The Memo: 16 Sep—22 Sep 2024

In brief:

• Philippines: Two killed in resort explosion; ammonium nitrate found.
• Thailand: Roadside IED injures rangers; armed men kill durian buyers.
• Pakistan: Bomb near diplomats' convoy kills officer, injures others.
• Lebanon: Explosions target communication devices, killing 29 and injuring thousands.
• Malaysia: Authorities raid GISB homes, rescue 400 children, arrest leaders.
• US: NSA reveals Chinese-linked global botnet targeting network devices.

Terrorism and insurgency

1. Zamboanga del Sur, Philippines:

On September 17, two people were killed in a roadside explosion at a beach resort in Tukuran, Zamboanga del Sur. The explosion, which occurred around 2am, also damaged a utility van, motorcycle, and a store near the site. Police discovered a bag containing ammonium nitrate and are investigating the motive, but the identities of the victims and suspects remain unknown.

2. Yala Province, Thailand

Four rangers were seriously injured in an explosion in Yala’s Bang Sata district on September 17. Insurgents planted a roadside IED that exploded as the rangers were patrolling in a pickup truck, overturning their vehicle.

Separately, ten armed men killed two durian buyers in Yala’s Bannang Sata district on September 21, one being the son of a village headman and the other from Chanthaburi province. The attackers stole the victims’ side arms, gold jewelry, and Bt50,000 in cash. Police found spent shell casings from military-grade weapons around the tents where the victims were purchasing durians. Authorities are exploring possible links to separatist groups in the region.

3. Khyber Patunkhwa, Pakistan

A roadside bomb exploded near a convoy of foreign diplomats in Pakistan's Swat district, killing one police officer and injuring several others. The convoy, including ambassadors from countries like Russia, Iran, and Indonesia, was unharmed. Security forces swiftly evacuated the diplomats to safety. Prime Minister Shehbaz Sharif condemned the attack, which took place in a region previously controlled by the Tehrik-i-Taliban Pakistan (TTP). No group has claimed responsibility, but TTP has a history of targeting police and military in the area.

---

Intelligence, Espionage, Assassination and Covert Actions

1. Beirut, Lebanon

Explosions targeting walkie-talkies killed at least 20 people and injured over 450 across Lebanon on September 18. These attacks followed similar incidents involving Hezbollah's pagers the previous day, which injured around 3,000 people and killed nine. Among the dead were an eight-year-old girl, an 11-year-old boy, and several healthcare workers from Dahiyeh in southern Beirut who had been using pagers. Investigations suggest explosives may have been planted in recently imported pagers that Hezbollah believed were secure from Israeli hacking. Israeli forces allegedly conducted these attacks, which claimed both militant and civilian lives. In a speech to Israeli troops, Defense Minister Yoav Gallant hinted at a new phase of war. The unusual method of attacking communication devices heightened tensions between Hezbollah and Israel, potentially further destabilising the region.

---

Organised Crimes, Gangs, and Syndicates

1. Kuala Lumpur, Malaysia

Malaysian authorities recently raided 20 children's welfare homes linked to Global Ikhwan Services and Business Holdings (GISB), rescuing nearly 400 children and arresting 19 group leaders, including GISB leader Nasiruddin Ali. The police are investigating GISB, a controversial organisation with roots in the banned Al-Arqam cult, as an organised crime syndicate. Three teacher assistants from a GISB-linked religious center face charges of sexually assaulting five children. GISB operates numerous businesses in Rawang, Selangor, and claims to have a presence in 20 countries.

---

Cybersecurity and unlawful access

1. The United States

The National Security Agency (NSA), working jointly with the FBI, U.S. Cyber Command, and international partners, has disclosed new intelligence about Chinese-linked cyber operatives constructing a global botnet from compromised devices. These actors have targeted various network components, including routers, firewalls, and Internet of Things (IoT) devices, to carry out malicious activities such as distributed denial-of-service (DDoS) attacks and network infiltrations. In response, the advisory strongly recommends that device owners, particularly those with older models, update and secure their equipment to prevent further exploitation. The botnet, which has already infected over 260,000 devices across multiple geographic regions, presents a considerable threat to U.S. networks. To combat this threat, the NSA is urging vendors and cybersecurity companies to implement the protective measures as proposed in their advisory.

---

ICYMI: Exclusive access to paid subscribers only...

• Insight on Telegram Under Fire: Pavel Durov's Arrest and Implications.
  Flashpoint on Deadly Mosque Attack Shocks Oman: Nine Dead as IS Claims Responsibility.
• Insight on Navigating the Strategic and Policy Implications of Jemaah Islamiyah's Dissolution in Indonesia.
• Insight on Contextualising Al-Qaeda's Call To Arms and Implications for Southeast Asia's Militants.
• Flashpoint on U.S. Sanctions on Malaysian Semiconductor Trading Firm.
• Insight on Reassessing the Ulu Tiram Incident: The Subjectivity of Terror Labels.
• Insight on Jemaah Islamiyah Arrests in Sulawesi: Contextualising the Threat Perception by Alif Satria.
• Insight on India's Elections and Beyond: Balancing Nationalism with Global Aspirations by Hari Prasad.
• The Deep Dive on Shalom Avitan and Illicit Arms Trade in Malaysia's Periphery. A useful read to understand Thailand-Malaysia gunrunning.
• Flashpoint analysis on Iran-Israel Standoff: Navigating a No-Win Situation - Recent military exchanges between Israel and Iran have heightened regional tensions. What implications might this have for global stability?

Please feel free to share The Deep Dive with your colleagues. In addition, we would appreciate it if you could consider becoming a paid subscriber with our tiered subscription packages to support our publication. Your support will help us continue providing valuable insights to assist you in making operational decisions