Connect with us

Features

The Lazarus heist: How North Korea almost pulled off a billion-dollar hack

Published

on

In 2016 North Korean hackers planned a $1bn raid on Bangladesh’s national bank and came within an inch of success – it was only by a fluke that all but $81m of the transfers were halted, report Geoff White and Jean H Lee. But how did one of the world’s poorest and most isolated countries train a team of elite cyber-criminals?

It all started with a malfunctioning printer. It’s just part of modern life, and so when it happened to staff at Bangladesh Bank they thought the same thing most of us do: another day, another tech headache. It didn’t seem like a big deal.

But this wasn’t just any printer, and it wasn’t just any bank.

Bangladesh Bank is the country’s central bank, responsible for overseeing the precious currency reserves of a country where millions live in poverty.

And the printer played a pivotal role. It was located inside a highly secure room on the 10th floor of the bank’s main office in Dhaka, the capital. Its job was to print out records of the multi-million-dollar transfers flowing in and out of the bank.

When staff found it wasn’t working, at 08:45 on Friday 5 February 2016, “we assumed it was a common problem just like any other day,” duty manager Zubair Bin Huda later told police. “Such glitches had happened before.”

In fact, this was the first indication that Bangladesh Bank was in a lot of trouble. Hackers had broken into its computer networks, and at that very moment were carrying out the most audacious cyber-attack ever attempted. Their goal: to steal a billion dollars.

To spirit the money away, the gang behind the heist would use fake bank accounts, charities, casinos and a wide network of accomplices.

But who were these hackers and where were they from?

According to investigators the digital fingerprints point in just one direction: to the government of North Korea.

SPOILER ALERT: This is the story told in the 10-episode BBC World Service podcast, The Lazarus Heist.

That North Korea would be the prime suspect in a case of cyber-crime might to some be a surprise. It’s one of the world’s poorest countries, and largely disconnected from the global community – technologically, economically, and in almost every other way.

And yet, according to the FBI, the audacious Bangladesh Bank hack was the culmination of years of methodical preparation by a shadowy team of hackers and middlemen across Asia, operating with the support of the North Korean regime.

In the cyber-security industry the North Korean hackers are known as the Lazarus Group, a reference to a biblical figure who came back from the dead; experts who tackled the group’s computer viruses found they were equally resilient.

Little is known about the group, though the FBI has painted a detailed portrait of one suspect: Park Jin-hyok, who also has gone by the names Pak Jin-hek and Park Kwang-jin.

It describes him as a computer programmer who graduated from one of the country’s top universities and went to work for a North Korean company, Chosun Expo, in the Chinese port city of Dalian, creating online gaming and gambling programs for clients around the world.

While in Dalian, he set up an email address, created a CV, and used social media to build a network of contacts. Cyber-footprints put him in Dalian as early as 2002 and off and on until 2

013 or 2014, when his internet activity appears to come from the North Korean capital, Pyongyang, according to an FBI investigator’s affidavit.

The agency has released a photo plucked from a 2011 email sent by a Chosun Expo manager introducing Park to an outside client. It shows a clean-cut Korean man in his late 20s or early 30s, dressed in a pin-striped black shirt and chocolate-brown suit. Nothing out of the ordinary, at first glance, apart from a drained look on his face.

But the FBI says that while he worked as a programmer by day, he was a hacker by night.

In June 2018, US authorities charged Park with one count of conspiracy to commit computer fraud and abuse, and one count of conspiracy to commit wire fraud (fraud involving mail, or electronic communication) between September 2014 and August 2017. He faces up to 20 years in prison if he is ever tracked down. (He returned from China to North Korea four years before the charges were filed.)

But Park, if that is his real name, didn’t become a hacker for the state overnight. He is one of thousands of young North Koreans who have been cultivated from childhood to become cyber-warriors – talented mathematicians as young as 12 taken from their schools and sent to the capital, where they are given intensive tuition from morning till night.

When the bank’s staff rebooted the printer, they got some very worrying news. Spilling out of it were urgent messages from the Federal Reserve Bank in New York – the “Fed” – where Bangladesh keeps a US-dollar account. The Fed had received instructions, apparently from Bangladesh Bank, to drain the entire account – close to a billion dollars.

The Bangladeshis tried to contact the Fed for clarification, but thanks to the hackers’ very careful timing, they couldn’t get through.

The hack started at around 20:00 Bangladesh time on Thursday 4 February. But in New York it was Thursday morning, giving the Fed plenty of time to (unwittingly) carry out the hackers’ wishes while Bangladesh was asleep.

The next day, Friday, was the start of the Bangladeshi weekend, which runs from Friday to Saturday. So the bank’s HQ in Dhaka was beginning two days off. And when the Bangladeshis began to uncover the theft on Saturday, it was already the weekend in New York.

“So you see the elegance of the attack,” says US-based cyber-security expert Rakesh Asthana. “The date of Thursday night has a very defined purpose. On Friday New York is working, and Bangladesh Bank is off. By the time Bangladesh Bank comes back on line, the Federal Reserve Bank is off. So it delayed the whole discovery by almost three days.”

And the hackers had another trick up their sleeve to buy even more time. Once they had transferred the money out of the Fed, they needed to send it somewhere. So they wired it to accounts they’d set up in Manila, the capital of the Philippines. And in 2016, Monday 8 February was the first day of the Lunar New Year, a national holiday across Asia.

By exploiting time differences between Bangladesh, New York and the Philippines, the hackers had engineered a clear five-day run to get the money away.

They had had plenty of time to plan all of this, because it turns out the Lazarus Group had been lurking inside Bangladesh Bank’s computer systems for a year.

In January 2015, an innocuous-looking email had been sent to several Bangladesh Bank employees. It came from a job seeker calling himself Rasel Ahlam. His polite enquiry included an invitation to download his CV and cover letter from a website. In reality, Rasel did not exist – he was simply a cover name being used by the Lazarus Group, according to FBI investigators. At least one person inside the bank fell for the trick, downloaded the documents, and got infected with the viruses hidden inside.

Once inside the bank’s systems, Lazarus Group began stealthily hopping from computer to computer, working their way towards the digital vaults and the billions of dollars they contained.

And then they stopped.

Why did the hackers only steal the money a whole year after the initial phishing email arrived at the bank? Why risk being discovered while hiding inside the bank’s systems all that time? Because, it seems, they needed the time to line up their escape routes for the money.

Jupiter Street is a busy thoroughfare in Manila. Next to an eco-hotel and a dental surgery is a branch of RCBC, one of the country’s largest banks. In May 2015, a few months after the hackers accessed Bangladesh Bank’s systems, four accounts were set up here by the hackers’ accomplices. In hindsight, there were some suspicious signs: the driver’s licences used to set up the accounts were fakes, and the applicants all claimed to have exactly the same job title and salary, despite working at different companies. But no-one seemed to notice. For months the accounts sat dormant with their initial $500 deposit untouched while the hackers worked on other aspects of the plan.

By February 2016, having successfully hacked into Bangladesh Bank and created conduits for the money, the Lazarus Group was ready.

But they still had one final hurdle to clear – the printer on the 10th floor. Bangladesh Bank had created a paper back-up system to record all transfers made from its accounts. This record of transactions risked exposing the hackers’ work instantly. And so they hacked into the software controlling it and took it out of action.

With their tracks covered, at 20:36 on Thursday 4 February 2016, the hackers began making their transfers – 35 in all, totalling $951m, almost the entire contents of Bangladesh Bank’s New York Fed account. The thieves were on their way to a massive payday – but just as in a Hollywood heist movie, a single, tiny detail would catch them out.

As Bangladesh Bank discovered the missing money over the course of that weekend, they struggled to work out what had happened. The bank’s governor knew Rakesh Asthana and his company, World Informatix, and called him in for help. At this point, Asthana says, the governor still thought he could claw back the stolen money. As a result, he kept the hack secret – not just from the public, but even from his own government.

Meanwhile, Asthana was discovering just how deep the hack went. He found out the thieves had gained access to a key part of Bangladesh Bank’s systems, called Swift. It’s the system used by thousands of banks around the world to co-ordinate transfers of large sums between themselves. The hackers didn’t exploit a vulnerability in Swift – they didn’t need to – so as far as Swift’s software was concerned the hackers looked like genuine bank employees.

It soon became clear to Bangladesh Bank’s officials that the transactions couldn’t just be reversed. Some money had already arrived in the Philippines, where the authorities told them they would need a court order to start the process to reclaim it. Court orders are public documents, and so when Bangladesh Bank finally filed its case in late February, the story went public and exploded worldwide.

The consequences for the bank’s governor were almost instant. “He was asked to resign,” says Asthana. “I never saw him again.”

US Congresswoman Carolyn Maloney remembers clearly where she was when she first heard about the raid on Bangladesh Bank. “I was leaving Congress and going to the airport and reading about the heist, and it was fascinating, shocking – a terrifying incident, probably one of the most terrifying that I’ve ever seen for financial markets.”

As a member of the congressional Committee on Financial Services, Maloney saw the bigger picture: with Swift underpinning so many billions of dollars of global trade, a hack like this could fatally undermine confidence in the system.

She was particularly concerned by the involvement of the Federal Reserve Bank. “They were the New York Fed, which usually is so careful. How in the world did these transfers happen?”

Maloney contacted the Fed, and staff explained to her that most of the transfers had in fact been prevented – thanks to a tiny, coincidental detail.

The RCBC bank branch in Manila to which the hackers tried to transfer $951m was in Jupiter Street. There are hundreds of banks in Manila that the hackers could have used, but they chose this one – and the decision cost them hundreds of millions of dollars.

“The transactions… were held up at the Fed because the address used in one of the orders included the word ‘Jupiter’, which is also the name of a sanctioned Iranian shipping vessel,” says Carolyn Maloney.

Just the mention of the word “Jupiter” was enough to set alarm bells ringing in the Fed’s automated computer systems. The payments were reviewed, and most were stopped. But not all. Five transactions, worth $101m, crossed this hurdle.

Of that, $20m was transferred to a Sri Lankan charity called the Shalika Foundation, which had been lined up by the hackers’ accomplices as one conduit for the stolen money. (Its founder, Shalika Perera, says she believed the money was a legitimate donation.) But here again, a tiny detail derailed the hackers’ plans. The transfer was made to the “Shalika Fundation”. An eagle-eyed bank employee spotted the spelling mistake and the transaction was reversed.

And so $81m got through. Not what the hackers were aiming for, but the lost money was still a huge blow for Bangladesh, a country where one in five people lives below the poverty line.

By the time Bangladesh Bank began its efforts to claw the money back, the hackers had already taken steps to make sure it stayed beyond reach.

On Friday 5 February, the four accounts set up the previous year at the RCBC branch in Jupiter Street suddenly sprang to life.

The money was transferred between accounts, sent to a currency exchange firm, swapped into local currency and re-deposited at the bank. Some of it was withdrawn in cash. For experts in money laundering, this behaviour makes perfect sense.

“You have to make all of that criminally derived money look clean and look like it has been derived from legitimate sources in order to protect whatever you do with the money afterwards,” says Moyara Ruehsen, director of the Financial Crime Management Programme at the Middlebury Institute of International Studies in Monterey, California. “You want to make the money trail as muddy and obscure as possible.”

 

Even so, it was still possible for investigators to trace the path of the money. To make it completely untrackable it had to leave the banking system.

The Solaire sits on the waterfront in Manila, a gleaming white palace of hedonism, home to a hotel, a huge theatre, high-end shops and – its most famous attraction – a sprawling casino floor. Manila has become a big draw for gamblers from mainland China, where the pastime is illegal, and the Solaire is “one of the most elegant casino floors in Asia”, according to Mohammed Cohen, editor-at-large of Inside Asian Gaming Magazine. “It’s really beautifully designed, comparable to anything in south-east Asia. It has roughly 400 gaming tables and about 2,000 slot machines.”

It was here in Manila’s glitzy casino scene that the Bangladesh Bank thieves mounted the next stage of their money laundering operation. Of the $81m that washed through the RCBC bank, $50m was deposited in accounts at the Solaire and another casino, the Midas. (What happened to the other $31m? According to a Philippines Senate Committee set up to investigate, it was paid to a Chinese man called Xu Weikang, who’s believed to have left town on a private jet and never been heard of since.)

The idea of using casinos was to break the chain of traceability. Once the stolen money had been converted into casino chips, gambled over the tables, and changed back into cash, it would be almost impossible for investigators to trace it.

But what about the risks? Aren’t the thieves in danger of losing the loot across the casino tables? Not at all.

Firstly, instead of playing in the public parts of the casino, the thieves booked private rooms and filled them with accomplices who would play at the tables; this gave them control over how the money was gambled. Secondly, they used the stolen money to play Baccarat – a wildly popular game in Asia, but also a very simple one. There are only three outcomes on which to bet, and a relatively experienced player can recoup 90% or more of their stake (an excellent outcome for money launderers, who often get a far smaller return). The criminals could now launder the stolen funds and look forward to a healthy return – but to do so would take careful management of the players and their bets, and that took time. For weeks, the gamblers sat inside Manila’s casinos, washing the money.

Bangladesh Bank, meanwhile, was catching up. Its officials had visited Manila and identified the money trail. But when it came to the casinos, they hit a brick wall. At that time, the Philippines gambling houses were not covered by money laundering regulations. So far as the casinos were concerned, the cash had been deposited by legitimate gamblers, who had every right to fritter it away over the tables. (The Solaire casino says it had no idea it was dealing with stolen funds, and is co-operating with the authorities. The Midas did not respond to requests for comment.)

The bank’s officials managed to recover $16m of the stolen money from one of the men who organised the gambling jaunts at the Midas casino, called Kim Wong. He was charged, but the charges were later dropped. The rest of the money, however – $34m – was leaching away. Its next stop, according to investigators, would take it one step closer to North Korea.

Macau is an enclave of China, similar in constitution to Hong Kong. Like the Philippines, it’s a hotspot for gambling and home to some of the world’s most prestigious casinos. The country also has long-established links to North Korea. It was here that North Korean officials were in the early 2000s caught laundering counterfeit $100 notes of extremely high quality – so-called “Superdollars” – which US authorities claim were printed in North Korea. The local bank they laundered them through was eventually placed on a US sanctions list thanks to its connections with the Pyongyang regime.

It was also in Macau that a North Korean spy was trained before she bombed a Korean Air flight in 1987, killing 115 people. And it was in Macau that Kim Jong-un’s half brother, Kim Jong-nam, lived in exile before being fatally poisoned in Malaysia in an assassination many believe was authorised personally by the North Korean leader.

As the money stolen from Bangladesh Bank was laundered through the Philippines, numerous links to Macau started to emerge. Several of the men who organised the gambling jaunts in the Solaire were traced back to Macau. Two of the companies that had booked the private gambling rooms were also based in Macau. Investigators believe most of the stolen money ended up in this tiny Chinese territory, before being sent back to North Korea.

At night, North Korea famously appears to be a black hole in photos taken from outer space by Nasa, due to the lack of electricity in most parts of the country – in stark contrast to South Korea, which explodes with light at all hours of the day and night. North Korea ranks among the 12 poorest nations in the world, with an estimated GDP of just $1,700 per person – less than Sierra Leone and Afghanistan, according to the CIA.

And yet North Korea has produced some of the world’s most brazen and sophisticated hackers, it appears.

Understanding how, and why, North Korea has managed to cultivate elite cyber-warfare units requires looking at the family that has ruled North Korea since its inception as a modern nation in 1948: the Kims.

Founder Kim Il-sung built the nation officially known as the Democratic People’s Republic of Korea on a political system that is socialist but operates more like a monarchy.

His son, Kim Jong-il, relied on the military as his power base, provoking the US with tests of ballistic missile and nuclear devices. In order to fund the programme, the regime turned to illicit methods, according to US authorities – including the highly sophisticated counterfeit Superdollars.

Kim Jong-il also decided early on to incorporate cyber into the country’s strategy, establishing the Korea Computer Centre in 1990. It remains the heart of the country’s IT operations.

When, in 2010, Kim Jong-un – Kim Jong-il’s third son – was revealed as his heir apparent, the regime unfurled a campaign to portray the future leader, only in his mid-20s and unknown to his people, as a champion of science and technology. It was a campaign designed to secure his generation’s loyalty and to inspire them to become his warriors, using these new tools.

The young Kim, who took power in late 2011 upon his father’s death, called nuclear weapons a “treasured sword”, but he too needed a way to fund them – a task complicated by the ever tighter sanctions imposed by the UN Security Council after the country’s first tests of a nuclear device and a long-range ballistic missile in 2006. Hacking was one solution, US authorities say.

The embrace of science and technology did not extend to allowing North Koreans to freely connect to the global internet, though – that would enable too many to see what the world looks like outside their borders, and to read accounts that contradict the official mythology.

So in order to train its cyber-warriors, the regime sends the most talented computer programmers abroad, mostly to China.

There they learn how the rest of the world uses computers and the internet: to shop, to gamble, to network and to be entertained. It’s there, experts say, that they are transformed from mathematical geniuses into hackers.

Scores of these young men are believed to live and work in North Korean-run outposts in China.

“They are very good at masking their tracks but sometimes, just like any other criminal, they leave crumbs, evidence behind,” says Kyung-jin Kim, a former FBI Korea chief who now works as a private sector investigator in Seoul. “And we’re able to identify their IP addresses back to their location.”

Those crumbs led investigators to an unassuming hotel in Shenyang, in China’s north-east, guarded by a pair of stone tigers, a traditional Korean motif. The hotel was called the Chilbosan, after a famous mountain range in North Korea.

Photos posted to hotel review sites such as Agoda reveal charming Korean touches: colourful bedspreads, North Korean cuisine and waitresses who sing and dance for their customers.

It was “well-known in the intel community”, says Kyung-jin Kim, that suspected North Korean hackers were operating from the Chilbosan when they first broke on to the world stage in 2014.

Meanwhile, in the Chinese city of Dalian, where Park Jin-hyok is believed to have lived for a decade, a community of computer programmers was living and working in a similar North-Korea-run operation, says defector Hyun-seung Lee.

Lee was born and raised in Pyongyang but lived for years in Dalian, where his father was a well-connected businessman working for the North Korean government – until the family defected in 2014. The bustling port city across the Yellow Sea from North Korea was home to about 500 North Koreans when he was living there, Lee says.

Among them, more than 60 were programmers – young men he got to know, he says, when North Koreans gathered for national holidays, such as Kim Il-sung’s birthday.

One of them invited him over to their living quarters. There, Lee saw “about 20 people living together and in one space. So, four-to-six people living in one room, and then the living room they made it like an office – all the computers, all in the living room.”

They showed him what they were producing: mobile phone games that they were selling to South Korea and Japan through brokers, making $1m per year.

Although North Korean security officials kept a close eye on them, life for these young men was still relatively free.

“It’s still restricted, but compared to North Korea, they have much freedom so that they can access the internet and then they can watch some movies,” Lee says.

After about eight years in Dalian, Park Jin-hyok appears to have been anxious to return to Pyongyang. In a 2011 email intercepted by the FBI, he mentions wanting to marry his fiancee. But it would be a few more years before he was allowed to do this.

The FBI says his superiors had another mission for him: a cyber-attack on one of the world’s largest entertainment companies – Sony Pictures Entertainment in Los Angeles, California. Hollywood.

In 2013, Sony Pictures announced the making of a new movie starring Seth Rogen and James Franco that would be set in North Korea.

It’s about a talk show host, played by Franco, and his producer, played by Rogen. They go to North Korea to interview Kim Jong-un, and are persuaded by the CIA to assassinate him.

North Korea threatened retaliatory action against the US if Sony Pictures Entertainment released the film, and in November 2014 an email was sent to company bosses from hackers calling themselves the Guardians of Peace, threatening to do “great damage”.

Three days later a horror-film image of a blood-red skeleton with fangs and glaring eyes appeared on employees’ computer screens. The hackers had made good on their threats. Executives’ salaries, confidential internal emails, and details of as-yet unreleased films were leaked online – and the company’s activities ground to a halt as its computers were disabled by the hackers’ viruses. Staff couldn’t swipe passes to enter their offices or use printers. For a full six weeks a coffee shop on the MGM lot, the HQ of Sony Pictures Entertainment, was unable to take credit cards.

Sony had initially pressed ahead with plans to release The Interview in the usual way, but these were hastily cancelled when the hackers threatened physical violence. Mainstream cinema chains said they wouldn’t show the film, so it was released only digitally and in some independent cinemas.

But the Sony attack, it turns out, may have been a dry run for an even more ambitious hack – the 2016 bank heist in Bangladesh.

Bangladesh is still trying to recover the rest of its stolen money – around $65m. Its national bank is taking legal action against dozens of people and institutions, including RCBC bank, which denies breaching any rules.

As skilful as the hacking of Bangladesh Bank was, just how pleased would the Pyongyang regime have been with the end result? After all, the plot started out as a billion-dollar heist, and the eventual haul would have been only in the tens of millions. Hundreds of millions of dollars had been lost as the thieves had navigated the global banking system, and tens of millions more as they paid off middlemen. In future, according to US authorities, North Korea would find a way to avoid this attrition.

In May 2017, the WannaCry ransomware outbreak spread like wildfire, scrambling victims’ files and charging them a ransom of several hundred dollars to retrieve their data, paid using the virtual currency Bitcoin. In the UK, the National Health Service was particularly badly hit; accident and emergency departments were affected, and urgent cancer appointments had to be rescheduled.

As investigators from the UK’s National Crime Agency delved into the code, working with the FBI, they found striking similarities with the viruses used to hack into Bangladesh Bank and Sony Pictures Entertainment, and the FBI eventually added this attack to the charges against Park Jin-hyok. If the FBI’s allegations are correct, it shows North Korea’s cyber army had now embraced cryptocurrency – a vital leap forward because this high-tech new form of money largely bypasses the traditional banking system – and could therefore avoid costly overheads, such as pay-offs to middlemen.

WannaCry was just the start. In the ensuing years, tech security firms have attributed many more cryptocurrency attacks to North Korea. They claim the country’s hackers have targeted exchanges where cryptocurrencies like Bitcoin are swapped for traditional currencies. Added together, some estimates put the thefts from these exchanges at more than $2bn.

And the allegations keep coming. In February the US Department of Justice charged two other North Koreans, whom they claim are also members of the Lazarus Group and are linked to a money-laundering network stretching from Canada to Nigeria.

Computer hacking, global money laundering, cutting edge cryptocurrency thefts… If the allegations against North Korea are true, then it appears many people have underestimated the country’s technical skill and the danger it presents.

But this also paints a disturbing picture of the dynamics of power in our increasingly connected world, and our vulnerability to what security experts call “asymmetric threat” – the ability of a smaller adversary to exercise power in novel ways that make it a far bigger threat than its size would indicate.

Investigators have uncovered how a tiny, desperately poor nation can silently reach into the email inboxes and bank accounts of the rich and powerful thousands of miles away. They can exploit that access to wreak havoc on their victims’ economic and professional lives, and drag their reputations through the mud. This is the new front line in a global battleground: a murky nexus of crime, espionage and nation-state power-mongering. And it’s growing fast.

Geoff White is the author of Crime Dot Com: From Viruses to Vote Rigging, How Hacking Went Global. Jean H Lee opened Associated Press’s Pyongyang bureau in 2012; she is now a senior fellow at the Wilson Center in Washington DC.

– BBC News



Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Features

Implementing 13A: Some thoughts

Published

on

The 13A requires the Government to establish a National Land Commission, which would be responsible for the formulation of a national policy, concerning the use of State land. This Commission will include representatives of all Provincial Councils. The Commission will have a Technical Secretariat, representing all the relevant disciplines required to evaluate the physical as well as the socio-economic factors that are relevant to natural resources management. National policy, on land, use will be based on technical aspects, but not political or communal aspects.

by Dr Jayampathy Wickramaratne, President’s Counsel

The 13th Amendment to the Constitution (13A), which introduced devolution of power to the periphery, is again in the news, this time on the need to fully implement it. President Ranil Wickremesinghe first raised the issue in Parliament, asking the various parties whether they are for 13 Plus, meaning improving on 13A. SJB’s Lakshman Kiriella, an avowed supporter of devolution, while saying that his party is for it, asked the President whether Mahinda Rajapaksa’s SLPP, which provides the President with the Parliamentary majority he needs for his legislative agenda, was supportive. Pressed by the President and Kiriella for a response, Rajapaksa, who had promised India to improve on 13A, rose reluctantly and said ‘13 Plus’.

President Wickremesinghe’s attempt to get a consensus on a constitutional settlement of the national question did not get off the ground. The SLPP is unlikely to abandon its Sinhala-nationalist platform. Opposition parties were sceptical. Realising the impossibility of a far-reaching amendment, the President has changed his strategy to one of fully implementing 13A, without changes, or with minor changes, that could muster SLPP support.

Several Opposition parties, that attended the previous meetings of the All-Party Conference (APC), stayed away from the meeting, held on January 27. While the SJB said that the APC was a mere ‘talk show,’ its ally among the Hill Country Tamils, the TPA, said that the President had not considered the issues facing them. The SJB’s Muslim allies did participate. MP Harini Amarasuriya clarified that while the NPP supported the 13A, in principle, it did not consider the President’s statement, on fully implementing the13A, credible.

The main areas in which the 13A has not been implemented are law and order (Police powers) and land. To add to this, successive governments have, over the last 35 years, taken back several subjects, and functions, that legitimately belong to the Provincial Councils (PCs) – agrarian services being one of them. The high point of central intrusion was the Divineguma Act of 2013, under which several functions of PCs, related to rural development, were taken over, using the two-thirds majority that the Government possessed.

Constitutional and legislative changes

The President spoke of the need to establish the National Land Commission, a requirement of the 13A, but which successive governments had not done. He also said that a decision on whether to continue with Provincial Police Commissions, or to bring the Provincial Police, under the National Police Commission, had to be taken. The latter would be a centralising feature—a 13 Minus—that will be to the disappointment of pro-devolution forces.

At the time of the 13A, there was no National Police Commission. Appointments, transfers, etc., of Police personnel, were handled by the Public Service Commission, with the Cabinet of Ministers having the power to overturn decisions of the PSC. To set up the National Police Commission and Provincial Police Commissions, provided for by the 13A, the Police Commission Act No. 1 of 1990 was passed but has not been brought into force by successive Presidents. Under the 13A, a Provincial Police Commission would consist of the Deputy Inspector General of Police, a person nominated by the Public Service Commission, in consultation with the President, and a nominee of the Chief Minister. Since the 13A, a National Police Commission was set up by the 17th and 19th Amendments, and the President now appoints its members on the recommendation of the Constitutional Council. The writer submits that these changes must be reflected in the Provincial Police Commissions, as well. The sub-committee on Law and Order, of the Constitutional Assembly of the previous Parliament, recommended that the Chairman, and the members of the Provincial Police Commissions, should be recommended by the Constitutional Council, having considered nominations, jointly provided by the Chief Minister and the Leader of the Opposition of the respective Provincial Council. The writer submits that a better option would be for a Provincial Police Commission to be appointed by the Governor, on the recommendation of the Constitutional Council, which should be required to call for nominations from the general public and also consult the Chief Minister and the Leader of the Opposition of the Province concerned. Any such change would require a constitutional amendment.

The 13A requires the Government to establish a National Land Commission, which would be responsible for the formulation of a national policy, concerning the use of State land. This Commission will include representatives of all Provincial Councils. The Commission will have a Technical Secretariat, representing all the relevant disciplines required to evaluate the physical as well as the socio-economic factors that are relevant to natural resources management. National policy, on land, use will be based on technical aspects, but not political or communal aspects. The Commission will lay down general norms, regarding the use of land, having regard to soil, climate, rainfall, soil erosion, forest cover, environmental factors, economic viability, etc. In the exercise of the powers devolved on them, Provincial Councils shall have due regard to national policy, formulated by the National Land Commission. The Constitution does not set out the composition, etc., of the National Land Commission. The establishment of the Commission would have to be ordinary legislation.

Broad consensus needed

President Wickremesinghe, with former President Mahinda Rajapaksa, and Premier Dinesh Gunawardena, sitting beside him, told the APC that the Cabinet of Ministers had approved the full implementation of the 13A. If as President Wickremesinghe confidently says, he has the support of the Cabinet of Ministers and, thus, of the SLPP, the full implementation of 13A would be certainly possible. But it is important that the President reaches out to the Opposition parties, as well. The SJB is for devolution as a solution to the national issue. Sajith Premadasa’s Presidential election manifesto pledged maximum devolution, within an undivided and indivisible Sri Lanka. Premadasa won areas dominated by Tamils, Muslims and Hill Country Tamils, with percentages second only to those secured by President Kumaratunga, in 1994. SJB’s Muslim and Hill Country allies support devolution, but the President needs to talk to parties representing those communities, about issues pertaining to them, too.

The new ‘Helicopter’ alliance seems unable to take a unified stand on the 13A. Dullas and Dilan Perera were at the forefront of CBK’s campaign for devolution, and Professor G.L. Pieris was the architect of her devolution proposals. Tissa Vitarana did an admirable job of getting a consensus on the national issue, through the APRC process. The Left parties in the Utttara Sabhagaya are strong supporters of devolution, while their nationalist allies are against it. Former President Sirisena spoke in support of implementing the 13A at the APC. The JVP/NPP is unlikely to oppose moves to implement the 13A.

It must not be assumed that the President’s declared intention to implement the 13A could be put into practice easily. Sinhala nationalists, in the Uttara Sabhagaya, have already declared war against fully implementing the 13A, and not all SLPP elements would be enthusiastic about supporting the proposed changes. They are sure to be joined by Sinhala extremists outside Parliament. Anti-13A forces would attempt to use discontent among the masses suffering due to the economic mess the country is in. In these circumstances, the Government needs to convince the people, and the Opposition, of the genuineness of the exercise and the chances of its success. Lest the extremists raise the ‘separatist’ bogey, President Wickremesinghe and the Government must meet such arguments, taking the bull by its horns, and also explain to the people that power-sharing, through devolution, is a must, not only to solve the ethnic issue but also for the development of the periphery. Given its composition, the present Government cannot do so on its own. It must reach out and build a broad consensus on the issue.

Continue Reading

Features

Aiyo, Sirisena

Published

on

By Dr Upul Wijayawardhana

Former president Sirisena has declared that he is poor and therefore has to go begging to pay compensation awarded by the Supreme Court to the victims of the Easter Sunday massacre! He was unwilling to stand in the dock when he appeared as an accused in a subsequent case and had to be ordered to do so by the Magistrate.

Just imagine an ex-president going around begging from the populace that was made destitute by the actions of the government he headed and the government that followed, which he was part of! To make matters even worse he gives totally ludicrous and unbelievable explanations. Let me add a few of my thoughts to many opinions expressed so far, including those in the editorial “Sirisena’s plea” (The Island, 24 January) wherein the editor quite rightly names those responsible for making this totally undeserved person the President, and suggests that they should help him pay, if at all.

The two important issues that need consideration are whether Sirisena is guilty of neglecting his duties as president in not defending the country from terrorism and who is responsible for paying the compensation awarded by the Supreme court.

I pose the first question because in numerous press conferences, Sirisena has stated that the Supreme Court awarded compensation because he was indirectly responsible for the actions of security chiefs he appointed, implying that there is no direct responsibility! One wonders whether Sirisena is unable to understand the judgement, which categorically states that there were lapses such as the malfunctioning security council for which he was directly responsible. In fact, what surprised me was the reflected annoyance or frustrations of the honourable justices by their use of terms like “what takes the cake” in referring to some of these terrible lapses! Though Sirisena does not come from an academic background, having been a cabinet minister and the general secretary of a major political party for years, surely, he should be able to grasp the contents of a judgement.

Obviously, Sirisena cannot challenge the judgement as it was delivered by the highest court in the land and he cannot criticise the judgement as it would amount to contempt of court. Therefore, it is pretty obvious that he is using a diversionary tactic hoping to fool us. Perhaps, he is unaware of the famous adage: “You can fool all the people some of the time and some of the people all the time, but you cannot fool all the people all the time.”

Sirisena seems to have developed total amnesia about the commission he appointed to inquire into the Easter Sunday massacre! From parts of the report released, it was pretty obvious that the blame lay, in addition to the security establishment, on him as well as the prime minister of the day, who as the present president must be having bad dreams of the day when he no longer has presidential immunity!

In fact, one of the reasons for the downfall of President Gotabhaya Rajapaksa was his reluctance to take action on that report. Perhaps, he did so at the behest of his younger brother who was obsessed with the two thirds majority.

Sirisena seems to disregard facts and is on a shameless mission to deceive the public again by stating that he has no means to pay compensation. He claims that his only income is from a mango plantation and that he does not own even a motorcycle. But have we ever seen him riding a bicycle or travelling by bus?

Although he has not provided any proof, Sirisena claims that he was in a hospital in Singapore for an urgent medical condition at the time of the attack. Why did he go to Singapore instead of seeking treatment at home? Afterall, he was the Minister of Health before contesting the presidency! How did the urgency resolve for him to return the following day? How did this poor mango grower have the money to go to Singapore for treatment? Did the public coffers cough up the money for allegedly a shopping trip he did for his son’s wedding?

In spite of the Presidential Commission he himself appointed finding him guilty and the highest court of the land directing him to pay compensation to victims, Sirisena has failed the nation by refusing to show any remorse or take his share of responsibility. Instead, he is attempting to make a political drama out of it. What about his brother Dudley, who roared like a lion threatening to teach a lesson to anybody who tried to punish his elder brother in any way? Why is he hiding like a lizard not offering to foot the bill? Has Sirisena no shame in allowing one of his supporters to beg under the Bo tree in Pettah? A decent politician would have opted to go to jail rather than beg but decency is, perhaps, something totally alien to Sirisena!

Sirisena, who really should set an example to others who were ordered to pay compensation, does not seem even to follow their behaviour of silent acceptance. He should remember that we have not forgotten what was stated by the ex-IGP that Sirisena offered him a diplomatic posting provided he accepted responsibility. He must be regretting the refusal! Those who should go round begging are government servants who have no means to pay compensation, not the mango grower whose brother is one of the richest “Hal Mudalalis”!

Mr Sirisena! You have no sense of shame and you have done everything possible to deflect blame. What I fail to comprehend is why the SLFP does not get rid of you. Perhaps, it has a death-wish and so do the ex-Pohottuwa chaps who decided ‘helicopter’! It clearly shows that ours is the land of politicians with no sense of shame!

Continue Reading

Features

Harassment of women in politics on the rise

Published

on

by Rathindra Kuruwita

Election monitors and activists express concern that digital harassment of female politicians will increase when the local council elections campaign gets into full swing in the coming weeks.According to the preliminary results of a survey conducted by the Campaign for Free and Fair Elections (CaFFE), more than 70 percent of female local councillors and grassroots political activists have faced digital harassment.

CaFFE Executive Director Manas Makeen said the majority of those who were subjected to digital harassment (around 80 percent) had not lodged complaints with the law enforcement authorities or with the political party leadership because they felt it was an exercise in futility.

“Even if these women politicians go to the police or their party leadership, there is no solution. They have to find solutions themselves. The introduction of the quota for women candidates at the local council level has upset some politicians and they have resorted to the digital sphere to undermine their female opponents,” he said.

Makeen said the survey had also revealed that about 55 percent of women politicians and activists had faced physical harassment during their political careers. However, digital harassment was the most common form of harassment now. He said almost 90 percent of those who were harassed online believed politicians in the same party were behind the attack.

Nilka Perera (not her real name) is a member of a local council in Puttalam.

The 33-year-old politician said the harassment had begun with the announcement of the 25-percent-female-candidate quota ahead of the last local council elections, in 2018.

“Some religious leaders gave sermons on why people should not vote for women and their video clips are all over social media,” she said, noting that such misconceptions were not limited to one religion or community. “People were initially sceptical about women in politics and male politicians were quick to latch on to it. While there is misogyny in society, most attacks on female politicians are organised campaigns,” she said.

SJB MP Rohini Kavirathne said the Women Parliamentarian’s Caucus was well aware of systematic digital harassment of female politicians. She said that all female politicians including her had been victims of online harassment and that the Caucus had been active in assisting women in need.

“We have always been willing to help women, on an individual basis. We have also contributed and worked with election monitors, the Elections Department, and other relevant parties to empower women and stop the harassment. While the harassment continues, I am glad to see that women are becoming stronger and are proactively countering propaganda against them,” she said.

The CaFFE survey also found that although the majority of participants received some kind of training from a government or a civil society organisation in countering digital harassment, most of the female politicians over the age of 55 were unable to answer what they would do if they faced digital harassment.

The People’s Action for Free and Fair Elections (PAFFREL) Executive Director Rohana Hettiarachchi said he, too, had noted a spike in digital harassment of female politicians during the campaign for the 2018 local council elections after the 25 percent female candidate quota was given legal effect. At least 25 percent of the names on the nomination lists, submitted by parties or independent groups should be female candidates.

“Targeted harassment of female politicians, especially those who engage in grassroots-level politics, continues to be a serious problem,” he said, expressing fears that the problem would only aggravate with the election season approaching without any proactive countermeasures from political parties.

There was also a lot of character assassination through social media, and such campaigns were ongoing, Hettiarachchi said.

Pointing out that Sri Lanka did not have a mechanism to take swift action against election malpractice, he said this was a major lacuna that should be addressed, especially given the harassment female candidates faced in the digital sphere.

“Our law enforcement mechanisms are slow. During an election period, immediate action should be taken against election law violators,” he said. “What’s the point in taking action against a campaign of digital harassment a few months after the elections are over?”

Police spokesman Nihal Thalduwa said the Sri Lanka Police Computer Crime Investigation Division had been established to help victims of computer crimes including digital harassment.

“I don’t have numbers on the top of my head, but I don’t think we get a lot of complaints from grassroots-level female politicians about digital harassment,” the Senior Superintendent of Police said.

He said this was probably because the women politicians feared they would antagonise their party leaders if they complained to the police.

“However, since you brought this issue up, the police must work closely with other stakeholders as the elections approach,” he said.

The urban-rural divide

When the then government introduced a quota for women in late 2017, weeks before the nominations for local council elections were called, most political parties had not been ready, said Kalana Weerasinghe, Chief Operating Officer at the Federation of Sri Lankan Local Government Authorities (FSLGA). He said several political parties nominated friends and family members to fill the 25 percent female-candidate quota.

“Women were often made candidates in wards that male party leaders thought they would lose. However, now we have more than 2,000 female local councillors out of some 8,000, and they can be divided into three categories.

“First, there are seasoned female politicians who have been in politics for decades and some of them are even more popular than their parties’ electoral organisers. They could easily win parliamentary elections, too, if they were given an opportunity. Then there are friends and family members of political party officials, and they have no interest in politics although they are now elected people’s representatives. The third group comprises newcomers who are passionate about what they are doing.

“So, when it comes to digital harassment, the first group is capable of handling any personal attacks. The second group probably will drop out but those in the third group have learnt to adapt and fight back though they were at first depressed by digital media harassment,” Weerasinghe said.

He said the fightback was especially visible in the urban areas where women politicians were more educated and apt in digital technologies than their rural counterparts. These women realise the power of digital media, and how it can benefit their careers. “Being in politics also makes them tougher,” he said.

With the mainstream media giving little or no space for women local council politicians, social media was the main tool they could use to build up a larger support base and tell the voters about what they did and what they believed in, Weerasinghe said.

“A person who is facing harassment can lock his or her profile pic, but a politician can’t do so. No country has been able to reduce online harassment to zero. So, it is also about empowering women and building support structures. We have to make female politicians resilient and there is a lot that the government, political parties and civil society groups can do,” he said.

Role of civil society and govt.

While some female politicians in urban areas are coming to terms with the digital landscape, there are other women and activists who are not yet tech savvy to promote themselves or deal with increasing levels of online harassment.

Makeen said that although most women politicians were on Facebook, quite a few did not know how to use the platform to promote their political careers. If they faced online harassment, they would lock their profiles or stop using social media, he said.

“Early this year, we did a study on online harassment faced by women politicians. We found that they knew about the platforms and online harassment, but they did not know how to use social media to boost their career or how to proactively deal with cyberbullies,” he said.

Makeen said they had also held a series of consultations with national-level female politicians and found out they had also been victims of concerted digital harassment.

“A young former MP once told us that at the beginning of her career, she had been devastated by cyberbullying. This is the case of someone coming from a political family and had gone through trauma. She said it was so bad that she had even contemplated quitting politics. With the backing of her family, she had learnt to ignore the bullies and connect with those who supported her although she is one of the most memed female politicians today,” he said.

Women fighting back

Manjula Gajanayake, Executive Director of the Institute of Democratic Reforms and Electoral Studies (IRES), said several young and educated female politicians including those at the grassroots level had learnt how to navigate the digital sphere.

While digital harassment continued to be a serious problem, there were signs of female local councillors building the necessary support structures to overcome it, he said.

“Initially, a lot of local women councillors were devastated by digital media harassment. I was told that some families were on the verge of breaking up. However, in the past few years, we have seen a counterattack. Female local councillors who are serious about their work have behaved with great integrity and now they are getting social recognition. Their family members, who were initially hesitant or upset about them being in politics, have now warmed up,” he said.

Describing the trend as a positive change, Gajanayake called on the government and political parties to step up efforts to end digital harassment of women candidates.

He said that often targeted digital harassment was carried out by political actors and sometimes by those in the same party.

“If the political parties are stricter and take complaints by their women candidates more seriously, we would see a sharp drop in instances of targeted digital harassment,” he said.

* This story is produced under the ANFREL Asian Media Fellowship on Election Reporting.

Continue Reading

Trending