Source: South Front

FILE PHOTO © REUTERS/Shannon Stapleton

RT reports (source):

A US Navy air base in Corpus Christi, Texas is on lockdown after an active shooter incident at the facility. Soon after the alarm was raised, officials said the shooter had been “neutralized.”

The shooting was reported at around 6.15am local time Thursday. As Naval Criminal Investigative Service (NCIS) investigators and local law enforcement responded, airbase officials warned anyone near the north gate of the base to “get out and away to safety.”

“Execute lockdown procedures – remain indoors and away from windows,” they added in a Facebook post about the unfolding incident.

Corpus Christi Police Department, meanwhile, urged anyone outside the facility to “avoid the area entirely.”

According to officials at the base, the shooter has been “neutralized.” Naval officials said that one security worker was injured.

The Corpus Christi base, which is home to four training squadrons, was briefly placed on lockdown in December, when a person making “verbal threats” was found in possession of a weapon and arrested.

The December incident came amid a spate of shootings at US military bases. During the same week, a Saudi military student shot and killed three people at Naval Air Station Pensacola

Source: South Front

Originally appeared at ZeroHedge

Though largely off the mainstream media’s radar amid all things pandemic related, we’ve been closely following the saga of Iran’s provocatively sending five fuel-laden tankers to gasoline-starved Venezuela, despite repeat and growing threats of US intervention against the brazen sanctions-busting mission.

And now surely escalating matters from Washington’s point of view, the Maduro government has vowed it will provide navy ships and military aircraft to escort the inbound Iranian fuel tankers.

Venezualan Su-30MKII fighter jets, via Military Watch Magazine.

Defense Minister Vladimir Padrino said on Wednesday that the military escort will be prepared to defend the ships once they enter Venezuela’s Exclusive Economic Zone (EEZ), which extends 200 miles off the coast — this after Trump was previously reported to have ordered a US naval build-up in the Caribbean in order to thwart sanctions-busting and narco-trafficking conducted by the Latin American country.

“When they enter our exclusive economic zone, they will be escorted by Bolivarian National Armed Forces boats and planes to welcome them in and thank the Iranian people for their solidarity and cooperation,” Padrino said on state television.

He underscored that he was closely coordinating with Iran’s defense minister, also after Washington has focused on the

This is the newst update of the ‘U.S. Carrier Strike Groups Locations Map’ exclusive series showing the approximate locations of U.S. Carrier Strike Groups. SouthFront: Analysis & Intelligence tracks locations of U.S. aircraft carriers using the available open-source information. No classified information was used in production of the map.

Locations Of US Carrier Strike Groups – May 11, 2020

Click to see the full-size image

Carrier strike group (CSG) is an operational formation of the United States Navy. It is centered on an aircraft carrier and a carrier air wing (CVW) of 65 to 70 aircrafts. It’s composed of roughly 7,500 personnel, an aircraft carrier, at least one cruiser, a destroyer squadron of at least two destroyers and/or frigates. A carrier strike group also, on occasion, includes submarines, attached logistics ships and a supply ship. Carrier strike groups comprise a principal element of U.S. power projection over the world’s oceans.


The post Locations Of US Carrier Strike Groups – May 11, 2020 appeared first on .

An Overview of NATO Efforts To Remotely Embed Malware


Today, one of the top priority dimensions of raising capabilities of cyberoperations is the creation of special hardware and software appliances and information technologies to carry out intelligence-gathering and offensive operations. It involves active development of so-called information weapons, a category that encompasses the whole range of means of attacking the adversary’s information resources. This type of attack mainly affects computer and telecommunications systems, including software, databases, computing and data processing, and also communications networks.

Of particular importance is the establishment of dedicated offensive technologies that can be applied covertly against command and control infrastructure in order to disrupt the orderly functioning of their key components, and to seize control over them.

Intellligence-gather cyber tools are intended to collect information about adversary, including structure, functioning, and vulnerabilities of its command systems. To achieve that, automated workstations will have malware inserted in order to establish a distributed, remotely controlled, intelligence gathering network. It may include thousands of computers in government and military facilities in various countries.

The definition of malware includes external or internal programming code possessing various destructive functions, such as:

  • destroying or changing software, destroying or corrupting data after a certain condition is met (“logic bombs”);
  • exceeding the user’s authority in order to copy confidential information or to make such copying possible (“trojan horses”);
  • corrupting protection systems or making it possible to bypass them;
  • intercepting user login credentials through phishing or keystroke logging;
  • intercepting data flowing within a distributed systems (monitors, sniffers);
  • concealing one’s presence;
  • self-replication, associating with other software and/or embedding own fragments into other operating or external memory not originally targeted by the malware;
  • destroying or corrupting software code in operating memory;
  • corruption, blocking, or supplanting data created by applications and entered into data links or external memory.

Overall, there are three main types of destructive functions that may be performed by malware:

  • Preserving or collection of fragments of data created by user, applications, uploading and downloading data, in external memory (local or remote) in the net or a stand-alone computer, including passwords, keys, and other access credentials, confidential documents in electronic form, or simply general corruption of fragments of sensitive data;
  • Changing application algorithms (deliberate action against external or operating memory), in order to change the basic logic of their functioning;
  • imposing a specific work regime or changing data being recorded by data produced by malware.

Overall, the use of malware assumes the existence of an internal distribution mechanism to spread it to global or local networks, including the internet, to carry out specific tasks. These may include:

  • penetrating remote computers to completely or partially seize control;
  • launching own copies of malware on the infected computer;
  • possible further penetration of all available networks.

Such malware is mainly distributed as files attached to emails and electronic messages, and also through specially placed hyperlinks. This type of attack is distinguished by its scale and high speed of infection. Internet sites engaged in spreading malware increase by a factor of two every year. These sites attract attention of internet users by posting current informational content: news, analysis, overview of information technologies, and also commercial and entertainment articles. More than 20% of sites are specifically intended for malware distribution.

An Overview of NATO Efforts To Remotely Embed Malware


Other means of using malware include:

  • distributed denial of service (DDOS) attacks by generating intense traffic from false requests, which makes it impossible for actual users to gain access to the network or servers;
  • dissemination of malware through USB memory devices, the most efficient means of doing so;
  • embedding and activating code inserts.

At the same time, many NATO countries have established military units for cyber-operations, and also pursue the development of scientific and technical infrastructure to develop special information technologies for offensive use, including self-multiplying and self-distributing malware, and developing doctrines for their use.

Moreover, there is the so-called file-less (packet) malware distributed as net packets and penetrating computers through OS vulnerabilities or security holes in applications.

In order to embed malware remotely, one can use social engineering or weaknesses in organizational network administration, such as unprotected local disks.

The most widespread means of embedding malware is the Internet. Offensive malware targets both individual computers and networks. It accomplishes penetration using known and newly discovered weaknesses of both software and hardware developed by the potential adversary, but also in devices and programs developed by the world’s leading IT firms, most of which are based in the US.

Other means of embedding malware are: agents, remote technical means including peripheral appliances of the system being attacked, combined attacks, etc. Malware developers focus on the ability to maintain stealthy presence amidst the target’s software and remain there even after an upgrade or software renewal.

Main means of covert embedding of malware include:

  • Pretending to be ordinary software. This approach assumes embedding malware using the process of installing a new application. It may be embedded in graphic or text editors, system utilities, screensaver, etc. Its existence is not concealed after installation;
  • Pretending to be a module for expanding the computing environment. It’s a frequent variation on the previous one, and uses access to the ability to expand environments. For example, for Microsoft Windows OS such modules may include DLL modules and drivers, potentially containing malware;
  • Malware replacing one of several application modules of the attacked environment. This method consists of choosing one or several modules for replacement with malware-infected modules in order to carry out the intended tasks. Such malware should externally be able to carry out the normal functions of the software thus targeted;
  • Direct association. This method consists of associating malware with executable files of one or several legal programs in the system. This is the simplest method for single-task, single-user systems;
  • Indirect association. It consists of associating malware with the code of a software module loaded into operating memory. In this instance the executable file remains unchanged, which makes malware detection harder. It’s also necessary to ensure the installable part of the virus already is present in the system.

The most potentially useful means of embedding malware, not including through global networks, in order to gain covert access to enemy networks are:

IRATEMONK allows embedding of malware in order to conduct surveillance on desktop and portable computers through recording onto the hard-drive BIOS, giving it the ability to implement its code by replacing the MBR. It works on various types of hard drives, including Western Digital, Seagate, Maxtor, and Samsung. It supports FAT, NTFS, EXT3, and UFS file systems, but systems with RAID are not. After embedding, IRATEMONK launches its payload every time the target computer is turned on.

SWAP allows embedding malware for espionage by using motherboard BIOS and HPA domain of the hard drive by running the OC launch code. This program allows remote access to various operating systems (Windows, FreeBSD, Linux, Solans) with various file systems (FAT32, NTFS, EXT2, EXT3, UFS 1.0). Two utilities are used for installation: ARKSTREAM (it spoofs the BIOS) and TWISTEDKILT (it writes SWAP protocol and the malware payload to the HPA area of hard drive, and is used mainly against cell phones).

COTTONMOUTH is a USB device insert providing a wireless bridge to the target network and also for loading exploits to the target system. It may open a covert channel to send commands and data. Built-in radio transmitter allows it to collaborate with other COTTONMOUTH. It’s based on TRINITY component base, with HOWLERMONKEY used as the transmitter. There’s also a version called MOCCASIN, which is inserted into a USB keyboard’s commutation matrix.

FIREWALK is an insert used to passively collect Gigabit Ethernet traffic, and to embed malware into Ethernet packets. It can create a VPN tunnel between the targeted network and the center. It’s possible to establish wireless communications with other HOWLERMONKEY-compatible devices. This insert is similar in execution to COTTONMOUTH. It uses TRINITY component base, and HOWLERMONKEY as transmitter.

NIGHTSTAND is a mobile system for active attacks on Wi-Fi nets, with the target being Windows machines when direct access is not possible. The system is based on a notebook-type portable computer running Linux and equipped with radio communications. External amplifiers and antennas give it range of up to 13km.

DEITYBOUNCE delivers programming access to Dell PowerEdge servers with the help of motherboard BIOS and the use of the SMM regime to obtain the ability to launch itself before the system is launched. After set-up, it will run every time the system is switched on.

FEEDTROUGH is equipment for installing two types of malware, BANANAGLEE and ZESTYLEAK, used to overcome network firewalls. This method is used when the firewall is launch. Malware’s installation is performed if operating system is present in the database, otherwise it is installed normally. FEEDTROUGH remains in place when the firewall operating system is updated.

CTX4000 is a portable continuous emitter. It is used to obtain data from inserts installed on targeted systems.

NIGHTWATCH is a PC-based system, used to process signals from the targeted monitor. Signals may be obtained using data collection systems (inserts in fiberoptic cables) or from a general purpose receiver.

HOWLERMONKEY is a short- and medium-range radio transmitter. It is a special radio module for other inserts. It is used to collect data from inserts and enabling remote access to it.

Moreover, there are other methods of embedding malware, through transceivers installed in USB cables or devices, through Wi-Fi, Bluetooth, GSM devices and cables attached to the targeted computer.

One of the promising methods of remote malware placement is the unmanned aerial vehicle (UAV). USAF specialists have developed the WASP (Wireless Aerial Surveillance Platform) UAV on the basis of the FMQ-117B aerial target. It’s main mission are reconnaissance cyberoperations. Thanks to its onboard equipment, it may break into detected Wi-Fi networks, intercept cell phone conversations. WASP equipment includes HD-resolution camera, 11 antennas for various radio communications, GPS receiver, and onboard computer running Linux. Its memory contains a malware arsenal to break into wireless networks and a dictionary with 340 thousand words for “brute force” attacks. Obtained data and intercepted conversations are recorded in the onboard computer memory (solid-state hard drive with 500 GB memory) and may also be sent using internet channels to a special server using 3G and 4G networks, or the compromised Wi-Fi hot-spots.

The UAV’s GPS allows it to operate autonomously along an assigned route, but it needs operator’s involvement for take-off and landing. Each system costs about $6 thousand, not including the cost of the UAV.

Similar efforts are underway by US Army Cyber Command in order to interfere with automated command points at tactical and operational levels. The Sun Eagle tactical reconnaissance UAV is being used to test equipment for remote malware insertion into Wi-Fi and LTE wireless networks.

Overall, United States and NATO are developing various methods and means for remote malware insertion. They include various physical data processing and transmission, and also different environments for proliferation. Countering such types of cyber weapons is a difficult and complex task, demanding considerable research efforts and financial expenditures.


The post An Overview of NATO Efforts To Remotely Embed Malware appeared first on .

Mozambique: ISIS Showcases Wreckage Of Gazelle Helicopter Supposedly Operated By Private Military Contractors

Click to see the full-size image

The ISIS news agency Amaq has released a video showing the wreckage of a Gazelle helicopter that crashed in the area of the Quirimbas Islands to the north of Pemba on April 10.

According to reports, the helicopter, which was allegedly operated by private military contractors, crashed as a result of small arms fire by militants.

During the past months, ISIS terrorists have drastically increased their activity in Mozambique’s Cabo Delgado province. Terrorists carried out a series of successful attacks temporairly capturing several villages and capturing a lot of weapons. In own turn, government forces seem to be unable to properly react to the threat and contain the growth of the terrorist threat.

If the situation develops in this direction and further, there are significant chances that the terrorists will be able to seize at least a part of the province and consolidate control over it.


The post Mozambique: ISIS Showcases Wreckage Of Gazelle Helicopter Supposedly Operated By Private Military Contractors appeared first on .

Cosmonautics Day is an anniversary celebrated on April 12. It’s dedicated to the first manned space flight made on 12 April 1961 by the Soviet cosmonaut Yuri Gagarin. Gagarin circled the Earth for 1 hour and 48 minutes aboard the Vostok 1 spacecraft. To mark this international milestone, Cosmonautics Day is celebrated in Russia and various countries around the world.

Angara Space Rocket Family

Angara is the name of a family of modular space-launch vehicles now under development in Russia.

The product line includes small- to heavy-lift launchers featuring payload capabilities of 3.5 to 38 tonnes when launching into low Earth orbit.

The different Angara versions are made up of varying numbers of Universal Rocket Modules: the URM-1 for the first and second stages and the URM-2 for the third stage.

The small-lift Angara 1.2LV uses one URM-1, while the most powerful variant, Angara 5, uses a cluster of five URM-1 common core boosters.
Each common core booster is equipped with one high performance single-combustion chamber RD-191 engine.

Angara launchers do not use an upper stage when delivering payloads to low orbits. For higher energy orbits such as geosynchronous transfer orbit and geostationary orbit, Angara 5 uses the Briz-M upper stage powered by one S5.98M engine.

The Angara-А5.1L launched in December 2014 consisted of a three-stage Angara-А5 and an ascent unit comprising a satellite mass-size mockup installed on the Briz-M upper stage booster.

The Angara A5 with a Briz-M upper stage launching from Plesetsk Cosmodrome can lift 24.5 tonnes to low Earth orbit, 5.4 tonnes to geosynchronous transfer orbit and 2.8 tonnes to geostationary orbit.

The lift capabilities of the Angara A5V, which is set to be launched from Vostichny Cosmodrome, will be 37.5 tonnes, 13 tonnes and 8 tonnes respectively.

Plans call for the development of a new cryogenic upper stage, the KVTK. It would use the RD-0146D engine and allow Angara A5 to bring up to 2 tonnes more mass to geosynchronous transfer orbit.

The high degree of standardization in the Angara family, combined with its modularity, allows any member of the Angara family to be launched from the same launch pad.

The post Angara Space Rocket Family appeared first on .

SpaceX: Camel’s Nose under the Tent of Space Militarization

IMAGE: Thom Baur/Reuters

Written by J.Hawk exclusively for SouthFront

In the last several decades, and certainly in the post-9/11 environment in which the previous restrictions on the militarization of the American society largely disappeared, the US national security establishment has expand not only by creating new programs and agencies, but also by co-opting non-state actors. Many a US think-tank is now little more than an extension of some US government agency, conducting research to validate previously arrived-at conclusions in furtherance of a specific institutional agenda. Likewise many corporations have gone beyond being mere defense or intelligence contractors. Rather, their business activities are from the outset designed to be readily weaponizable, meshing seamlessly with the armed services and intelligence agencies.

It is not entirely clear how the process works, for there does not appear to be a system of contract awards for specific deliverables. Rather, it seems these capabilities are developed on the initiative of specific businesses which speculate their efforts will be utilized by the US national security establishment ever on the lookout for technological “game-changers”. Moreover, given the unchecked growth of the US national security budget, these entrepreneurs can operate in high confidence their efforts will also be financially rewarded by the intelligence and defense establishments, even if they are not commercially viable.

SpaceX: Camel’s Nose under the Tent of Space Militarization

NSF National Optical-Infrared Astronomy Research Laboratory

We have already seen numerous examples of initially civilian applications being put to use for the benefit of US national security institutions. Facebook has made its databases available to various agencies to test facial recognition technologies, for example. Google and Amazon make their cloud capabilities available to the Pentagon and the intelligence communities. The opposition to China’s Huawei 5G networks and cell phones appears to be motivated by the concern these systems do not have backdoors installed for the benefit of US national security state.

The Sweet Musk of Success

Elon Musk’s business empire has benefitted from its proximity to the US national security state. Musk, an immigrant from the Republic of South Africa, has made his initial fortune by creating PayPal. While Musk has sold his remaining interest in PayPal in 2002, that entity has since then engaged in furthering US national security agendas by blocking payments to organizations which were critical of US policies. This, however, is probably more of a reflection of the subservience of US tech firms to the US government than of Musk’s original intent.

Nevertheless, the timing of Musk’s departure from PayPal and the entry into the space business is noteworthy. Already in the late 1990s, there were rumblings in the United States about the desirability of militarizing space and building up anti-ballistic missile defenses, ostensibly against the so-called “rogue states” of North Korea and Iran. These initiatives gained considerable impetus in 2001, following the election of the Bush-Cheney administration which promptly moved to end the ABM Treaty as the first step toward the future of weaponization of space.

Skunk Works 2

Space-X’s establishment in 2002, the same year the ABM Treaty collapsed due to the Bush Administration abrogation, seems entirely too convenient to be a mere coincidence, even though the stated aims of the company are mainly commercial. Still, it is easy to imagine why a firm focused on the development of low-cost, possibly reusable, space launch vehicles would be useful to the Pentagon. Creating a government program with the same objective would have attracted unnecessary attention. There would be budget appropriations battles, congressional testimony, various forms of oversight, and the inevitable domestic and international opposition to such destabilizing and provocative initiatives. Providing Space-X with technological assistance, allowing it to hire government specialists, then giving it access to lucrative government space launch orders, is a far more attractive proposition. Moreover, the bypassing of the normal defense contracting system actually meant considerable cost savings, thanks to Musk’s red tape-cutting techniques. Its design bureau functioned in a fashion akin to Lockheed’s famous “skunk worls” which developed extremely ambitious projects such as the U-2 and SR-71 in large part thanks to being able to fly “under the radar” (no pun intended). However, since that time Lockheed ballooned into a massive “too big to fail” defense contractor which delivers costly and poorly performing aircraft.

Invisible Hand of the State?

Musk’s fantasies about colonizing Mars and selling seats on orbital space flights proved a very effective cover for the corporation’s core military applications. Moreover, Space-X’s status as a private corporation allows it to defray some of the research and development costs through genuine commercial activities. Yet one has to wonder whether SpaceX success would have been as spectacular if it weren’t for privileged access to government facilities. SpaceX has been able to piggy-back on the massive US government investment in space launch facilities. It is able to operate out of not only Cape Canaveral and the Kennedy Space Center, but even from the Vandenberg Air Force Base. The speed with which SpaceX was able to develop, test, and deploy several different new rocket engine design of the Kestrel, Merlin, Raptor, and Draco families also may be due to privileged access to technologies developed for NASA and military space programs.

Even though SpaceX was founded in 2002, it won a $100 million USAF space launch contract in 2005 and the NASA Commercial Orbital Transportation Services (COTS) contract in 2006, even though the first orbital mission of the Falcon I rocket would not take place until 2008. USAF awarded another $1 billion contract to SpaceX in early 2008, even before the first Falcon I flight.  SpaceX has become the de-facto research and development branch of NASA when it comes to manned spaceflight. The 2014 NASA contract for the Crew Dragon has so far resulted in one successful docking with the International Space Station, though without a crew on board, and was followed by a successful splashdown. The larger Starship reusable heavy manned spacecraft is expected to start flying in the 2020s.

SpaceX: Camel’s Nose under the Tent of Space Militarization

Click to see the full-size image

Competition from United Launch Services and even Boeing notwithstanding, there is little doubt SpaceX is to US manned spaceflight what Boeing is to heavy commercial aircraft and Lockheed-Martin to “fifth-generation” fighters. It has become the primary go-to contractor of such systems for both commercial and military US government applications, with the competitors being maintained in existence with occasional contracts largely as insurance against spectacular failure of SpaceX.

The United States SpaceX Force

SpaceX portfolio of reusable space launch vehicles, manned spacecraft, and most recently also satellites means that the company is well positioned to serve as a one-stop shopping center for the newly created branch of the US armed forces. Given the United States’ desire to weaponize space as part of its effort to undermine strategic nuclear deterrence of rival powers, namely the Russian Federation and the People’s Republic of China, there is every reason to expect SpaceX will be a recipient of considerable financial largesse from the USSF.

SpaceX: Camel’s Nose under the Tent of Space Militarization

Click to see the full-size image

Arguably the most intriguing project SpaceX is pursuing is Starlink, a proposed network of over four thousand miniature satellites whose ostensible aim is to provide broadband internet service to the entire planet. However, the interest in Starlink demonstrated by the US military suggests that, once again, this is at the very least a dual-use project. Articles discussing the military’s interest in Starlink cite the possibility of it becoming the replacement for the aging J-STARS airborne ground target acquisition radars, suggesting these satellites’ emissions can be used to track moving land objects. If that is indeed the case, they could also serve the role of anti-ballistic missile warning satellites, and even be used to track stealth aircraft, since the constellation of satellites would function as a massive distributed multi-static radar array.

The Final Frontier

The mad pace of SpaceX has not been without mishaps. The Crew Dragon, in particular, suffered a number of embarrassing failures, and it may yet be that the corner-cutting hell-for-leather approach the corporation may yet lead to disaster when applied to the considerably more demanding problem of manned spaceflight. Other private entrepreneurs, such as Burt Rutan’s Scaled Composites and Richard Branson’s Virgin Galactic, either suffered fatal accidents that greatly delayed their respective programs or prompted their shut-down. SpaceX, however, differs from them in that its main customer is the US government that is greatly interested in having the USSF dominate the Earth’s orbit in the same way as the USN dominates the global ocean by establishing large-scale permanent presence of US military personnel in space. The US government has gambled SpaceX will deliver products necessary for such domination. Whether it can do that still remains to be seen.

The post SpaceX: Camel’s Nose under the Tent of Space Militarization appeared first on .

Mercy-Class Hospital Ship (Infographics)

Click to see the full-size image

Mercy-class of hospital ships are created from San Clemente-class supertankers used by the United States Navy. There are two ships of the class: USNS Mercy (T-AH-19) and USNS Comfort (T-AH-20). They are operated by Military Sealift Command and are designed to provide emergency, on-site care for American combatant forces, and also for use in support of disaster relief and humanitarian operations.

Recetly, reports appeared that the US is activating USNS Mercy (T-AH-19) in response to the coronavirus outbreak in the country.


The post Mercy-Class Hospital Ship (Infographics) appeared first on .