Djibouti: Regional Security News Brief
Djibouti (HAN) August 31.2016. Public Diplomacy & Regional Security News.
1.Kenyan refugee agency “just dumped the refugees” without proper resettlement mechanism
Jubaland regional state administration refused to receive returnees from Dadaab.The Somali refugees are going back as part of repatriation from Kenya. Hunderededs Somali refugees, mainly women and children, were stranded in Dhobley at the Kenya-Somalia border. Jubaland’s Interior minister Mohamed Darwish said Kenya and the UN refugee agency “just dumped the refugees” without proper resettlement mechanism.
2- Ethiopians Shave Heads to Mourn Fallen in Oromia, Amhara
Oromo People are shearing off their hair with electric razors in response to a letter smuggled out of prison by Oromo political leader Bekele Gerba and others. In some Ethiopian cultures, a shaved head is part of the mourning process after the death of a loved one.
3- Ethiopia: EPRDF Meeting and claims of return to peace and security
Ethiopia’s ruling party, the Ethiopian People’s Revolutionary Democratic Front (EPRDF), met over the weekend to discuss protests and issued a statement giving an overview of progress made in the past 15 years. The statement praised its security forces for the “sacrifices paid with life and physical harm.” It said continued sacrifice will be needed to “maintain peace and guard the country’s development, democracy and peace”.
4- Ethiopia, Tanzania to Sign Power Supply Deal
Ethiopia signed MoU with Burundi, Rwanda and Tanzania who showed interest to import energy. Tanzania has joined the group of countries purchasing power from Ethiopia. The country will sign a 400 MW purchase agreement with Ethiopia in the coming weeks, announced Ethiopian Electric Power (EEP). The latest deal between Ethiopia and Tanzania goes beyond power selling as it also fosters economic integration.
5- Eritrea: Thousands of Refugees Rescued Off the Coast of Libya
Migrants, most of them from Eritrea, jump into the water from a crowded wooden boat as they are helped by members of Italian CoastGuard.
6- Turkey rejects cease-fire claims with PKK/PYD- terror groups, not Kurdish people
EU Minister Omer Celik says there cannot be a cease-fire between Ankara and PKK/PYD as Turkey is an ‘independent and lawful’ state. “The Republic of Turkey is an independent, lawful state,” said Celik, It cannot be evaluated as if they [Turkey and PKK/PYD] were equal and there was an agreement between them.” “PYD’s activities in northern Syria benefit terror groups, not Kurdish people,” said Celik.
7- The U.S. State Department is evaluating a video released by the Afghan Taliban
The U.S. State Department said Tuesday it is evaluating a video released by the Afghan Taliban showing a Canadian man and his American wife warning that their Afghan captors will kill them and their children unless the Kabul government ends its executions of Taliban prisoners. “I would tell you that the video is still being examined for its validity,” State Department spokesman John Kirby said in response to a question at his daily briefing. “We remain concerned, obviously, about the welfare of Caitlan and her family, and we continue to urge for their immediate release on humanitarian grounds.”
8- Yemen Suicide Attack Claimed by Islamic State Kills at Least 61 People
Islamic State claimed responsibility for a suicide bombing in Yemen that officials said killed at least 61 people and wounded dozens more. The bomber drove into a crowd of people at a military recruiting center in the southern city of Aden and detonated the vehicle, local security and medical officials said. Islamic State frequently attacks security and government targets in Aden, home to the internationally recognized government of President Abed Rabbo Mansour Hadi. The attack comes as Yemen’s conflict enters its 17th month. The war, which pits Hadi’s government and a Saudi-led military coalition against the Shiite Houthi rebels, created a security vacuum that has allowed extremist groups to expand.
9- Kerry Offers New Security Ties to Bangladesh to Fight Terror
Secretary of State John Kerry says U.S. and Bangladesh intelligence and law enforcement agencies will cooperate more closely to combat extremists after recent attacks on locals and foreigners raised concerns the Islamic State is spreading its network in Bangladesh. In meetings with Prime Minister Sheikh Hasina and others during the one-day visit to Dhaka, Kerry said he emphasized that the Islamic State is growing in South Asia as it weakens in Iraq and Syria. The Islamic State claimed responsibility for a July 1 attack in Dhaka on a restaurant popular with foreigners that killed 22 people. Islamic State has claimed responsibility for several other incidents in Bangladesh, and promised more assaults in a video released days after the attack. Officials acknowledge Islamic extremist groups in Bangladesh may have links to outsiders, but say the extremism is largely homegrown and has been fomented by the opposition Bangladesh Nationalist party. Kerry encouraged Bangladesh to strengthen worker rights, saying marginalized citizens are vulnerable to extremist recruiting.
10- Turkish Offensive on Islamic State in Syria Caught U.S. Off Guard
Officials on both sides have said that the U.S. and Turkey were not as aligned on the operations in Syria last week as their public statements indicated. While the White House was preparing to consider a secret plan to have American special forces join the Turks, Ankara pulled the trigger on the mission unilaterally without giving officials in Washington advance warning. U.S. officials say Turkey’s decision undercut a behind-the-scenes effort to clear rival Syrian Kurdish elements out of the conflict zone first has created a new challenge for the U.S. as two of its most important partners in the campaign fight each other instead of Islamic State. Officials in Washington said they warned their Turkish military counterparts on Aug. 29 that the U.S. will not provide air support to Turkish forces pushing deeper into Syrian territory, but will continue to provide air support to Turkish forces moving westward, into the border area threatened by Islamic State.
11- Security Teams Not Keeping Up With Exponential Cloud Server Growth
Nearly all respondents to a CloudPassage survey conducted at the annual Black Hat security conference said when moving from traditional data centers to a cloud infrastructure environment, they increased the number of server workloads by a factor of two to 100. This greatly increases their attackable surface area, and more than 75 percent of respondents said security team hiring in the organization has lagged the rate at which new server workloads are created, changed, or retired in the cloud. “Adopting cloud infrastructure and agile application delivery creates exponential growth in server workloads, meaning more potentially attackable surface area and more security management overhead,” says CloudPassage co-founder Carson Sweet. One third of respondents who reported an increase in the number of server workloads when they moved to the cloud also said they doubled the number of server instances from the number in their original data centers. In addition, 25 percent reported the number of server instances to be five times higher in the cloud than in their traditional data centers. Only 28 percent said they are leveraging a full suite of tools that let them protect and analyze cloud server workloads automatically when configuring and deploying them. However, 37 percent have some security automation tools for configuration and deployment, but another 35 percent are not automating security for configuration or deployment.
12- Sophisticated Malware Possibly Tied to Recent ATM Heists in Thailand
A new malware program, called Ripper, is believed to have been used to steal more than $350,000 from ATMs in Thailand. Ripper, which was uploaded to the VirusTotal database from a Thailand IP address last week, targets three ATM brands and can disable a machine’s local network interface. The malware is deployed through an unsecured machine’s CD-ROM and USB ports; these ports are accessible with special service keys, which can be bought online. Once installed on an ATM, a specially programmed card issues a command to dispense up to 40 banknotes. Ripper uses features seen in other ATM malware variants, including an option to destroy forensic evidence. The heist in Thailand forced the Government Savings Bank to temporarily shut down all ATMs made by a certain vendor so the machines could be checked for malware.
13- Dropbox Prompts Certain Users to Change Their Passwords
Dropbox is asking users who signed up before mid-2012 to update their passwords if they have not changed them since then. The platform is asking users to change their passwords as a preventative measure, and maintains that there is no indication that their accounts were improperly accessed. The company says that it was taking the measure because its security teams learned about an old set of Dropbox user credentials that it believes were obtained in 2012 and could be linked to an incident the company reported around the time. Users who signed in before 2012 and have not changed their password since then will be prompted to change it the next time they sign into their accounts. Users will have to set a stronger password with the help of a meter provided by Dropbox that measures its strength.
14- What IT Pros Need to Know About Hiring Cybersecurity Hunt Teams
Some organizations are forming specialized groups called hunt teams to defend their networks against the latest attack techniques. As a group of cybersecurity experts, hunt team members have advanced intrusion detection, malware analysis and data science skills. Gartner refers to the business model that utilizes hunt teams as Managed Detection and Response. Some companies have outsourced their hunt teams to firms like eSentire that employ a round-the-clock network operations center staffed with qualified analysts. Security vendors with multiple clients can then apply what they learned from one client to better protect other customers. “My peers generally agree it would be very difficult to have this kind of expertise in house,” says a financial firm chief technology officer and eSentire customer. “Even if you could bring the skills in-house, it’s probably not a good idea, because it’s such a dynamic field.”
15- Russian Hackers Targeted Arizona Election System
Hackers targeted voter registration systems in Illinois and Arizona, and the FBI alerted Arizona officials in June that Russians were behind the assault on the election system in that state. The bureau described the threat as “credible” and significant,” said Matt Roberts, a spokesman for Arizona Secretary of State Michele Reagan. It turned out that the hackers had not compromised the state system or even any county system. They had, however, stolen the username and password of a single election official in Gila County. The Arizona incident is the latest indication of Russian interest in U.S. elections and party operations, and it follows the discovery of a high-profile penetration into Democratic National Committee computers. The Russian campaign is also sparking intense anxiety about the security of this year’s elections. Earlier this month, the FBI warned state officials to be on the lookout for intrusions into their election systems. The “flash” alert said investigators had detected attempts to penetrate election systems in several states and listed Internet protocol addresses and other technical fingerprints associated with the hacks. In addition to Arizona, Illinois officials discovered an intrusion into their election system in July. Although the hackers did not alter any data, the intrusion marks the first successful compromise of a state voter registration database, federal officials said. The Illinois hackers were able to retrieve voter records, but the number accessed was “a fairly small percentage of the total,” said Ken Menzel, general counsel for the Illinois election board.
16- Layers of Security Added to Protect U.S. Open Fans
The U.S. Open in Queens this year has increased security due to terror attacks overseas and mass shootings in the U.S. Even without the additional concerns, the event has tremendous security requirements, with 700,000 spectators expected over two weeks in two stadiums, two grandstands, and other seating at more than a dozen other tennis courts. On Sunday night, police were still looking for a man who attempted to kidnap a girl from Arthur Ashe Stadium as she watched a practice match. The New York Police Department, which ordinarily has hundreds of officers in and around the tennis center, plans to increase its presence this year, on top of the tournament’s roughly 300 private security guards. Temporary closed-circuit surveillance cameras will be installed, along with devices to detect chemical, biological, and radiation risks. Strict screening checkpoints are in place for spectators, and the grandstands have been reinforced with thick cable that could withstand a crash from a truck loaded with explosives.
17- Despite Billions Spent on Cybersecurity, Companies Aren’t Truly Safe From Hacks
Private-sector companies spent more than $75 billion on security software last year, but analysts say the increased spending has not made private-sector systems much safer. As security software becomes more sophisticated, organizations are facing off against increasingly advanced hackers who have found ways to bypass security measures, particularly signature-based antivirus software. Many companies are not deploying approaches such as security analytics to detect suspicious events, and analysts say enterprises are putting their sensitive data at risk by migrating to the cloud without sufficient security policies in place. Additionally, software is not always properly monitored and supported by employees. “We are safer in a way, but criminals—the advanced ones—can still get through,” says Gartner analyst Avivah Litan. “Companies have definitely raised the cybersecurity bar, but criminals can keep going higher than the bar.” Another factor complicating the private sector’s dilemma is companies’ unwillingness to talk publicly about hacks and breaches. Companies that are seeing positive results with new cybersecurity systems are also hesitant to discuss their successes out of fear they will only invite attacks. “I don’t think enterprises have gotten worse at cybersecurity, but they are dealing with complexities that they didn’t have to deal with 10 years ago,” says IDC’s Robert Westervelt. “It’s two steps forward, and then external factors make you take a step back.”