Wednesday, December 7, 2016

Manning The Rails: The U.S. Navy Tradition Of Honoring Pearl Harbor


The Imperial Japanese attacked Pearl Harbor on this day in 1941.

You can read about the attack via the below link:

http://www.history.com/this-day-in-history/pearl-harbor-bombed

Back in 1970 I was a teenage seaman stationed aboard the USS Kitty Hawk as the aircraft carrier headed towards "Yankee Station,"  off the coast of Vietnam. On the way, we made a port-of-call to Pearl Harbor in Hawaii and sailed by the USS Arizona Memorial.

As you can see from the above U.S. Navy photo, all hands "manned the rails," an honor tradition that had us on deck in our dress white uniforms as we passed the memorial, which floats above the sunken battleship that went down during the Japanese sneak attack.

I have a enlarged framed copy of this photo hanging in my basement office and library.

You can also read a detailed account of the Japanese attack on Pearl Harbor via the below link:

https://www.history.navy.mil/research/library/online-reading-room/title-list-alphabetically/p/the-pearl-harbor-attack-7-december-1941.html


Note: In the above U.S. Navy photo, the aircraft carrier USS Abraham Lincoln, manning the rails, is shown entering Pearl Harbor for a visit in 2011.

Tuesday, December 6, 2016

Retired FBI Agent Solves Arts Crimes Including A Missing Nazi Diary, Confederate Relics And Even Batmobiles


Erin Arvedlund at the Philadelphia Inquirer offers a piece on art crime investigator and retired FBI special agent Robert K. Wittman, author of The Devil's Diary: Alfred Rosenberg and the Stolen Secrets of the Third Reich. 

Art crimes expert Robert K. Wittman, a retired FBI agent, this year published a new book -- "The Devil's Diary: Alfred Rosenberg and the Stolen Secrets of the Third Reich" -- with a Philadelphia twist. 
It's the story of Lansdale lawyer Richard Kempner, who until his death held on to a startling secret -- he'd prosecuted Nazi officers at Nuremberg, and purloined the private diary of Hitler's favorite ideologue Alfred Rosenberg. 
But that is just the latest crime he's solved. Wittman  joined the FBI as a special agent in 1988, and was drawn to art crimes not longer after starting  work at the federal agency. His mentor suggested taking art appreciation classes at the Barnes Foundation when it was still located on the Main Line. 
As a result of that and other specialized training in art, antiques, jewelry and gem identification, he served as the FBI’s investigative expert involving cultural property crime. During his 20-year FBI career he helped recover more than $300 million worth of stolen art and cultural property.
You can read the rest of the piece via the below link:

http://www.philly.com/philly/business/Retired-FBI-Agent-Pens-Book-on-Missing-Diary-of-Hitler-Ideologue-Alfred-Rosenberg.html


FBI: Joint Cyber Operation Takes Down Avalanche Criminal Network


The FBI released the below report:

It was a highly secure infrastructure of servers that allegedly offered cyber criminals an unfettered platform from which to conduct malware campaigns and “money mule” money laundering schemes, targeting victims in the U.S. and around the world.

But the Avalanche network, which was specifically designed to thwart detection by law enforcement, turned out to be not so impenetrable after all. And late last week, the FBI took part in a successful multi-national operation to dismantle Avalanche, alongside our law enforcement partners representing 40 countries and with the cooperation of private sector partners. The investigation involved arrests and searches in four countries, the seizing of servers, and the unprecedented effort to sinkhole more than 800,000 malicious domains associated with the network.

It’s estimated that Avalanche was responsible for as many as 500,000 malware-infected computers worldwide on a daily basis and dollar losses at least in the hundreds of millions as a result of that malware.

“Cyber criminals can victimize millions of users in a moment from anywhere in the world,” according to Scott Smith, assistant director of the FBI’s Cyber Division. “This takedown highlights the importance of collaborating with our international law enforcement partners against this evolution of organized crime in the virtual.”

The investigation into the highly sophisticated Avalanche network, initiated four years ago by German law enforcement authorities and prosecutors, uncovered numerous phishing and spam campaigns that resulted in malware being unwittingly downloaded onto thousands of computers internationally after their users opened bad links in e-mails or downloaded malicious attachments. Once the malware was installed, online banking passwords and other sensitive information were stolen from victims’ computers and redirected through the intricate network of Avalanche servers to back-end servers controlled by the cyber criminals, who wasted no time in using this information to help themselves to other people’s money.

One type of malware distributed by Avalanche was ransomware, which encrypted victims’ computer files until the victim paid a ransom to the criminal perpetrator. Other types of malware stole victims' sensitive banking credentials, which were used to initiate fraudulent wire transfers. And in terms of the money laundering schemes, highly organized networks of money mules purchased goods with the stolen funds, enabling the cyber criminals to launder the illicit proceeds of their malware attacks.

How did these cyber criminals hear about the Avalanche network in the first place? Access to the network was advertised through postings—similar to advertisements—on exclusive underground online criminal forums.

“Cyber criminals can victimize millions of users in a moment from anywhere in the world.”
Scott Smith, assistant director, FBI Cyber Division

Because most cyber schemes cross national borders, an international law enforcement response is absolutely critical to identifying not just the technical infrastructure that facilitate these crimes, but also the administrators who run the networks and the cyber criminals who use these networks to carry out their crimes.

The FBI—with its domestic and international partners—will continue to target the most egregious cyber criminals and syndicates. But U.S. businesses, other organizations, and the general public need to do their part by protecting their computers and networks from malware and other insidious cyber threats. Don’t click on links embedded inside e-mails. Don’t open e-mail attachments without verifying who they’re from. Use strong passwords. Enable your pop-up blocker. Only download software from sites you trust. And make sure your anti-virus software is up to date.

Each of us securing our own devices—coupled with a coordinated law enforcement effort to combat ongoing cyber threats—will go a long way toward protecting all of us in cyberspace. 

Monday, December 5, 2016

Avalanche Network Dismantled In International Cyber Operation


The U.S. Justice Department released the below information:

The Justice Department today announced a multinational operation involving arrests and searches in four countries to dismantle a complex and sophisticated network of computer servers known as “Avalanche.”  The Avalanche network allegedly hosted more than two dozen of the world’s most pernicious types of malicious software and several money laundering campaigns. 
Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, Acting U.S. Attorney Soo C. Song of the Western District of Pennsylvania and Assistant Director Scott S. Smith of the FBI’s Cyber Division made the announcement.
“For years, sophisticated cyber criminals have used our own technology against us—but as their networks have grown more complex and widespread, criminals increasingly rely on an international infrastructure as well,” said Assistant Attorney General Caldwell.  “Avalanche is just one example of a criminal infrastructure dedicated to facilitating privacy invasions and financial crimes on a global scale.  And now a multinational law enforcement coalition has turned the tables on the criminals, by targeting not just individual actors, but the entire Avalanche infrastructure.  Successful operations like this one can disrupt an entire criminal ecosystem in one strike.” 
“The takedown of Avalanche was unprecedented in its scope, scale, reach and cooperation among 40 countries,” said Acting U.S. Attorney Song.  “This is the first time that we have aimed to and achieved the destruction of a criminal cyber infrastructure while disrupting all of the malware systems that relied upon it to do harm.”
“We are committed to halting cybercriminal activity against the United States,” said Assistant Director Smith.  “Cybercriminals can victimize millions of users in a moment from anywhere in the world.  This takedown highlights the importance of collaborating with our international law enforcement partners against this evolution of organized crime in the virtual.”
The Avalanche network offered cybercriminals a secure infrastructure, designed to thwart detection by law enforcement and cyber security experts, over which the criminals conducted malware campaigns as well as money laundering schemes known as “money mule” schemes.  Online banking passwords and other sensitive information stolen from victims’ malware-infected computers was redirected through the intricate network of Avalanche servers and ultimately to backend servers controlled by the cybercriminals.  Access to the Avalanche network was offered to the cybercriminals through postings on exclusive, underground online criminal forums. 
The operation also involved an unprecedented effort to seize, block and sinkhole – meaning, redirect traffic from infected victim computers to servers controlled by law enforcement instead of the servers controlled by cybercriminals – more than 800,000 malicious domains associated with the Avalanche network.  Such domains are needed to funnel information, such as sensitive banking credentials, from the victims’ malware-infected computers, through the layers of Avalanche servers and ultimately back to the cybercriminals.  This was accomplished, in part, through a temporary restraining order obtained by the United States in the Western District of Pennsylvania.      
The types of malware and money mule schemes operating over the Avalanche network varied.  Ransomware such as Nymain, for example, encrypted victims’ computer files until the victim paid a ransom (typically in a form of electronic currency) to the cybercriminal.  Other malware, such as GozNym, was designed to steal victims’ sensitive banking credentials and use those credentials to initiate fraudulent wire transfers.  The money mule schemes operating over Avalanche involved highly organized networks of “mules” who purchased goods with stolen funds, enabling cybercriminals to launder the money they acquired through the malware attacks or other illegal means. 
The Avalanche network, which has been operating since at least 2010, was estimated to serve clients operating as many as 500,000 infected computers worldwide on a daily basis.  The monetary losses associated with malware attacks conducted over the Avalanche network are estimated to be in the hundreds of millions of dollars worldwide, although exact calculations are difficult due to the high number of malware families present on the network.
Several victims of Avalanche-based malware attacks are located in the Western District of Pennsylvania.  A local governmental office was the victim of a Nymain malware attack in which computer files were encrypted until the victims paid a Bitcoin ransom in exchange for decrypting the files.  Two companies, based in New Castle and Carnegie, Pennsylvania, and their respective banks were victims of GozNym malware attacks.  In both attacks, employees received phishing emails containing attachments designed to look like legitimate business invoices.  After clicking on the links, GozNym malware was installed on the victims’ computers.  The malware stole the employees’ banking credentials which were used to initiate unauthorized wire transfers from the victims’ online bank accounts.  
The U.S. Attorney’s Office of the Western District of Pennsylvania, the FBI and the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS) conducted the operation in close cooperation with the Public Prosecutor’s Office Verden; the Luneburg Police of Germany; Europol; and Eurojust, located in The Hague, Netherlands; and investigators and prosecutors from more than 40 jurisdictions, including India, Singapore, Taiwan and Ukraine.     
Other agencies and organizations partnering in this effort include the Department of Homeland Security’s U.S.-Computer Emergency Readiness Team (US-CERT), the Shadowserver Foundation, Fraunhofer Institute for Communication, Registry of Last Resort, ICANN and domain registries from around the world.  The Criminal Division’s Office of International Affairs also provided significant assistance.  
Assistant U.S. Attorney Charles Eberle of the Western District of Pennsylvania and CCIPS Senior Trial Attorney Richard D. Green are prosecuting the case.  Assistant U.S. Attorney Michael A. Comber of the Western District of Pennsylvania and CCIPS Senior Trial Attorney Green are handling the civil action to disrupt the malware operating over the Avalanche network.  
Individuals who believe that they may have been victims of malware operating over the Avalanche network may use the following webpage created by US-CERT for assistance in removing the malware: www.us-cert.gov/avalanche
Anyone claiming an interest in any of the property seized or actions enjoined pursuant to the court orders described in this release is advised to visit the following website for notice of the full contents of the orders:https://www.justice.gov/opa/documents-and-resources-december-5-2016-announcement-takedown-international- 

Saturday, December 3, 2016

The Birth Of SEAL Team Six


Sarah Pruitt at History.com offers a piece on the birth of SEAL Team Six.

IF much of the history and operations of the U.S. Navy’s special operations forces, or Navy SEALs, remain shrouded in secrecy, that’s especially true for Team Six, the highly classified group that carries out some of the world’s most dangerous and difficult military missions. The Pentagon barely acknowledges the group’s existence, and doesn’t call it by the name Team Six; it’s officially known as the Naval Special Warfare Development Group, or DevGru for short. From World War II to today, we trace the history behind one of the nation’s most elite and most secretive military organizations.

You can read the rest of the piece and watch a video clip via the below link:

http://www.history.com/news/the-birth-of-seal-team-six

You can also read my Counterterrorism magazine piece on the history of the Navy SEALs via the below link:

http://www.pauldavisoncrime.com/2015/04/a-look-back-at-history-of-us-navy-seals.html

And you can read my Counterterrorism magazine piece on the WWII UDT frogmen who influenced the modern Navy SEALs via the below link:

http://www.pauldavisoncrime.com/2013/06/a-look-back-at-world-war-ii-us-navy.html

1880: Philly Surgeon And Soldier Duel With Pistols Over Fashion Statement


Tommy Rowan at the Philadelphia Inquirer offers an interesting piece on a duel in 1880.

At the count of three, the surgeon and the soldier both fired their 10-inch-long, platinum-lined pistols on April 10, 1880.
There was no doubt both men fired. But whether Dr. James William White aimed his shot at the sky rather than the heart of Robert “Bertie” Adams Jr. was the subject of much debate.
The “slight misunderstanding” that led to the once-infamous “affair of honor” was not over a woman — it was over an outfit.
You can read the rest of the piece via the below link:

On This Day In History Author Joseph Conrad Was Born


As History.com note, on this day in 1857 Joseph Conrad, the author of Heart of Darkness, The Secret Agent and other classic novels, was born.

You can read about Joseph Conrad and his life and work via the below link:

http://www.history.com/this-day-in-history/joseph-conrads-birthday?cmpid=email-hist-tdih-2016-1203-12032016&om_rid=de5e4076c942a595dbda53f758321d197499484f6d117f61b6ac5c08e0d6f0aa&om_mid=117634110&kx_EmailCampaignID=8481&kx_EmailCampaignName=email-hist-tdih-2016-1203-12032016&kx_EmailRecipientID=de5e4076c942a595dbda53f758321d197499484f6d117f61b6ac5c08e0d6f0aa%20&os_ehash=44@experian:de5e4076c942a595dbda53f758321d197499484f6d117f61b6ac5c08e0d6f0aa