Earlier this week I featured a report originally published by Amnesty International, discussing how various War Crimes are currently being carried by forces representing the United Arab Emirates in Yemen – primarily enabled by weapon shipments made available to them by the United States and European allies. As the report was quick to point out, nearly all of these arms transfers constitute violations of international law and various internationally negotiated treaties surrounding the delivery of weapons into War zones, especially in light of how these weapons ultimately wind up being used.
Now, I’m not exactly sure why it didn’t dawn on me until hours after publishing the original article, but the whole ordeal reminded me of a separate instance involving the UAE in 2017 – in which various international partners were co-conspirators in the violation of international law, also involving the illegal transfer of weapons and munitions from Western allies/powers to the UAE. For those of you whom do not remember, back in June of 2017 the UAE’s ambassador to the United States, Yousef Otaiba, had his emails hacked and leaked online by an unknown group hackers flying under the flag of “Global Leaks” – allegedly with close ties to Russia. Most notably exposed within the leaked material, at least in my opinion, were exchanges between Otaiba and then National Security adviser to Barack Obama, Susan Rice, discussing the arrival of “military equipment” to Libya in 2014 – equipment originally shipped from the United States but arriving in Libya via cargo planes from the UAE.
While the emails have since been taken down, copies of the exchange between Rice and Otaiba read “MBZ asked me to inform you that we will be sending ‘equipment’ to our friends in the western part of Libya in the next 2-3 days. They will arrive in a UAE cargo aircraft and will be escorted by a UAE military contingent, just to insure safe passage. He just wanted me to give you a heads up this will be happening so that no one is caught off guard.” To which Susan Rice simply responded “Roger. Thanks.”
As a report from Middle East Eye about the leaked material in question also outlined at the time, “while the words “weapons” or “arms” were not specifically mentioned, the 2014 correspondence roughly tracks a UN Security Council report leaked to MEE in June saying the UAE had illegally shipped weapons to rebels loyal to military leader Khalifa Haftar.” Explaining how “the UN has kept Libya under an arms embargo since the 2011 uprising that drove then leader Muammar Gaddafi from power, but the Security Council report details a “general increase in direct foreign support to armed factions in Libya” – including from the United States, the highest ranking member of the UN Security Council.
A later report presented to the United Nations in 2017 documented the arrival of 9 helicopters, 4 of which were heavily armed and designed for combat, a Mi-24 Hind gunship, a AT-802i single-engine light attack plane, as well as more than 500 military vehicles – including 90 armored personnel carriers. The report also details how, after its initial arrival, the AT-802i aircraft, originally designed to fight fires, had been re-fabricated and made into “a counter-insurgency and strike aircraft.” Moreover, following the conclusion of these initial deliveries, investigators also documented the delivery of 48 additional aircraft into Libya, all directly shipped to the country from the UAE between the years of 2014-2017.
As for where the ‘equipment‘ was actually delivered and to whom, the report indicates that the Libyan National Army (LNA) was the primary recipient – largely stationed throughout Eastern Libya, but heavily concentrated in the Eastern city of Tobruk. This is also particularly interesting to note because the country of Libya had been under a complete arms embargo by both the United Nations and NATO dating back to 2011 – quite literally making these shipments violations of international law.
Download Full 2017 Arms Report Presented To UN: https://anonfile.com/0db9idt1bd/pax-report-under-the-radar-arms-trade_pdf
2011 Arms Embargo from United Nations: https://www.legco.gov.hk/yr08-09/english/hc/sub_com/hs02/papers/hs02cb1-2642-1-e.pdf
2011 Arms Embargo from NATO: https://www.nato.int/nato_static_fl2014/assets/pdf/pdf_2011_02/20110927_110226-UNSCR-1970.pdf
The Cyber Attack Which Followed
Around that time, in September 2017, what I remember standing out to me most was coming under heavy assault from Ukrainian hackers – presumably for hosting screen shots of the leaked material well after Global Leaks had their domain shutdown and all of the content from it was scrubbed offline. I say this because the attackers attempting to launch cyber attacks against my website were all trying to leverage a single URL address, a URL address featuring my reporting on/of the leaked material described above. To this day, no one has ever gotten closer to hacking any one of my websites or social platforms than those Ukrainian hackers did that week, the week of September 15th 2017.
To accomplish this, hackers launched something known as an Edge Side Includes (ESI) attack in order to execute a Cross–Site Scripting (XSS) attack via the syndicated connection between my WordPress publishing dashboard and Twitter account. In fact, if not for the legacy No Script browser extension installed on my Mozilla Firefox, first alerting me to the attempted attack, the hackers would have actually been successful in getting through. What’s perhaps even more interesting to note is that I managed to absorb and mitigate these attacks a little less than 9 months before they were first “discovered” by researchers working for GoSecure in April 2018.
Fortunately though, as fate would have it, there was no soup to be had for those Ukrainian hackers/dick eaters, and not a single one of them ever managed to get through or take down my site. Still though, I contend that I learned more about website security/vulnerabilities that week than any week prior. So, in a messed up kind of way, I guess I should almost thank them for what they did – though I never could quite figure why Ukrainians were trying so hard to cover for Susan Rice? I also wish I could remember or that I had saved it somewhere at the time, because I distinctly remember tracing one of the IP’s behind the attack directly back to a mayor’s office/address in Ukraine – though I can not accurately specify which or to whom accurately here today.
While I did have to blacklist the entire country of Ukraine to seal off portions of the attack at one point, Rogue Security Labs recently mitigated a similar Varnish Cache attack in October 2018 – essentially utilizing many of the same methodologies to mitigate the attack as I once did for Ukraine’s ESI and XSS attacks in 2017. If you would like to read more about these strategies, as well as how to implement them for yourself, you are invited to learn more through the threat analysis and security tutorial provided below.
Learn More – Advanced Caching Attack Spotted Targeting WordPress Owners: https://roguesecuritylabs.ltd/cache-attacks-wp-trashbin/
Browser Security Strategies – Including Mozilla: https://roguesecuritylabs.ltd/building-selecting-safer-web-browsers/