FETÖ’s army infiltrators nabbed in nationwide operations
POLICE arrested 130 people in nationwide operations yesterday against a secret network of infiltrators in the Turkish army linked to the Gülenist Terror Group (FETÖ). The Chief Prosecutor’s Office in the western province of İzmir had issued arrest warrants earlier for suspects while 18 others wanted by authorities remain at large.
Security forces raided dozens of locations in 47 provinces to capture the suspects who were identified through their contacts with the terrorist group’s socalled “imams” or handlers in charge of infiltrators, via payphones. Payphones are commonly used to avoid detection and arrange meetings between terrorist group’s members. Authorities say 103 among the captured and wanted suspects were activeduty military officers while others were mostly former soldiers. Some suspects were identified through the testimonies of former FETÖ members who confessed infiltration schemes in exchange of a lenient prison term.
The large network of infiltrators in the army were serving in all branches of the Turkish Armed Forces (TSK), from Land Forces Command to Air Forces and Naval Forces and Gendarmerie General Command. Among the suspects were a colonel, three majors and eight captains. Fourteen among them were military cadets who were expelled from military schools following the July 15, 2016 coup attempt, on suspicion of having links to the terrorist group. FETÖ was behind the coup attempt which killed 251 people and injured nearly 2,200 others.
The Chief Prosecutor’s Office in İzmir said in a written statement that the investigations were underway against the terrorist group and that they were cooperating with branches of the army to uncover possible FETÖ infiltrators. Between Oct. 2020 and Jan. 19, 2021 alone, prosecutors in the province which is home to several military bases, launched criminal proceedings against 652 military officers, mostly active-duty soldiers, for their links to the terrorist group. Investigations also led to the dismissal of 623 military officers from the army, on suspicion of FETÖ links while a criminal probe against them continues.
LEADING technology companies said Tuesday that a monthslong breach of corporate and government networks in the United States was so sophisticated, focused and labor-intensive that a nation had to be behind it, with all the evidence pointing to Russia.
In the first congressional hearing on the breach, representatives of technology companies involved in the response described a hack of almost breathtaking precision, ambition and scope. The perpetrators stealthily scooped up specific emails and documents on a target list from the U.S. and other countries.
“We haven’t seen this kind of sophistication matched with this kind of scale,” Microsoft President Brad Smith told the Senate Intelligence Committee.
Smith said investigators estimate at least 1,000 highly skilled engineers would have been required to develop the code that hijacked widely used network software from Texas-based SolarWinds to deploy malware around the world through a security update.
“We’ve seen substantial evidence that points to the Russian foreign intelligence agency, and we have found no evidence that leads us anywhere else,” Smith said.
U.S. national security officials have also said Russia was likely responsible for the breach, and President Joe Biden’s administration is weighing punitive measures against Russia for the hack as well as other activities. Moscow has denied responsibility for the breach.
Officials have said the motive for the hack, which was discovered by private security company FireEye in December, appeared to be to gather intelligence. On what, they haven’t said.
At least nine government agencies and 100 private companies were breached, but what was taken has not been revealed.
White House press secretary Jen Psaki said Tuesday that it would be “weeks, not months,” before the U.S. responds to Russia.
“We have asked the intelligence community to do further work to sharpen the attribution that the previous administration made about precisely how the hack occurred, what the extent of the damage is and what the scope and scale of the intrusion is,” Psaki said. “And we’re still in the process of working that through now.”
FireEye CEO Kevin Mandia told the Senate that his company has had nearly 100 people working to study and contain the breach since they detected it, almost by accident, in December and alerted the U.S. government.
The hackers first quietly installed malicious code in October 2019 on targeted networks but didn’t activate it to see if they could remain undetected.
They returned in March and immediately began to steal the login credentials of people who were authorized to be on the network so they could have a “secret key” to move around at will, Mandia said.
Once detected, “they vanished like ghosts,” he said. “There’s no doubt in my mind that this was planned,” the security executive said. “The question really is where’s the next one, and when are we going to find it?”
Government agencies breached include the Treasury, Justice and Commerce departments, but the full list has not been publicly released. The president of Microsoft, which is working with FireEye on the response, said there are victims around the world, including in Canada, Mexico, Spain and the United Arab Emirates (UAE).
The panel, which also included Sudhakar Ramakrishna, the CEO of SolarWinds who took over the company after the hack occurred, and George Kurtz, the president and CEO of CrowdStrike, another leading security company, faced questions not just about how the breach occurred but also about whether hacking victims need to be legally compelled to be forthcoming when they have been breached. Even now, three months after the breach was disclosed, the identity of most victims remains unknown.
Congress has considered in the past whether to require companies to report that they have been the victim of a hack, but it has triggered legal concerns, including whether they could be held liable by clients for the loss of data.
U.S. authorities are also considering whether to give additional resources and authority to the Cybersecurity and Infrastructure Agency or other agencies to be able to take a more forceful role in working to prevent future breaches.
Another measure that has been considered is to create a new agency, like the National Transportation Safety Board, that could quickly come in and evaluate a breach and determine whether there are problems that need to be fixed.
Sen. Ron Wyden, one of the most prominent voices on cyber issues in the Senate, warned that the U.S. must first make sure that government agencies breached in this incident have taken the required security measures.
“The impression that the American people might get from this hearing is that the hackers are such formidable adversaries that there was nothing that the American government or our biggest tech companies could have done to protect themselves,” said Wyden, an Oregon Democrat. “My view is that message leads to privacy-violating laws and billions of more taxpayer funds for cybersecurity.”