkpoints. So far, the rebels have persuaded their armed supporters to concentrate on armed (militiamen and soldiers) opponents and not unarmed civilians.

The UN, and most of the world, condemned the slaughter of civilians and many nations began expelling Syrian diplomats. The Syrian government and allies like Iran and Russia, blamed foreigners and rebels for the massacres. The government is blaming the UN and other foreign enemies for growing shortages and unemployment. The sanctions are making it difficult to legally import everything, including essential items like food. The government is losing control of real estate and its loyalists. But the decline is gradual and the Assads still believe they can outlast the rebels. That is looking more and more like a slim hope.

Starting on May 25th, pro-government militias began murdering large numbers of civilians. On the 25th, over a hundred people were killed, about half of them children. The killers believed the victims were pro-rebel and that this sort of thing would persuade the rebels to back off. The Syrian government does not have tight control over these militias, who were allowed to form so pro-government minorities (especially Alawites) could protect themselves from the growing number of armed rebels. In response to international criticism the government accused the rebels of slaughtering their own people to encourage foreign intervention. Such tactics are not unknown (there was a lot of it in the Balkans in the 1990s), but was apparently not the case here.

The Iranian security advisors are finding that what works in Iran isn’t working in Syria. In Iran, the government has the support of about a quarter of the population (mostly in rural areas). From these religious conservatives the Iranian government recruits its police, soldiers and the huge (several hundred thousand men) armed Basij militia. The Basij are often used without uniforms or firearms, as street thugs who beat up anti-government demonstrators.

Iranian opposition groups have never been able to sustain large scale opposition to the religious dictatorship. The Syrian dictatorship does not have the religious fanaticism element going for it. The Assads have maintained control by being secular and buying the loyalty of the urban population and tribal leaders with government jobs and business opportunities.  That system broke down when the Arab Spring made it obvious to most Syrians that they were living in a corrupt and mismanaged dictatorship and maybe freedom was worth fighting for. The Assads and their Iranian mentors still believe that the right amount of terrorism can calm things down.

June 4, 2012: Syrian opposition groups, including some leaders of major tribes, met in Turkey and expanded the rebel coalition.

June 3, 2012: In the last two days, rebels went on the offensive, attacking army checkpoints and convoys, leading to over 300 casualties.

In Lebanon, troops managed to stop militia fighting in Tripoli. There were over 50 casualties (and 14 dead) from several days of shooting between Sunni and Alawite militias. These two groups are backing (respectively) the rebels and Alawite government in Syria. This is the fourth outbreak of militia violence in Tripoli in the past year. While Syria has some fans in Lebanon, most Lebanese are anti-Syrian because Syrian claims Lebanon as part of “Greater Syria.”
May 30, 2012: Rebels gave the government 48 hours to comply with the UN ceasefire terms otherwise the rebels would increase their attacks. The government didn’t and the rebels did.

ETHIOPIA:  The Somali Campaign

June 5, 2012: While there has been no al Shabaab terrorism in Ethiopian cities, that’s not the case in Kenya. There, a large ethnic Somali population in urban areas provides recruits for al Shabaab terrorism. Kenya’s business community is asking their government to increase security measure to stop Al Shabaab terror attacks. Businessmen want more armed police in downtown Nairobi and they want them assigned to guard buildings. Hotels are a special concern.

Citizens of Nairobi are also concerned that Al Shabaab terrorists might use hijacked aircraft to attack buildings, like Al Qaeda did on 9-11.  Kenya has suffered numerous terror attacks on buildings and markets. In August 1998 Al Qaeda terrorists destroyed the US embassy in Nairobi using a truck bomb. An Israeli-owned hotel in the Kenyan port of Mombasa was attacked with a vehicle bomb in November 2002.

June 3, 2012:  The African Union (AU) Mission to Somalia (AMISOM) reported that a Djibouti peacekeeping unit of 100 soldiers has taken over Ethiopian Army positions in the Somalia town of (north central Somalia). The plan is that Ethiopian forces will attack Al Shabaab militiamen in new sectors and AMISOM peacekeepers will fill-in behind the Ethiopian Army, to maintain security in the liberated region.

June 2, 2012: Kenyan troops operating in Somalia have officially joined AMISOM’s peacekeeping force.  Kenyan expeditionary forces are fighting Al Shabaab militiamen in southern Somalia. Kenya launched the incursion in October 2011 after Al Shabaab fighters launched a series of attack in Kenya and kidnapped several Kenyan civilians. Kenya has indicated that it will ultimately deploy 4,631 soldiers in the AMISOM force.

June 1, 2012: Intelligence officials are warning Kenya that Al Shabaab intends to launch new terror attacks inside Kenya. Likely targets include skyscrapers in Nairobi.

May 31, 2012: The Ethiopian rebel Ogaden National Liberation Front (ONLF) said it members ambushed two Ethiopian military convoys in the Ogaden region and killed over 50 Ethiopian Army soldiers. There was no independent confirmation of the claim.

May 30, 2012: Kenyan Army forces (Kenyan Defense Forces, KDF) have taken the town of Afmadow in Somalia. Afmadow is located north-west of the key Al Shabaab-controlled seaport of Kismayo and is the junction for several major roads connecting southern Somalia to central and western Somalia. The KDF launched an assault on the town of Hayo and killed six Al Shabaab fighters in the resulting battle. The KDF then attacked toward Afmadow and its Al Shabaab defenders fled without resisting.  Analysts now expect the KDF units in Afmadow to move toward Kismayo. Kismayo is Al Shabaab’s headquarters and its most important supply center.

May 29, 2012: Kenya reported that KDF naval vessels were fired upon by Al Shabaab forces near the port of Kismayo. The KDF vessels returned the fire and killed 11 militiamen. Al Shabaab disputed the Kenyan version of events and claimed that the Kenyan navy started shelling the port at three a.m. in the morning, then launched another gunfire attack at 6 a.m. on houses near port facilities.

May 28, 2012: A blast injured in a Nairobi, Kenya shopping mall injured 33 people. Security officials first attributed the blast to an electrical malfunction. However, police investigators that they now have evidence which indicates the blast may have been caused by a terrorist bomb. Witnesses claim they saw a bag left near the blast site.

May 22, 2012: Ethiopian officials said that Ethiopian military forces operating in Somalia intend to take more territory from Al Shabaab in southern Somalia.

For several weeks Ethiopia has indicated that its forces in central and western Somalia would turn and head south, to link up with Kenyan and pro-Somali government forces near the port of Kismayo, which remains under Al Shabaab control.

May 21, 2012: Gunfire erupted in a refugee camp near the Sudan-Eritrea border. Refugees in the camp fought with police. One policeman was wounded. The camp, located at Shagarab, houses several thousand Eritrean refugees. No one claimed to know who was responsible for the gunfire. A spokesman for an aid agency said that most of the refugees are fleeing Eritrea. Some are trying to escape the Eritrean military conscription while others are fleeing the country’s deteriorating economic conditions.

INFORMATION WARFARE: Israel and U.S. Admit Joint Cyber War Effort

June 5, 2012: American and Israeli officials have finally confirmed that the industrial grade Cyber War weapons (Stuxnet, Duqu and Flame) used against Iran in the last few years were indeed joint U.S.-Israel operations. No other details were released, although many more rumors are now circulating. The U.S. and Israel were long suspected of being responsible for these “weapons grade” computer worms. Both nations had the motive to use, means to build and opportunity to unleash these powerful Cyber War weapons against Iran and other that support terrorism.

The U.S. Department of Defense had long asked for permission to go on the offensive using Cyber War weapons. But the U.S. government regularly and publicly declined to retaliate against constant attack from China, mainly because there were fears that there could be legal repercussions and that weapons used might get out of control and cause lots of damage to innocent parties.

Iran turned out to be another matter. Although not a serious Cyber War threat to the United States, Iran was trying to build nuclear weapons and apparently Israel had already been looking into using a Cyber War weapon to interfere with that. Given the nature of these weapons, which work best if the enemy doesn’t even know they exist, don’t expect many details to be released about this Cyber War program. What is known is that the Cyber War weapons unleashed on Iran were designed to concentrate only on very specific targets. So far, only three weapons that we know of have been used. One (Stuxnet) was designed to do damage to one specific facility, the plant where Iran produced nuclear fuel for power plants, and atomic weapons. That one worked. The other two (Duqu and Flame) were intelligence collection programs. They also apparently succeeded, remaining hidden for years and having lots of opportunity to collect enormous quantities of valuable data.

It was only in the last month that the latest of these Cyber War “super weapons” was uncovered. The new one is called Flame, and was designed to stay hidden and collect information from computers it got into. It apparently did both, for up to five years (or more), in Iran, Lebanon, the Palestinian West Bank, and, to a lesser extent, other Moslem countries in the region. Like the earlier Stuxnet (2009) and Duqu (2011), Flame has all the signs of being designed and created by professional programmers and software engineers. Most malware (hacker software) is created by talented and often undisciplined amateurs and often displays a lack of discipline and organization. Professional programmers create more capable and reliable software. That describes Stuxnet, Duqu, and Flame.

The U.S. and Israel spent big bucks to craft these Cyber War weapons and get them to their targets. Both nations have access to the best programming talent on the planet, and already have organizations that can recruit and supervise highly secret software development.

As researchers continue studying these three software packages, they find ever more surprising features. Until the appearance of Flame, the most formidable Cyber War weapon encountered was Stuxnet, a computer worm (a computer program that constantly tries to copy itself to other computers) that showed up two years ago. It was designed as a weapons grade cyber weapon and was designed to damage Iran’s nuclear weapons manufacturing facilities. It succeeded. A year after Stuxnet was discovered (in 2010), security experts uncovered Duqu. Like Flame, Duqu was collecting information on large computer networks and apparently preparing for an even broader attack on industrial targets.

It appeared that Stuxnet and Duqu were but two of five or more Cyber War weapons developed (up to five years ago) from the same platform. Flame was not apparently related to Stuxnet and Duqu. The basic Flame platform appears to have been built to accept numerous additional software modules, giving each variant different capabilities. Some of the modules made use of specific computer features, like a microphone, wireless communication, or the camera. Flame appears to be a very different design from Stuxnet and Duqu but also spreads via a USB memory stick or the Internet.

Some infected PCs were found to contain a large number of Flame modules, amounting to up to 20 megabytes of code and data. Flame hides its presence very well and has a very effective self-destruct feature that erases all evidence of its presence. In the at least five years Flame has been around, it has gotten into a few thousand PCs and collected large quantities of data.

In contrast, Duqu was being used to probe industrial computer systems and send information back about how these systems are built and operate. When Duqu was first discovered, the server it was sending its data to was eventually found in India and disabled. Duqu appeared to shut down last December. No one knows if this is because Duqu had finished its work or was feeling cramped by all the attention. Flame is still operating.

For over two years now, hundreds of capable programmers have been taking Stuxnet and Duqu apart and openly discussing the results. While these programs are “government property”, once they are turned loose they belong to everyone. The public discussion on the Internet has provided a bonanza of useful criticism of how the programs were put together, often describing in detail how flaws could be fixed or features improved. But even when such details were not provided, the programmers picking apart these programs usually mentioned what tools or techniques were needed to make the code more effective.

On the down side, this public autopsy of this stuff makes the inner workings of the software, and all the improvements, available to anyone. Then again, security professionals now have a much clearer idea of how this kind of weapon works and this can make future attempts to use similar weapons more difficult.
Flame is much larger and more complex than Stuxnet or Duqu and will keep researchers busy for years. But now that three of these professionally crafted Cyber War weapons have appeared in the last three years, it seems likely that more will show up.

Weapons like Stuxnet and Duqu are nothing new; for nearly a decade Cyber War and criminal hackers have planted programs (“malware”) in computer networks belonging to corporations or government agencies. These programs (called “Trojan horses” or “zombies”) are under the control of the people who plant them and can later be used to steal, modify, destroy data, or shut down the computer systems the zombies are on. You infect new PCs and turn them into zombies by using freshly discovered and exploitable defects in software that runs on the Internet. These flaws enable a hacker to get into other people’s networks. Called “Zero Day Exploits” (ZDEs), in the right hands these flaws can enable criminals to pull off a large online heist or simply maintain secret control over someone’s computer. Flame was apparently using high-quality (and very expensive) ZDEs and possibly receiving new ones as well.

Stuxnet contained four ZDEs, two of them unknown, indicating that whoever built Stuxnet had considerable resources. ZDEs are difficult to find and can be sold on the black market for over $250,000. The fact that Stuxnet was built to sabotage an industrial facility spotlights another growing problem – the vulnerability of industrial facilities. The developers of systems control software have been warned about the increased attempts to penetrate their defenses. In addition to terrorists, there is the threat of criminals trying to extort money from utilities or factories with compromised systems, or simply sniff around and sell data on vulnerabilities to Cyber War organizations. But in the case of Stuxnet, the target was Iran’s nuclear weapons operation, although some hackers dissecting Stuxnet could now build software for use in blackmail schemes.

Stuxnet was designed to shut down a key part of Iran’s nuclear weapons program, by damaging the gas centrifuges used to enrich uranium to weapons grade material. Iran eventually admitted that this damage occurred and recent Western estimates of how soon Iran would have a nuclear weapon have been extended by several years. So, one can presume that Stuxnet was a success.

Duqu appears to be exploiting the success of Stuxnet in spreading to so many industrial sites and is designed to sniff out details of places it ends up in and send the data to whoever is planning on building Stuxnet 2.0. Several different versions of Duqu have been found so far, and all of them have been programmed to erase themselves after they have been in a computer for 36 days.

Stuxnet was believed to have been released in late 2009, and thousands of computers were infected as the worm sought out its Iranian target. Initial dissection of Stuxnet indicated that it was designed to interrupt the operation of the control software used in various types of industrial and utility (power, water, sanitation) plants. Eventually, further analysis revealed that Stuxnet was programmed to subtly disrupt the operation of gas centrifuges.
The Stuxnet “malware” was designed to hide itself in the control software of an industrial plant, making it very difficult to be sure you have cleaned all the malware out. This is the scariest aspect of Stuxnet and is making Iranian officials nervous about other Stuxnet-type attacks having been made on them. Although Iran eventually admitted that Stuxnet did damage, they would not reveal details of when Stuxnet got to the centrifuges nor how long the malware was doing its thing before it was discovered and removed. But all this accounts for the unexplained slowdown in Iran getting new centrifuges working. Whoever created Stuxnet probably knows the extent of the damage because Stuxnet also had a “call home” capability.

The U.S. and Israel have been successful with “software attacks” in the past.This stuff doesn’t get reported much in the general media, partly because it’s so geeky and because there are no visuals. It is computer code and arcane geekery that gets it to its target. The earlier attacks, especially Stuxnet, Duqu and Flame, spread in a very controlled fashion, sometimes via agents who got an infected USB memory stick into an enemy facility. Even if some copies of these programs get out onto  Internet connected PCs, they do not spread far. Worms and viruses designed to spread can go worldwide and infest millions of PCs within hours.

Despite all the secrecy this stuff is very real, and the pros are impressed by Stuxnet, Duqu, and Flame, even if the rest of us have not got much of a clue. The demonstrated capabilities of these Cyber War weapons usher in a new age in Internet based warfare. Amateur hour is over and the big dogs are in play.

Actually, the Cyber War offensive by the U.S. and Israel appears to have been underway for years, using their stealth to remain hidden. There are probably more than three of these stealthy Cyber War applications in use, and most of us will never hear about it until, and if, other such programs are discovered and their presence made public.


June 5, 2012: Russia announced that it had developed a new device that covered the tracks (from wheels) of its TELs (Transporter Elector Launchers) that carry ballistic missiles about the countryside to make them more difficult to destroy (before they can be launched at an enemy.) Russia is aware that the United States, and other nations, can use spy satellites (that pass over the operating area for the TELs every 9o minutes) to track these TELs and their missiles. The new device can also create false tire tracks to deceive satellite reconnaissance.  The 17.4 meter (54 foot) long TEL for the 46 ton Russian RS-12/24 missiles is a 16 wheel vehicle, using a 710 horsepower diesel engine.

No details of this new deception device were released, which is to be expected. What is unusual is that the existence of the device was revealed. Usually, when the Russians come up with something like this, they keep its very existence secret. This was made quite obvious during the 1990s, when many Russian weapons and items of military equipment that had been kept secret during the Cold War (1947-91) were revealed. In the case of the new TEL device, it’s possible that the announcement is itself a deception, to force the Americans to waste a lot of time and effort investigating a device that doesn’t exist. The Russians have used that trick before.

The original Topol (RS-12M) was the first mobile ICBM and entered service in the late 1980s. It was also Russia’s first solid fuel ICBM. Two years ago Russia announced that the latest version of the Topol series, the RS-24 (Yars), had entered service. The RS-24 appears to be a slightly heavier version of the 46 ton Topol-M (or RS-12M1/M2). The RS-24 will be deployed in silos as well as on wheeled vehicles. The RS-24 carried more warheads (up to ten) than the Topol-M. The Russians developed the RS-24 to enable them to use all the additional warheads to penetrate American missile defenses.

ELECTRONIC BATTLEFIELD: Blinded By The Bright Green Light

June 5, 2012: Police in Italy have been unable, after 18 months, to catch whoever is using a laser pointer to distract (usually) or blind (potentially) pilots landing and taking off at the Aviano military airbase. This is a major NATO facility, and there have been ten of these laser incidents since January, 2011. Such incidents have occurred at airports all over the world, and the perpetrators are usually caught quickly, or scared off, if they try to blind pilots more than once. In the United States the incidence of these laser attacks at airports has been increasing sharply, from 1,527 in 2009, 2,836 in 2010 and 3,592 last year.

There is some fear that the Aviano laser incidents are part of some terrorist plot, because you could, in theory, cause enough distraction or blindness to cause a crash during a landing. That’s a long shot, but those are the kind of odds terrorists have learned to accept.

Commercial eye safe green laser pointers, used at briefings and such, have a range of about two kilometers, and cost about $70. These lasers are not completely harmless. If you get long enough exposure these lasers can cause temporary or permanent blindness. For example, eye safe green lasers have been used in Iraq and Afghanistan since 2005, to force drivers to stop at check points. While no civilians have had their eyes injured by these devices, at least two soldiers lost sight in one eye, and over fifty others have suffered temporary blindness. These incidents took place when troops were horsing around with the devices, or simply being careless, and lased another soldier at close range.

In Iraq and Afghanistan some green lasers were mounted in a weather proof, articulated enclosure, enabled troops to operate the laser remotely, to flash the laser light at oncoming drivers, to get them to stop at checkpoints, or other locations.

Anyone getting hit in the eye with these lasers will be disoriented for up to 15 minutes. When the marines began using the device, they bought a model that lowered the power when the target was too close. A laser becomes less powerful the farther away you are from it. This is one reason why troop injuries were more severe, as the victims are a lot closer to the laser. Civilians usually get hit when they are a hundred meters or more away. The navy has issued these devices to ships, to keep suspicious boats away.

PROCUREMENT:  Spain Makes It To The Big Time

June 5, 2012: In the last decade Spain has developed into a major weapons exporting nation. This year Spanish arms exports doubled (to $3.1 billion) over last year. It was only seven years ago that Spanish defense sales were only $545 million. The following year they doubled to $1.1 billion. Most of Spain’s exports are warships (surface ships and subs).

The war on terror caused a large jump in arms exports, but the 2008 worldwide economic recession put a halt to that. In 2003, international arms exports amounted to $39 billion. By 2008, it reached nearly $70 billion. By last year these exports had declined to $40 billion. Throughout this period, the U.S. accounted for about 38 percent of these exports, followed by Russia (18 percent) and West European nations (24 percent) and many others (20 percent). The top five nations were; the U.S. ($171 billion), Russia ($81 billion), France ($37 billion), Britain ($30 billion) and China ($16 billion).

Spain is now firmly in the top ten. Most of the exports were to developing nations, which do not yet have large enough arms industries to supply their own needs. The main customers for all these implements of destruction have been India, Middle Eastern oil states and China.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: