The evidence is here:
Cyber-attacks from Thai Homeland Security (www.cdpm3.com)
The Thai equivalent of our DHS didn't exist until 2004, and got a tremendous boost on January 1, 2007.
Their domain registration helps document their history:
Domain Name: CDPM3.COM
Registrar: TUCOWS INC.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Name Server: MYNA.CAT.NET.TH
Name Server: TEAL.CAT.NET.TH
Updated Date: 11-dec-2007
Creation Date: 08-dec-2004
Expiration Date: 08-dec-2008
I wasn't able to connect the dots until today when I witnessed a series of attacks against a server which hosts stories of genocide in Myanmar, and amphetamine distribution in Thailand produced under the direct protection of the military junta. Our own DEA has documented this drug trade (in addition to vast opium exports), and I have also found some translations of first hand accounts from Thailand.
The "Friendship Bridge" is important for a number of reasons. It is a conduit for illicit cargo. Some of the cargo is human. These are the victims of an oligarchy that has manipulated both nations for the past decade, an oligarchy that will use the disaster today to accomplish a goal they have long sought. And the oligarchy has fought on every front, including the frontiers of cyberspace.
Spam, phishing, and cyber-attacks of every type seem to be the full time occupation of most servers with asian addresses - but it is at least odd to find "hacking tools" on the server of a nation's Homeland Security Department. And here are some more details from Bangkok:
Department of Disaster Prevention and Mitigation
3/12 Utongnok Road
Dusit, Bangkok 10300
Domain name: CDPM3.COM
3/12 Utongnok Road
Dusit, Bangkok 10300
Registration Service Provider:
Netway Communication Co., Ltd.,
Registrar of Record: TUCOWS, INC.
Record last updated on 11-Dec-2007.
Record expires on 08-Dec-2008.
Record created on 08-Dec-2004.
Domain servers in listed order:
cdpm3.com IN SOA myna.cat.net.th
cdpm3.com IN NS myna.cat.net.th
cdpm3.com IN A 18.104.22.168
10.100.19.61.in-addr.arpa IN PTR www.cdpm1.com
The incriminating URL, where evidence exists right now:
You won't want to enter it with a "?" at the end, or the command in the text file may be launched. That's how it is used by hackers at remote locations, such as the folks at IP 22.214.171.124
And here is an example that I witnessed in real time, and blocked via htaccess:
Date: May 10 08:20:20 (Eastern Standard Time)
The hackers have named their server:
1976 was the last year that Air America would fly, thanks to the investigations led by Frank Church.
Wikipedia has some good background for the current intrigue. Please read:
Air America was an American passenger and cargo airline covertly owned and operated by the Central Intelligence Agency (CIA) from 1950 to 1976. It supplied and supported covert operations in Southeast Asia during the Second Indochina War. Air America
2 important figures are Vang Pao and Eli Popovich. The role Popovich played has been kept secret until recently. The accounts by Alfred W. McCoy are authoritative. The "historian" Leary, of the Univerisity of Georgia, remained in the pocket of the CIA, and thus was spared the threats to his life that McCoy endured.
You won't easily find out who is really operating the server on North Tucker Road in St. Louis, MO where the subdomain
is hosted.Try the abuse contact at
if you want to waste your time. It is a subdomain delegated from 126.96.36.199, hosted in Germany by "PlusServer" at intergenia.de
Role of Burma (Myanmar) and Thailand in the economy of South Asia
keywords and notes:
"Alfred McCoy" opium, burma, namebase, "golden triangle", warlords, afghanistan, WA Amphetamine empire, engagement with unocal
When I originally published "New Years Bombing in Bangkok" from wire stories and tourist reports on New Year 2007, I couldn't figure out why it was so popular. Now I am beginning to understand.
The great game continues in Myanmar (world's top opium producer in 1999), but I have not yet had breakfast. Enter the keywords above into google, and you'll have the background for my story.
Links and updates may be found at: