Tag Archives: Mossad

Israel-Iran Covert War based in Azerbaijan; US Leak

Reports that Israel has access to airbases in Azerbaijan, Iran’s uneasy northern neighbor, could point to a strategic shift in the battle lines between the Jewish state and the Islamic Republic — and could affect the smoldering U.S.-Iranian standoff.  Having the use of air bases right on Iran’s doorstep would completely change the military situation for Israel by eliminating one of its major headaches: the distance its strike jets would have to fly to reach their targets in Iran and return to their bases.  The round trip total in excess of 2,200 miles and would necessitate one — possibly two — in-flight refueling, during which the strike aircraft as well as their aerial tankers would be highly vulnerable.  Israel only has a handful of aerial tankers, limiting the size of the strike force.

Having bases in Azerbaijan, a Soviet republic until 1991, would mean the attacking F-16I and F-15I jets could reach their targets without in-flight refueling because, if the reports attributed to U.S. officials are correct, the planes could land in Azerbaijan to fill their fuel tanks and head home.  The Azeri government in Baku has denied it has made any deal with Israel and Israel has refused to validate the reports.  But in recent years, Muslim, pro-Western Azerbaijan has established strong military and intelligence links with Israel while Baku’s relations with Iran have steadily deteriorated.

The U.S. magazine Foreign Report, in its March 28 edition, quoted four senior U.S. diplomats and military intelligence officers as saying Israel has been granted access to airbases in Azerbaijan…..

Now the whole issue gets rather murky.  There are growing suspicions that the report, true or otherwise, was deliberately leaked by the administration of U.S. President Barack Obama as a signal to Israeli Prime Minister Binyamin Netanyahu, the leading proponent of attacking Iran, to back off unilateral Israeli action the U.S. administration believes will ultimately cost America dearly.  “Clearly this is an administration-orchestrated leak,” said Republican hard-liner John Bolton, a former U.S. ambassador to the United Nations.  “It’s just unprecedented to reveal this kind of information about one of your allies.”

What is clear is that Israel and Azerbaijan are drawing increasingly closer for their mutual advantage and defense.  But Israel’s prime concern is definitely Iran.  Azeri security authorities, in conjunction with the Mossad, Israel’s foreign intelligence service, have thwarted several plots to attack Israeli targets in Baku, including a school and the embassy.  These operations were blamed on the Iranian Revolutionary Guards’ elite al-Quds Force and Hezbollah of Lebanon, Tehran’s main proxy in the Middle East and widely perceived as being run by the Guards Corps. The Mossad maintains a sizeable presence in Azerbaijan and reportedly runs clandestine operations inside Iran from there.

Then in January, Israel Aerospace Industries announced it had secured a $1.6 billion contract with a state that wasn’t identified, apparently for censorship reasons…..

U.S. report shifts Israel-Iran battle lines, UPI.com, April 3, 2012

Who is Hacking Whom? the Iranian Hackers

After breaching the Dutch CA (Certification Authority) DigiNotar, Iranian hackers managed to sign forged certificates for the domains of spy agencies CIA, Mossad and MI6. Leading certification authorities like VeriSign and Thawte were also targeted, as were Iranian dissident sites.  The cyber attack on DigiNotar, a Dutch subsidiary of VASCO Data Security International Inc, is much more serious than previously thought. In July, hackers gained access to the network and infrastructure of several of DigiNotar’s CAs. Once inside, they generated hundreds of forged certificates for third-party domains.  With these certificates hackers can potentially syphon off user login credentials by spoofing a legitimate site, complete with a functioning but forged SSL-certificate, apparently issued by DigiNotar.

The forged certificates match domains of the U.S. Central Intelligence Agency, the Israeli secret service Mossad, and the British spy agency MI6. On top of that, the hackers created false certificates of other CA’s like VeriSign and Thawte, in an attempt to also misuse their trusted position in securing Internet communications……

The cyber attackers even created fake certificates with messages praising the Iranian Revolutionary Guard, NOS reported.  It’s still unknown how successful the hackers have been in harvesting logins and spying on e-mail and chat messages. Most certificates have either elapsed or were revoked after DigiNotar discovered the breach in mid July.

Chris Soghoian, security and privacy researcher at Indiana University and Graduate Fellow at the Center for Applied Cybersecurity Research, said the list is a “very interesting set of sites.” However, he’s skeptical that the hackers could have penetrated into the networks of the spy agencies with the forged certificates.  “Actually I think the secret service domains are the least alarming part. It’s sexy, and will probably lead to a lot of questions and interest from government agencies. Of course, nobody wants to get caught with their pants down, but there’s really no classified information on these domains. Those are on separate, secured internal networks. So the practical security impact of the Iranian government getting a certificate for the CIA is nill. It’s really just very embarrassing, that’s all,” said Soghoian in an interview with Webwereld.

Still, the cyber hack at DigiNotar has a very high profile. “What is alarming is that they forged certificates for other CA’s, like VeriSign and Thawte. But the most problematic are sites like Google and Facebook. And also Walla, which is one the biggest mail providers in Israel.” Through forged SSL certificates of these sites the Iranian regime would be able to syphon the accounts and online communications of countless people, explained Soghoian.

Google has already updated its Chrome browser so it blocks access to any site which uses a DigiNotar certificate. Mozilla and Microsoft are expected to issue patches for their browsers soon. The Microsoft Security Response team tweeted earlier: “We’re in the process of moving all DigiNotar CAs to the Untrusted Root Store which will deny access to any website using DigiNotar CAs.”  This means hundreds of Dutch government sites will become inaccessible by browsers over the coming days if the agencies don’t switch to another certificate issuer in time.

Last week, Dutch security company Fox-IT carried out a forensic examination of the cyber hack at DigiNotar. The preliminary results prompted the government in The Hague to go into crisis mode, putting in effect an immediate stop to any DigiNotar services, and taking over the operational management of the DigiNotar Certification Authority.  The report on this investigation will be sent to the Parliament and made public on Monday.

Andreas Udo, Hackers Forge Certificates to Break into Spy Agencies, PC World, Sept. 4, 2011

Covert Action: killing nuclear scientists

Iran says one of its nuclear scientists has been “assassinated” in Tehran.  State media reports say the scientist was killed in front of his house on Saturday by unidentified assailants who were riding motorcycles. The ISNA news agency has identified the scientist as Daryoushi Rezaie. The report says his wife was injured in the attack. Last year, Iranian officials blamed Israel for bomb attacks that killed a prominent nuclear scientist and wounded another. State media reports said one explosion killed nuclear scientist Majid Shahrairi and a separate blast wounded nuclear physicist Fereidoun Abbasi. The reports say in both cases, attackers on motorcycles attached bombs to the scientists’ cars.  The intelligence ministry later said authorities had arrested more than 10 suspects in connection to the attacks. It said the suspects were linked to Israel’s Mossad spy agency. Israel denied involvement in the incidents. Tensions have been high between Iran and many western nations that suspect Iran is working to develop nuclear weapons. Tehran says its nuclear program is peaceful.

Iranian Nuclear Scientist ‘Assassinated’, Voice of America, July 23rd, 2011