Tag

spying

Browsing

Potent essay in favor of strong encryption even though the US intelligence apparatus would like Americans to believe terrorists use it to hide their communications from law enforcement (demonstrably false in certain circumstances, such as Paris):

People who protect liberty have to take care not to imply, much less acknowledge, that the draconian anti-liberty measures advocated by the surveillance state crowd are justified, tactically or morally, no matter what the circumstances. Someday a terrorist will be known to have used strong encryption, and the right response will be: “Yes, they did, and we still have to protect strong encryption, because weakening it will make things worse.”

Why? Because encryption is actually a straightforward matter, no matter how much fear-mongering law enforcement officials and craven, willfully ignorant politicians spout about the need for a backdoor into protected communications. The choice is genuinely binary, according to an assortment of experts in the field. You can’t tamper this way with strong encryption without making us all less secure, because the bad guys will exploit the vulnerabilities you introduce in the process. This isn’t about security versus privacy; as experts have explained again and again, it’s about security versus security.

Moreover, as current and former law enforcement officials lead a PR parade for the surveillance-industrial complex, pushing again for pervasive surveillance, they ignore not just the practical problems with a “collect it all” regime — it drowns the spies in too much information to vet properly — but also the fundamental violation of liberty that it represents. These powers are always abused, and a society under surveillance all the time is a deadened one, as history amply shows.

Of course we need some surveillance, but in targeted ways. We want government to spy on enemies and criminal suspects, but with the checks and balances of specific judicial approval, not rubber stamps for collect-it-all by courts and Congress. The government already has lots of intrusive tools at its disposal when it wants to know what specific people are doing. But our Constitution has never given the government carte blanche to know everything or force people to testify against themselves, among other limits it establishes on power.

The US government seemingly has a penchant for being unable to keep its own data safe, so why should the American people trust it with a backdoor into yours? (emphasis added)

The U.S. intelligence apparatus still wants a key to your private data. Specifically, it wants “backdoor,” or “exceptional,” access to encrypted data when a court order is obtained for it. Last week, the nation’s intelligence heads—FBI Director James Comey, CIA Director John Brennan, Director of National Intelligence James Clapper, National Security Agency Director Michael Rogers, and Defense Intelligence Agency Director Vincent Stewart—went before the House Intelligence Committee to lay out the threats and make their asks. After raising the specter of crippling large-scale cyberattacks, Clapper said the more pressing concern was persistent, ongoing small attacks, or as Foreign Policy put it, “Get Ready for Everything to Be Hacked All the Time.” To fight these attacks, Clapper wants streamlined access to the private accounts of Americans—an idea that is unnecessary at best and counterproductive at worst. And the intelligence leaders’ bad ideas didn’t end there

While the increasing regularity of both computing and security breaches makes Clapper’s concerns very real, the approach the intelligence agencies want to take is sorely inadequate. While they spent a long time discussing deterrence and surveillance, Clapper et al. practically ignored the most crucial and central aspect of fighting cyberattacks: security. In light of the recent, catastrophic Office of Personnel Management data breach, which compromised the sensitive personal data of more than 20 million people, Clapper’s sense of priorities, as evidenced by his refusal to call the OPM breach an “attack,” is clearly warped. (“There was no destruction of data or manipulation of data,” he said. “It was simply stolen.”) If sensitive information is a house, then the government wants surveillance cameras everywhere and stiff sentences for thieves, yet can’t be bothered to lock the door.

Instead, Clapper and Comey stressed the need for greater deterrence of cyberattacks: not securing systems, but creating incentives against hacking. Regarding the OPM breach, Clapper said, “Until such time as we do create both the substance and the mindset of deterrence, this sort of thing is going to continue.” There are two things wrong with this statement. First, it’s not easy to attribute these attacks to their perpetrators. Even if the U.S. government is convinced that the OPM attacks originated from China, it likely hasn’t figured out whether they were state-sponsored. The government’s attribution of last year’s Sony Pictures hack to North Korea remains dubious and inconclusive, as I pointed out shortly before everyone forgot about it. In the absence of reliable attribution, deterrence is impossible, because the actor will always have plausible deniability.

According to Director of National Security Agency, Admiral Mike Rogers believes the cyber security danger is continuing to grow and will only get worse before we start to see things begin to subside:

“Our nation is being challenged as never before to defend its interests and values in cyberspace,” Adm. Rogers said in a report made public this week. “Adversaries increasingly seek to magnify their impact and extend their reach through cyber exploitation, disruption and destruction.”

The four-star admiral is intent on moving quickly “to build our military capabilities” as the key element of “the nation’s war fighting arm in cyberspace,” according to the report, “Beyond the Build: Delivering Outcomes through Cyberspace.”

The Fort Meade, Maryland-based command, co-located with the National Security Agency that Adm. Rogers also directs, is integrating cyberwarfare capabilities into other war-fighting commands for use “when significant cyber attacks against the nation require DoD support,” Adm. Rogers stated in an introduction to the report.

The report says the United States is losing its technology edge to adversaries and competitors in cyberspace. Defense Secretary Ashton Carter confirmed the problem in a speech in St. Louis Wednesday.

“Nations like Russia and China are modernizing their militaries to try to close the technology gap and erode our superiority in every domain — air, land, sea, space and cyberspace,” Mr. Carter said in a speech. “And at the same time, our reliance on things like satellites and the Internet has led to real vulnerabilities that our adversaries are eager to exploit.”

Are we really supposed to believe the US is falling behind technologically? Surely this is propaganda designed to scare Congress into increasing NSA and USCC budgets?

Federal District Court Judge Richard Leon urged lawyers to move forward with their suit against the NSA:

During an hourlong hearing in U.S. District Court in Washington, Judge Richard Leon repeatedly urged the conservative lawyer who brought the suit to take steps to allow the case to move forward quickly by asking a federal appeals court to formally relinquish control over an appeal in the case.

Leon noted that the so-called bulk collection program is set to shut down on November 29 as part of a transition to a new system where queries will be sent to telephone companies rather than to a central database stored at the NSA.

“The clock is running and there isn’t much time between now and November 29,” Leon told conservative gadfly Larry Klayman. “This court believes there are millions and millions of Americans whose constitutional rights have been and are being violated, but the window…for action is very small….It’s time to move.”

Leon also told Justice Department lawyers that he was intent on moving the case forward and would not countenance any stalling aimed at preventing him from acting in the case before the program, aimed at aiding terrorism investigations, ends.

The ACLU has asked a US appeals court to halt the NSA from continuing to collect millions of Americans’ phone records prior to its expiration in November:

Under the USA Freedom Act, which Congress passed in June, new privacy provisions take effect on Nov. 29 that will end the bulk collection, first disclosed by former NSA contractor Edward Snowden in 2013.

The program collects “metadata” such as the number dialed and the duration of calls but does not include their content.

Arguments on Wednesday centered on whether the program may continue operating between now and November.

Henry Whitaker, a lawyer for the Obama administration, told the three-judge panel that Congress clearly intended the collection to continue while the NSA transitions to the new system.

But Alex Abdo, an ACLU lawyer, said the statute explicitly extended the same Patriot Act provisions that the court concluded do not permit bulk collection.

The judges expressed concern that, as Circuit Judge Robert Sack put it, halting the program would “short-circuit” a process already under way.

Saying the ACLU had won a “historic achievement,” Sack asked, “Why don’t you declare victory and withdraw?”

Abdo said the ongoing collection harmed the ACLU’s ability to confer with clients, such as whistleblowers, without worrying about whether the communications would be swept up by the NSA.

An appeals court ruling on NSA bulk data collection rested on an unresolved technicality rather than focusing on the constitutionality of the surveillance aspect of NSA activity. Ultimately what the court ended up saying is they are unable to rule on the bulk collection because there is no way to determine if the plaintiff’s data was collected (emphasis added):

The decision did not declare the NSA’s program, which was revealed by whistleblower Edward Snowden in 2013, to have been legal or constitutional. Rather, it focused on a technicality: a majority opinion that the plaintiffs in the case could not actually prove that the metadata program swept up their own phone records. Therefore, the plaintiffs, the court declared, did not have standing to sue.

“Plaintiffs claim to suffer injury from government collection of records from their telecommunications provider relating to their calls. But plaintiffs are subscribers of Verizon Wireless, not of Verizon Business Network Services, Inc. — the sole provider that the government has acknowledged targeting for bulk collection,” wrote Judge Stephen F. Williams.

“Today’s ruling is merely a procedural decision,” said Alexander Abdo, the American Civil Liberties Union attorney who argued against the program at the U.S. District Court. “Only one appeals court has weighed in on the merits of the program, and it ruled the government’s collection of Americans’ call records was not only unlawful but ‘unprecedented and unwarranted.’”

Despite Friday’s decision, the bulk collection program will end later this year in accordance with the USA Freedom Act, passed by Congress in June.

The NSA previously argued that its massive collection of telephony metadata was legal because the records met the legal standard of being “relevant to an authorized investigation.”

In the May decision, Judge Gerald E. Lynch described the government’s interpretation of the word “relevant” as “extremely generous” and “unprecedented and unwarranted,” saying that the program had serious constitutional concerns and was ultimately illegal. However, the court did not order the program’s closure, because Congress was due to debate the USA Freedom Act within a month’s time.

Much of the NSA’s ability to conduct internet surveillance has relied on AT&T being willing to assist the clandestine agency conduct these operations:

While it has been long known that American telecommunications companies worked closely with the spy agency, newly disclosed N.S.A. documents show that the relationship with AT&T has been considered unique and especially productive. One document described it as “highly collaborative,” while another lauded the company’s “extreme willingness to help.”

AT&T’s cooperation has involved a broad range of classified activities, according to the documents, which date from 2003 to 2013. AT&T has given the N.S.A. access, through several methods covered under different legal rules, to billions of emails as they have flowed across its domestic networks. It provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the United Nations headquarters, a customer of AT&T.

This really should come as no surprise. In 2006, Mark Klein, an AT&T technician, blew the whistle on the company’s involvement with the NSA in internet spying.

Fairview is one of its oldest programs. It began in 1985, the year after antitrust regulators broke up the Ma Bell telephone monopoly and its long-distance division became AT&T Communications. An analysis of the Fairview documents by The Times and ProPublica reveals a constellation of evidence that points to AT&T as that program’s partner. Several former intelligence officials confirmed that finding.

A Fairview fiber-optic cable, damaged in the 2011 earthquake in Japan, was repaired on the same date as a Japanese-American cable operated by AT&T. Fairview documents use technical jargon specific to AT&T. And in 2012, the Fairview program carried out the court order for surveillance on the Internet line, which AT&T provides, serving the United Nations headquarters. (N.S.A. spying on United Nations diplomats has previously been reported, but not the court order or AT&T’s involvement. In October 2013, the United States told the United Nations that it would not monitor its communications.)

The documents also show that another program, code-named Stormbrew, has included Verizon and the former MCI, which Verizon purchased in 2006. One describes a Stormbrew cable landing that is identifiable as one that Verizon operates. Another names a contact person whose LinkedIn profile says he is a longtime Verizon employee with a top-secret clearance.

After the terrorist attacks of Sept. 11, 2001, AT&T and MCI were instrumental in the Bush administration’s warrantless wiretapping programs, according to a draft report by the N.S.A.’s inspector general. The report, disclosed by Mr. Snowden and previously published by The Guardian, does not identify the companies by name but describes their market share in numbers that correspond to those two businesses, according to Federal Communications Commission reports.

The entire article is a fascinating, enlightening, yet not at all surprising read.

This is a fascinating story about the life of a reporter who was able to unmask British eavesdropping spies and in turn was the first journalist to ever write about the NSA ECHELON program:

Newsham explained that ECHELON was an automated computer-driven system for sifting and sorting all types of international civilian communications intercepted from satellites — mainly operated by U.S. companies.

The scale of the operation she described took my breath away (this was 1988, remember). The NSA and its partners had arranged for everything we communicated to be grabbed and potentially analyzed. ECHELON was at the heart of a massive, billion-dollar expansion of global electronic surveillance for the 21st century, she explained. She feared the scale of automated surveillance. “Its immensity almost defies comprehension. … It is important for the truth to come out,” she said. “I don’t believe we should put up with being controlled by Big Brother.”

While sitting inside Building 36D at Menwith Hill Station, Newsham had been invited to listen on headphones to a live call from inside the U.S. Senate. She recognized the voice of Republican Sen. Strom Thurmond, and immediately realized the NSA had gone off track. “Constitutional laws had been broken,” she told me.

She explained how she had provided evidence to the House Permanent Select Committee on Intelligence. Investigators told her they had issued subpoenas, and had asked to see plans for ECHELON. But nothing had happened.

She handed me some of the plans for ECHELON. In technical jargon, one described a basic tool kit for surveillance — the “commonality of automated data processing equipment (ADPE) in the ECHELON system.” Others described the ECHELON “Dictionary” database, the heart of the system holding target groups of keywords. “Dictionary” ran on networks of mini-computers. Newsham had managed these networks. Some plans listed equipment she had helped deploy for a secret project code-named “CARBOY II.” She did not know where CARBOY was.

In less than eighteen months since Der Spiegel and Jacob Appelbaum published leaked pages of the National Security Agency’s ANT catalog used by their Tailored Access Operations (TAO) division, the NSA Playset project is now able to replicate many capabilities of TAO’s toolbox for the purpose of conducting research on how the same approaches might be used by other adversaries:

Many of the software components of the 50-page ANT catalog were things that had already been developed by security researchers. Some of the discovered capabilities appeared to stem from off-the-shelf hardware (or its equivalent) and software similar to existing tools; they were simply combined in a package suitable for spy work. But other pieces of hardware in the NSA’s catalog appeared to have no openly available equivalent—such as wireless bugs planted in computer cables or connectors. Some of those bugs were radio “retro-reflectors,” wiretaps that only broadcast data when hit by a directed radio signal. (It’s similar in concept to “The Thing”—the infamous bug Soviet spies planted inside the US Embassy in Moscow.)

“We had suspected that these capabilities existed,” Ossmann told Ars. “But there hadn’t been any open research done on them.” So just over a year ago, Ossmann and others kicked off the project to create “a series of dead simple, easy to use tools to enable the next generation of security researchers,” as the project’s Wiki page describes it. So far, they’ve been able to produce capabilities like those in the ANT catalog at a fraction of what the NSA spent to develop them.

“I wanted to talk about how we can build these tools—the same tools nation states use—in an open community, at least to serve as demo of threats people haven’t considered before,” Ossmann said at Black Hat. “I focused on the hardware tools in the catalog to get some ideas of how we can build these things. But I didn’t originally think I would go ahead and build any of them.”

After doing a talk with Dean Pierce (who Ossmann said originally coined the term “NSA Playset”) about the ANT catalog in July 2015 at Toorcamp, Ossmann’s thinking on the project evolved. Pierce and a number of other contributors soon signed on to make contributions to the NSA Playset, adding a few projects started before the Playset was conceived. In total, Ossmann and the other collaborators have now created 15 tools that, in theory, just about anyone could use.

Sounds like this might be a fun, rainy day project to play around with to see exactly how these tools operate.

China’s “Dancing Panda” cyber operation spied on the Obama administration by breaching employee use of commercial email providers primarily for personal uses but also to harvest potentially small pieces of information to be used to construct a much larger picture:

It emerged last week that the FBI has begun investigating the security of Mrs Clinton’s private email set up, in a bid to establish whether the account could have been compromised.

Neither the 2014 NSA briefing, nor the intelligence official has revealed the names and ranks of the people whose accounts were hacked.

But in the last five years, the email espionage operation has attacked and taken information from over 600 American official targets.

The operation was first Dancing Panda by US officials. The name was later changed to Legion Amethyst.

The Chinese also harvested the email address books of the officials, according to the NSA document, and used them to spread the malware that allowed them to conduct their spying operation.

Google was one, but not the only, provider affected by the attack the officials said.

Most people do not realize how dangerous it is for their personal email to be breached by nation state actors. The average, every day user generally does not have anything to be concerned with except for the potential financial losses they could incur. However, imagine a government official and how they use personal email.

If a government official is to travel to a foreign country for business purposes, the entire planning is done through government channels. However, this same person may also send email to friends and family, informing them of their overseas travel. They may email local friends at their destination to setup meetings, discuss their flight arrangements, lodging, and more.

All this data may seem small, but it could help nation state actors piece together a much larger picture. This person could be traveling overseas for a government-to-government meeting, and all the aggregate of this information may help the attackers better understand what potential attack possibilities they could leverage during the event.

Cyber security is a difficult and challenging problem even for security professionals. Imagine how the average user thinks about these things – likely, they rarely, if ever, consider the unintended consequences of their actions or sending that email to a loved one.

It always pays to be vigilant in cyber space, no matter how comfortable you are with the site, no matter how mainstream and popular. This technique is nothing new, but the targets are becoming more aware of the operation and are now warning others that foreign spies are using LinkedIn to “befriend” British civil servants with the goal of extracting secrets from them:

In the elaborate scam – that wouldn’t be out of place in a James Bond novel – enemy spies are using bogus accounts on the website, described as like Facebook but for business professionals, to try and ‘find, connect with, cultivate and recruit’ current and former Government employees.

Instead of a trusting civil servant connecting with a potential business partner, they are unwittingly tricked by a foreign agent into exposing a treasure trove of personal details, including pictures, phone numbers, email addresses and information about their work in Whitehall.

Security experts have said that even current members of Britain’s spy agencies – MI5, MI6 and GCHQ – have put potentially risky information in LinkedIn profiles.

Others on the website work, or were previously employed, in departments which deal with highly-sensitive intelligence such as the Foreign Office, Home Office or Ministry of Defence.

Now spy chiefs have launched a crackdown to minimise the threat of enemy agents coaxing out secrets.

In a document sent by email on July 24, MI5 announced a ‘Security Service Espionage Alert’. Containing the MI5 logo, the missive identifies a string of ‘key points’.

Teaching the masses to have good operational security – aka OPSEC – is a tough job. It is far to easy for single individuals to discuss small pieces of a much larger puzzle without realizing they are being played. Then the actors take these small, bite sized tidbits of information, and piece them together to develop the narrative.

It is a difficult task but since social engineering is relatively easy and inexpensive, it is a technique malicious actors like employing because the risk is so low.

Bottom line: be vigilant.

Although one of its closest allies, Japan is not immune to being spied on by the United States. The Abe government’s posturing following Wikileaks recent release of documents stipulating the US is spying on Japan as “deeply regrettable” rings pretty hollow (emphasis added):

“We have strongly requested intelligence director Clapper confirm the facts,” Suga said, referring to James Clapper, National Intelligence director.

Claims that Washington spied on Japanese trade officials, among others, came just as delegates negotiating a vast free-trade agreement known as the Trans-Pacific Partnership failed to reach a final deal after several days of intense talks in Hawaii.

The US and Japan are the two biggest economies in the 12-nation negotiations, but they have sparred over key issues including auto sector access and opening up Japan’s protected agricultural markets.

‘Intimate knowledge’

WikiLeaks said the US intercepts showed “intimate knowledge of internal Japanese deliberations” on trade issues, nuclear policy, and Japan’s diplomatic relations with the US.

“The reports demonstrate the depth of US surveillance of the Japanese government, indicating that intelligence was gathered and processed from numerous Japanese government ministries and offices,” it said.

Shinzo Abe, Japan’s prime minister, did not appear to be a direct target of phone tapping but senior politicians were.

Yoichi Miyazawa, Japan’s trade minister; Haruhiko Kuroda, Bank of Japan governor; and officials of Mitsubishi company were in the sights of US intelligence, WikiLeaks said.

This is the type of spying I would expect every world government to conduct. The usefulness of this type of data gives negotiating advantages for the countries with good intelligence, so this really should come as no surprise. If a large economic power like Japan has not engaged in this behavior then I will be very surprised.

In a move that comes as no surprise to anyone who has been following this story since it broke about two years ago, the White House has said it does not intend to support a pardon for Edward Snowden (emphasis added):

On Tuesday, White House officials finally responded publicly to a long-running petition to pardon Snowden for his theft of classified documents from the NSA. The answer was an unequivocal “No”, and the administration’s homeland security and counterterrorism advisor said Snowden’s actions have threatened the security of the United States. The White House’s response said that while there is a legitimate need for intelligence reform, Snowden went about it the wrong way.

“Instead of constructively addressing these issues, Mr. Snowden’s dangerous decision to steal and disclose classified information had severe consequences for the security of our country and the people who work day in and day out to protect it,” Lisa Monaco, homeland security and counterterrorism adviser to President Obama, wrote in a response to the petition.

“If he felt his actions were consistent with civil disobedience, then he should do what those who have taken issue with their own government do: Challenge it, speak out, engage in a constructive act of protest, and — importantly — accept the consequences of his actions. He should come home to the United States, and be judged by a jury of his peers — not hide behind the cover of an authoritarian regime. Right now, he’s running away from the consequences of his actions.”

I love how the White House claims Snowden would even be given an opportunity to engage in any constructive act of protest in the United States. He has already accepted the consequences of his actions by living abroad, unable to return home, and essentially acting as the martyr for this cause. What exactly would the White House have him do? It’s not like if he were to go on trial he could even bring up these reasons as part of his defense, as that is expressly forbidden in a trial for treason.

As a result of the recent OPM breach, the CIA is considering preventing a large number of its American spies from working overseas ever again because of the potential danger they face (emphasis added):

The C.I.A. and other agencies with undercover officers would be cautious about immediately withdrawing spies from China because that would raise suspicions among Chinese counterintelligence operatives. A C.I.A. spokesman declined to comment.

The C.I.A. and other agencies typically post their spies in American embassies, where the officers pose as diplomats working on political affairs, agricultural policy or other issues. The American Embassy in Beijing has long housed one of the largest C.I.A. stations in the world, with intelligence officers gathering information on China’s political maneuvering, economic development and military modernization.

Several current and former officials said that even if the identities of the agency officers were not in the personnel office’s database, Chinese intelligence operatives could run searches through the database on everyone granted visas to work at American diplomatic outposts in China. If any of the names are not found in the stolen files, those individuals could be suspected as spies by a process of elimination.

The director of the National Security Agency, Adm. Michael S. Rogers, alluded to that problem Thursday night during an interview at the Aspen Security Forum in Colorado.

“From an intelligence perspective, it gives you great insight potentially used for counterintelligence purposes,” Admiral Rogers said. “If I’m interested in trying to identify U.S. persons who may be in my country — and I am trying to figure out why they are there: Are they just tourists? Are they there for some other alternative purpose? — there are interesting insights from the data you take from O.P.M.”

As I keep saying, the OPM breach is one of the worst in the history of the US government and will have unintended consequences for years to come.

The CEO of Italian internet surveillance firm Hacking Team believes the attack was perpetrated by a foreign government because the actors used a high level of sophistication (hint: it wasn’t all that special) (emphasis added):

“Given its complexity, I think that the attack must have been carried out at a government level, or by someone who has huge funds at their disposal,” David Vincenzetti, the CEO of Hacking Team, told Sunday’s La Stampa newspaper.

He did not speculate on who it might have been.

The company has advised clients to halt their use of its programs until they can upgrade the compromised software, but warned that all computer systems might now be vulnerable.

“Hacking Team’s investigation has determined that sufficient code was released to permit anyone to deploy the software against any target of their choice,” the company said in a statement on its Internet site.

“Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so.”

The same site still prominently promotes its now exposed products: “Total control over your targets. Log everything you need. Always. Anywhere they are,” it says.

The leaked emails show that the Hacking Team worked with numerous state institutions in an array of countries, including Italy, the United States and Australia.

It also had dealings with countries criticized for their human rights records, such as Libya, Egypt, Ethiopia, Kazakhstan, Morocco, Nigeria, Saudi Arabia and Sudan.

I would not discount a foreign government being behind the attack but I would likely place my bets on hacktivists who are unhappy with Hacking Team’s politics, business, and clientele.