Cyber Security Intelligence

Twitter< Follow on Twitter>

March Newsletter #2 2015

Snowden Ready to return to the US if he got a Fair Trial

Former U.S. National Security Agency employee Edward Snowden is ready to return home if he is guaranteed a fair trial, his lawyer in Russia Anatoly Kucherena said Tuesday.
The lawyer has said he received a letter from the US attorney general promising that capital punishment would be off the table for Snowden should he return to the United States.

Former NSA contractor and whistleblower Edward Snowden | Photo: Reuters

Snowden's lawyer added that he and his client, currently residing in Russia, are under constant surveillance.

"We are always followed [by somebody]. I don't know which way I should choose to go back home," said Kucherena.

In June 2013, Snowden leaked thousands of documents that showed not only that the NSA spied on US citizens, but also on foreign presidents, such as those of Germany, Mexico, and Brazil.

The Future of Government Surveillance - Looks Like

Before the Internet, when surveillance consisted largely of government-on-government espionage, agencies like the NSA would target specific communications circuits: that Soviet undersea cable between Petropavlovsk and Vladivostok, a military communications satellite, a microwave network. This was for the most part passive, requiring large antenna farms in nearby countries.

Modern targeted surveillance is likely to involve actively breaking into an adversary's computer network and installing malicious software designed to take over that network and "exfiltrate" data—that's NSA talk for stealing it. To put it more plainly, the easiest way for someone to eavesdrop on your communications isn't to intercept them in transit anymore; it's to hack your computer.

In 2011, an Iranian hacker broke into the Dutch certificate authority DigiNotar. This enabled him to impersonate organizations like Google, the CIA, MI6, Mossad, Microsoft, Yahoo, Skype, Facebook, Twitter, and Microsoft's Windows Update service. That, in turn, allowed him to spy on users of these services. He passed this ability on to others—almost certainly in the Iranian government—who in turn used it for mass surveillance on Iranians and probably foreigners as well. Fox-IT estimated that 300,000 Iranian Gmail accounts were accessed.

In 2009, Canadian security researchers discovered a piece of malware called GhostNet on the Dalai Lama's computers. It was a sophisticated surveillance network, controlled by a computer in China. Flame is a surveillance tool that researchers detected on Iranian networks in 2012; these experts believe the United States and Israel put it there and elsewhere. Red October, which hacked and spied on computers worldwide for five years before it was discovered in 2013, is believed to be a Russian surveillance system. So is Turla, which targeted Western government computers and was ferreted out in 2014. The Mask, also discovered in 2014, is believed to be Spanish. Iranian hackers have specifically targeted U.S. officials. There are many more known surveillance tools like these, and presumably others still undiscovered.

Stuxnet is the first military-grade Cyber weapon known to be deployed by one country against another. It was launched in 2009 by the United States and Israel against the Natanz nuclear facility in Iran, and succeeded in causing significant physical damage. A 2012 attack against Saudi Aramco that damaged some 30,000 of the national oil company's computers is believed to have been retaliation by Iran.

There's an interesting monopolistic effect that occurs with surveillance. Espionage basically follows geopolitical lines; a country gets together with its allies to jointly spy on its adversaries. That's how we did it during the Cold War. It's politics.

Mass surveillance is different. If you're truly worried about attacks coming from anyone anywhere, you need to spy on everyone everywhere. And since no one country can do that alone, it makes sense to share data with other countries.

But whom do you share information with? You could share with your traditional military allies, but they might not be spying on the countries you're most worried about. Or they might not be spying on enough of the planet to make sharing worthwhile. It makes the best sense to join the most extensive spying network around. And that's the United States.

This is what's happening right now. U.S. intelligence agencies partner with many countries as part of an extremely close relationship of wealthy, English-speaking nations called the Five Eyes: the U.S., U.K., Canada, Australia, and New Zealand. Other partnerships include the Nine Eyes, which adds Denmark, France, the Netherlands, and Norway; and the Fourteen Eyes, which adds Germany, Belgium, Italy, Spain, and Sweden. And the United States partners with countries that have traditionally been much more standoffish, like India, and even with brutally repressive regimes like Saudi Arabia's.

All of this gives the NSA access to almost everything. In testimony to the European Parliament in 2014, Snowden said, "The result is a European bazaar, where an EU member state like Denmark may give the NSA access to a tapping center on the (unenforceable) condition that NSA doesn't search it for Danes, and Germany may give the NSA access to another on the condition that it doesn't search for Germans. Yet the two tapping sites may be two points on the same cable, so the NSA simply captures the communications of the German citizens as they transit Denmark, and the Danish citizens as they transit Germany, all the while considering it entirely in accordance with their agreements."

The endgame of this isn't pretty: It's a global surveillance network where all countries collude to surveil everyone on the entire planet. It'll probably not happen for a while—there will be holdout countries like Russia that will insist on doing it themselves, and rigid ideological differences will never let countries like Iran cooperate fully with either Russia or the United States—but most smaller countries will be motivated to join. From a very narrow perspective, it's the rational thing to do.

How you could become a victim of cybercrime in 2015

Cybersecurity experts' predictions for the year ahead: from ransomware and healthcare hacks to social media scams and state-sponsored cyberwar

Online security companies have been making their predictions for 2015, from the malware that will be trying to weasel its way onto our computers and smartphones to the prospect of cyberwar involving state-sponsored hackers.

The more we do and share online, the more vulnerable we may be to "targeted" attacks to steal our passwords and data. "It is possible that our willingness to share and shop online will let criminals become more selective about who they target," suggests Stephen Bonner of KPMG.
Meanwhile, you may see more spam emails in your inbox in 2015, as the technology used to send them becomes more sophisticated.

Healthcare is also expected to be a target. "Companies operating in the sector are a privileged target because of the wealth of personal data they manage, and that represents a precious commodity in the criminal underground," notes InfoSec Institute.

One of the most common forms of malware in 2014 was "ransomware", where cybercriminals trying to extort money from victims either by locking their devices and demanding a fee to release them, or by accusing them of various unpleasant crimes.

One of the big announcements for Apple in 2014 was the launch of its mobile payments service, Apple Pay. However, several security companies expect cybercriminals to make a concerted effort to crack it and rival services in 2015.

Some of the most high profile vulnerabilities in 2014, such as Shellshock and Heartbleed, provoked discussion about the security of open source code. Several security companies expect this debate to continue in 2015.

Technology like Tor is used for a variety of reasons, including activists anonymising their online activities when under pressure from authoritarian governments. However, this kind of technology will also be used by more cybercriminals in 2015.

As more of our devices talk to one another, via the "Internet of Things", there may be a range of new cybersecurity headaches to think about. WebSense thinks that in 2015, attacks on the Internet of Things will focus more on businesses than individuals with gadgets.

"Cyber warfare is very attractive to small nations. The development of a government-built malware is cheaper than any other conventional weapon and far more accessible to any nation-state. Cyber warfare represents for every government an efficient alternative to conventional weapons," notes InfoSec Institute.

The boundaries between cybercriminal gangs and governments may also blur. "Criminal groups will increasingly adopt nation-state tactics," predicts Kaspersky.

More CEOs Discover Power of Analytics

CEOs are looking to digital tools such as data analytics, mobile, cybersecurity and the Internet of Things to help them seize bigger opportunities for their organizations, according to a new study from consulting firm PwC.

A majority of the 1,322 worldwide CEOs surveyed by the firm (84%) say digital technologies are creating "quite high" or "very high" value through data and data analytics—second only to value through operational efficiencies (88%).

In terms of industries, CEOs in banking and capital markets, healthcare, hospitality and leisure and insurance have a greater tendency to see value in data and data analytics (90% each), according to the study.

Most of the chief executives (81%) say mobile technologies for customer engagement are "very" or "somewhat" strategically important to their organizations. CEOs in the communications industry most felt this way, with 98% saying so. A large percentage (80%) of CEOs feel the same about data mining and analysis.

Companies are beginning to consistently apply analytics to gain insights about talent, and 46% of CEOs globally say they always use data analytics to gain better insight into how effectively skills are being deployed in the organization.

Nearly 80% of the CEOs say they always use multiple channels to find talent, including online platforms and social networks; and many actively search for talent in different geographies, industries, and demographic segments.

In making the most of data, CEOs look beyond their own walls to consider its security and movement. Nearly two thirds of the CEOs view cyber threats, including a lack of data security, as a threat to their growth prospects.

Private Equity and Cyber Security: The 3 Weak Points

If you are a private equity general partner, and not directly involved in cyber security, you may well be astonished by how frequent, how persistent and how well organised cyber attacks are. You may well also be surprised that a private equity general partner – as well as its portfolio companies – is of special interest to cyber attackers.

Private equity COOs and managing partners should consider the three main areas of the private equity business model that are susceptible to cyber attack:

1. Acquisitions and disposals

The cyber security threat around corporate finance transactions has already been recognised as a key issue by HM Government. M&A activity is a common target of espionage, ranging from corrupt competitors to foreign intelligence services. During the weeks or months leading up to a change in ownership, organisations on all sides of a deal face a heightened risk of cyber espionage from interested parties seeking to gain competitive advantage in the process.
The timing of these attacks does not necessarily correlate with the deal news going public; they frequently occur before this and it should be assumed that as soon as the idea of a merger or acquisition is discussed – even in private – there is a risk of a compromise. You may therefore wish to operate under the assumption you are at risk at all times, and put in place the necessary measures.

2. Financial information

Private equity firms are at greater risk than most businesses when it comes to higher value fraud attempts via cyber attack. You are likely to hold financial and business information relating to your fund, your portfolio companies and your investors. All of this data has the potential to yield a high value return for an attacker.

3. Erosion of portfolio company valuation

All companies – whether private equity-owned or not – are at risk of cyber attack. We will look in subsequent blogs at which assets within a portfolio are most at risk, but suffice to say that cyber attacks, in particular due to the reputational damage they can cause, can have a tangible effect on company valuation.

A successful private equity general partner understands which risks might undermine success and cyber security is no different. The GP needs to consider the specific cyber threats facing the businesses in their portfolio, and ensure that these risks are being managed. This is not purely a technology challenge, but also involves people, information systems, processes, culture and physical surrounding – A holistic view needs to be taken. Understanding and managing these risks will allow PE to capitalise on the immense opportunity for growth and develop in a digital age.

To get a sense of the sheer scale of corporate cyber crime, I would recommend reading this Financial Times article by Caroline Binham, in which members of our cyber security team discuss the developing battleground of cyber warfare.

Malware Tracks a Smartphone Without Location Data

The way your smartphone uses power provides a simple way to track it, say computer scientists who have developed an app to prove it.

Nobody wants to think they are being tracked even though they carry the technology to do so in their own pockets. That's why the Android and iOS operating system prevent third party apps from accessing location data without the specific permission of the user. But it turns out that malware can track you anyway, without this data.

Malicious software can determine the position of a smartphone simply by measuring the way it uses the power. The technique is straightforward in theory. The idea is that a smartphone's power usage depends largely on the distance from the nearest base station. As a user moves, this distance changes, increasing or decreasing the power needed to communicate with a base station. So the power usage profile is strongly correlated with the movement of the phone, or in other words, with the route taken by its owner. Given several different potential routes, the power usage profile should reveal which the user has taken.

So what can be done to prevent this kind of spying? One option is to prevent apps gaining access to power usage data at all, although this is probably overkill. A better option is to give apps access to power usage data other than those involved in radio communication. That should be straightforward to implement, if Android or iOS can be bothered.

Kenya: Step Up Cyber War Against Al Shabaab

The Cyber war against the al Shabaab needs to be stepped up urgently if there should be any legitimate expectation of defeating them and preventing further loss of lives of people in Kenya, Somalia and the whole region.

While the military assault on the criminal group is on going and has to some degree degraded their capabilities, al Shabaab is still very active in cyber space, recruiting more members and spreading their propaganda to influence the minds of our unsuspecting youths.

It is unbelievable that such a terrorist organisation, which has killed hundreds of Kenyans and Somalis and vows to kill more in future, can be allowed to operate websites to enhance its activities.

Currently, al Shabaab is openly operating a number of websites to spread their toxic ideology of encouraging and justifying attacks inside Kenya, Somalia and the whole region.
There are three most notorious al Shabaab websites currently in active operation and are virtually unchallenged.

All of them are in Somali language, with the exception of one, which also runs a Kiswahili segment targeting and luring Kenyan youth with their glorified messages.

Another mostly posts audio and written material from al Shabaab official radio station Al Andalus, which is still on air in parts of Southern Somalia where the group is still in control.
It is in these dubious websites that the terrorist group often posts their written and audio messages after carrying out attacks, justifying and glorifying the killing of innocent people and encouraging further attacks.

The websites are used to actively recruit the next generation of terrorists by misleading young minds to join their 'noble struggle'.

The group regularly calls for the killing of Islamic religious and political leaders, including those in Kenya, who speak out against them.

So what can be done about these toxic websites and others similar to them that are furthering the evil agenda of terrorism in Kenya and the region?

Law enforcement agencies, especially those involved in cyber counter-terrorism, can have the websites taken down by contacting the companies hosting them. Typically, web-hosting companies host thousands of websites and may not be able to keep track of the activities of all those websites, allowing terrorist groups to take advantage of such loopholes.

In addition, al Shabaab websites are written in Somali and foreign web hosting companies may not be aware of their contents until they are alerted by law enforcement agencies.

But once they realise and confirm that they are hosting dangerous websites, web hosting companies take them down to avoid falling foul of the law, which prohibits hosting websites that promote terrorism and other criminal activities.

Since terrorist groups whose websites are taken down often quickly jump to other unsuspecting web hosting companies to keep their websites online, there is need for dedicated online counter-terrorism teams to prevent them from doing so.

It is time that Kenya, Somalia and countries in the region developed and enhanced their online 'armies' to deny al Shabaab a voice.

This 'army' should ensure that terrorist groups like al Shabaab do not take advantage of their Internet to promote, justify and glorify terrorism and recruit the next generation of killers.
Twitter has consistently and actively prevented al Shabaab and other terrorist groups from misusing their platform to spread terrorism.

In addition, last year, the US law enforcement agencies shut down a notorious pro-Shabaab website.

Al Shabaab may be the only terrorist organisation that is enjoying virtually unchallenged leeway to actively operate websites to promote their evil agenda.

Attempts by other terrorist groups like ISIS, al Qaeda and Boko Haram to take advantage of the Internet for their evil agenda continue to be actively thwarted. Al Shabaab should not be the exception.

The Dark Web: anarchy, law, freedom and anonymity

The Deep Web, the bit of the World Wide Web that's not indexed by search engines like Google and Bing, is of intense interest to people who want to avoid government spies and law enforcement.

It is a lawless cyber-frontier with similarities to the Old West; it is intrinsically neither good nor bad but it holds particular attraction for pioneers because its resources haven't been fully explored, and it holds particular attraction for criminals because they can get away with doing things there that they can't do elsewhere. Like the Old West when it was everything west of the Mississippi river, the Deep Web appears to be larger than the territory that's already been settled but genuine outposts of activity are probably quite sparse and widely separated.

For the most part, the fact that sites in the Deep Web don't appear in Google results is a reflection of Google's commercial priorities and indexing methods rather than anything sinister.

Most of the Deep Web is dark for the same reason that the Old West was dark - it hasn't been worth anyone's while to install good lighting.

A small corner of the Deep Web is really dark though - so dark that it's called the Dark Web - because fundamental things like who you are and where you or the website you're using is located are a secret. This is the domain created by tools like Tor and I2P that provide ways to interact that are difficult to discover, and are anonymous and untraceable.

The Dark Web is many things to many people - it can be a safe haven and a secure communication channel for spies, citizens, journalists and whistle-blowers for example - but for the worst criminals it is the safest place to conduct their business online. It attracts people who want to engage in things like robbery to order, sex trafficking, arms trafficking, terrorism and distributing child pornography.

A report published by the Global Commission on Internet Governance entitled The Impact of the Dark Web on Internet Governance and Cyber Security proposes areas that law enforcement efforts should focus on.

Although their report is deliberately focused on the negative impact of the Dark Web they offer an even-handed view, describing it in non-judgmental terms and detailing both its capacity to save lives and the extreme criminality that finds safe haven in it.

The paper provides an interesting insight into how the content of the Dark Web, not just the technology, makes life difficult for law enforcement: ...crawling the clear Internet is usually an operation involving the retrieval of resources related to a site, this is not recommended in the Dark Web.

The paper exposes our most modern dilemma, writ large again; I want personal freedom, I want encryption, I don't want dragnet surveillance but I don't want safe havens for paedophiles or sex traffickers either and I don't want to have to make an absolute trade between any of those things.

The Dark Web isn't intrinsically bad, nor criminal, but it's folly to deny that alongside its ability to protect privacy and save lives, it is a magnet for extreme criminality.

As police forces get better at prosecuting cross-border crime on the regular web, it's likely to become an ever more popular place for criminals to do business too.

What happen when the Internet of Things becomes AI?

When Stephen Hawking, Bill Gates and Elon Musk all agree on something, it's worth paying attention.

All three have warned of the potential dangers that artificial intelligence or AI can bring. The world's foremost physicist, Hawking said that the full development of artificial intelligence could "spell the end of the human race". Musk, the tech entrepreneur who brought us PayPal, Tesla and SpaceX described artificial intelligence as our "biggest existential threat" and said that playing around with AI was like "summoning the demon". Gates, who knows a thing or two about tech, puts himself in the "concerned" camp when it comes to machines becoming too intelligent for us humans to control.

What are these wise souls afraid of? AI is broadly described as the ability of computer systems to ape or mimic human intelligent behavior. This could be anything from recognizing speech, to visual perception, making decisions and translating languages. Examples run from Deep Blue who beat chess champion Garry Kasparov to supercomputer IBM Watson who outguessed the world's best Jeopardy player.

An important component of AI, and a key element in the fears it engenders, is the ability of machines to take action on their own without human intervention. This could take the form of a computer reprogramming itself in the face of an obstacle or restriction.

Needless to say, there are those in the tech world who have a more sanguine view of AI and what it could bring. Kevin Kelly, the founding editor of Wired magazine, does not see the future inhabited by HAL's – the homicidal computer on board the spaceship in 2001: A Space Odyssey. Kelly sees a more prosaic world that looks more like Amazon Web Services: a cheap, smart, utility which is also exceedingly boring simply because it will run in the background of our lives. He says AI will enliven inert objects in the way that electricity did over 100 years ago.

Running parallel to the extraordinary advances in the field of AI is the even bigger development of what is loosely called, the Internet of Things (IoT). This can be broadly described as the emergence of countless objects, animals and even people with uniquely identifiable, embedded devices that are wirelessly connected to the Internet. These 'nodes' can send or receive information without the need for human intervention. There are estimates that there will be 50 billion connected devices by 2020. Current examples of these smart devices include Nest thermostats, WiFi-enabled washing machines and the increasingly connected cars with their built-in sensors that can avoid accidents and even park for you.

So what happens when these millions of embedded devices connect to artificially intelligent machines? What does AI + IoT = ?

The answer may lie in some new thinking about consciousness. As a concept, as well as an experience, consciousness has proved remarkably hard to pin down. We all know that we have it (or at least we think we do), but scientists are unable to prove that we have it or, indeed, exactly what it is and how it arises. Dictionaries describe consciousness as the state of being awake and aware of our own existence. It is an "internal knowledge" characterized by sensation, emotions and thought.

Back in the mid-1990s, the author Jennifer Cobb Kreisberg wrote an influential piece for Wired, A Globe, Clothing Itself with a Brain. In it she described the work of a little known Jesuit priest and paleontologist, Teilhard de Chardin, who 50 years earlier described a global sphere of thought, the "living unity of a single tissue" containing our collective thoughts, experiences and consciousness.

Teilhard called it the "noosphere" (noo is Greek for mind). He saw it as the evolutionary step beyond our geosphere (physical world) and biosphere (biological world). The informational wiring of a being, whether it is made up of neurons or electronics, gives birth to consciousness. As the diversification of nervous connections increase, de Chardin argued, evolution is led towards greater consciousness. Or as John Perry Barlow, Grateful Dead lyricist, cyber advocate and Teilhard de Chardin fan said: "With cyberspace, we are, in effect, hard-wiring the collective consciousness."

So, perhaps we shouldn't be so alarmed. Maybe we are on the cusp of a breakthrough not just in the field of artificial intelligence and the emerging Internet of things, but also in our understanding of consciousness itself. If we can resolve the privacy, security and trust issues that both AI and the IoT present, we might make an evolutionary leap of historic proportions. And it is just possible Teilhard's remarkable vision of an interconnected "thinking layer" is what the web has been all along.

How do we police the digital age?

Opinion by Giles Herdale

How is policing going to adapt to the seismic changes caused by the digital revolution? How is crime changing as a result of technology and what does this mean for the needs of victims? At a time of continuing austerity with pressures on the police service seemingly from all sides how can forces develop new skills and capabilities to police the digital age? And how do we reduce vulnerabilities and get better at designing out crime online? These are some of the most pressing issues facing policing in the UK, and this week marked a major milestone in the progress towards developing a digital policing strategy, led by Chief Constable Stephen Kavanagh.

On Tuesday 17th February over 50 national police leaders, policymakers, academics and practitioners gathered at the NCA offices in London to develop a digital intelligence and investigation strategy. There is much work innovative already in train, from building new digital forensics capabilities in partnership with commercial providers, to the establishment of new regional cybercrime teams, and work to develop better reporting services for victims. But there was considerable consensus that this work needs better co-ordination and stronger national leadership if policing is going to respond to the scale of the challenge.

And this poses challenges beyond doing existing things in a better or more joined up way. The nature of digital communication enabling anyone to communicate with anyone instantly and globally fundamentally challenges a policing model based on proximity of victims, offenders and locations. The very real legal and practical challenge of tracking digital communications across the world means that reactive investigative interventions will have significant limitations. So we need to think laterally about better ways of problem solving, and developing new partnerships, based on the principles of agility and responsiveness.

These are not issues that will be easy to address. But they are ones that the UK will have to face. Remember that the UK has one of the highest penetrations of online retailing in the world, and very high usage of social media and other online services. No one country can address what is a symptom of globalisation on its own. So policing and law enforcement not just in the UK, but in partner states, will need to adapt rapidly if it is to remain relevant and continue to command the public trust that it currently enjoys. We'd welcome the input of police practitioners, industry, academia and victims of crime as we develop a framework for addressing digital investigation and intelligence.

It's only a matter of time before a drone kills someone

It's only a matter time before a drone such as the one that crashed outside the White House will fall out of the sky and kill someone. This is the stark warning issued by the Institute of Electronics and Electrical Engineering (IEEE) recently at Mobile World Congress (MWC).

Kevin Curran, senior lecturer in Computer Science at the University of Ulster, and technical expert for Internet and security at the IEEE, said that making powerful drones available in the consumer market leads to civilians being injured or even killed.

"People are just flying drones wherever they can and it is only a matter of time before we see a death in the UK from a drone." Curran explained that this could happen if a drone hits a building without the propeller guards up.

"Once drones hit a solid item, without propeller guards up, they fall from the sky; that's all they can do. And I guarantee that there'll be a lot of accidents in the next 12 months and I'm pretty sure we'll see a death," he said.

Drones like the Hubsan X4 Pro, which was unveiled at CES this year, are safer as they are fitted with a parachute that activates after a collision.

Making these parachutes available as an attachment for existing drones could ease the concerns about a death from someone being hit, according to Curran. Curran also said that he expects to see drones become a form of wireless advertising in the skies very soon, hovering in the streets for maximum visibility.

A Theory About MH370: 'Putin ordered plane to be flown to Kazakhstan'

Vladimir Putin ordered Russia's special forces to hijack Malaysia Airlines flight MH370 and fly it to a spaceport in Kazakhstan, an aviation expert who appeared on CNN has claimed.
Jeff Wise, a private pilot and science writer, became a familiar face during the US news channel's coverage of the plane's disappearance last year and continues his research into the mystery.

He has extensively blogged on the subject and wrote a book called The Plane That Wasn't There outlining his theories.

Malaysia's Department of Civil Aviation declared the plane's fate an "accident" last month, saying everyone on board had died when it crashed into the sea after running out of fuel.
Although British satellite company Inmarsat's data concluded that the Boeing 777 went down in the Indian Ocean, Wise contends that the navigation data was "spooked" to disguise the fact it flew north.

Jeff Wise made frequent experiences on CNN as an 'aviation analyst' after MH370 disappeared.

But Mr. Wise claims he has evidence that the plane made its way to the Baikonur Cosmodrome in Kazakhstan, which is run by Russia as its largest space launch facility.

Investigators initially considered possible journeys by MH370 through a northern "corridor" from Thailand to Kazakhstan but later settled on the southern corridor into the Indian Ocean, where recent searches have been focused.

Wise detailed his theory extensively on his blog, where he claims that hijackers accessed the electronics compartment on the plane to tamper with satellite transponders and fool trackers into believing the plane travelled towards the Indian Ocean.

He used satellite images to find the Yubileyniy area of the Baikonur Cosmodrome, which he contends could have been reached by MH370, and compare changes in the landscape showing the apparent demolition of buildings to suggest that evidence of the landing may have been destroyed.

Map showing the new search area in the Indian Ocean for missing Malaysia Airlines flight MH370 in January

On his blog, Mr. Wise wrote that Russia had the "means and technical savvy" to carry out the supposed hijack, noting that MH370's disappearance coincided with the start of the annexation of Crimea as the Ukraine crisis raged.

People have speculated that the plane was shot down by various agents including the US military, hijacked by the Taliban, flown north in the shadow of another plane, landed on a desert island or deliberately crashed by a suicidal pilot.

Investigators have not announced any evidence of foul play but said the "accident" declaration was primarily to allow passengers' relatives to claim compensation under international aviation rules.