The Schrems II judgment in mid-July was a bombshell for companies that transfer data between Europe and the United States, effectively invalidating many (if not all) of these agreements. The effect of the decision ripples out to the rest of the world as well, as it also forces U.S. companies to evaluate the security adequacy of any third-party vendors in other countries who handle this data. Much-needed European Data Protection Board (EDPB) guidance began to emerge late last week in the form of a frequently asked questions document, and the picture looks about as grim as possible for impacted companies thus far.

Perhaps the single biggest key takeaway from this early EDPB guidance is that a transitional grace period, something requested by numerous US companies and that had precedent in the 2015 strikedown of the prior Safe Harbor data agreement, will not be forthcoming. Organizations will be forced to adapt to this new reality immediately. Standard contractual clauses (SCC) will remain a potentially viable tool, but in many cases will be subject to an assessment before they can continue. The new EDPB guidance also clarified that Binding Corporate Rules (BCRs) will be treated in the same manner as SCCs under the Schrems II terms.

After the Schrems II decision came down, a number of American companies called for a grace period to negotiate the substantial logistical difficulties of getting their data flows into compliance. A similar grace period (of about three months) had been granted in 2015 when the original Schrems v. Data Protection Authority case was decided. There will be no such arrangement under the new EDPB guidance. The Privacy Shield agreement is already null and void and companies are technically no longer protected by it, though it remains unclear as to when enforcement actions will actually begin.

The Schrems II ruling leaves SCCs and BCRs intact, but requires that each business partner in the United States (and any third-party vendors in other countries that those companies might have relationships with) have standards of data security and privacy that are at an essentially equivalent level of the terms of the EU General Data Protection Regulation (GDPR). The central problem here is that the court invalidated Privacy Shield primarily on the basis of reports of U.S. government spying on international data transfers, stemming initially from the Edward Snowden revelations in 2013. What this means is that each data partner in the U.S. now bears the legal burden of demonstrating that the countrys government does not have a level of access to this data that would violate the GDPR. And if the U.S. partner uses third-party vendors, their national governments must in turn be shown to not have the same sort of access a requirement that could put an end to having data transferred to countries such as China and Russia.

It is still possible to express this level of data security via an SCC or BCR in accordance with the Schrems II ruling, but it will be difficult. The new EDPB guidance establishes that these agreements will be subject to an assessment. If a U.S. data partner does not believe that they can meet the new standards, or if they report to a data protection authority (DPA) for an assessment and fail it, they are required to stop transferring all data immediately.

One of the other areas of immediate interest for US organizations is the potential use of the GDPRs Article 49 derogations for exceptions in cases where explicit consent to transfer personal data has been granted by the end user. The current EDPB guidance indicates that these derogations can still be used, but depend heavily on the circumstances of the transfer and require a restrictive interpretation so that exceptions do not become the new default means of getting things done. Necessary fulfilment of legally binding contracts appears to be the clearest circumstance to which this applies in the context of the Schrems II decision.

The current EDPB guidance is essentially just the first draft of what is considered a living document; further, more detailed guidance on the transfer of personal data is forthcoming.

One of the key indications in the EDPB guidance is that supplementary measures are being developed that may shore up existing SCCs once implemented, but these have not been described in detail as of yet.

Much-needed EDPB guidance on the #PrivacyShield judgment has been released and the picture looks about as grim as possible for impacted companies thus far. #GDPR #respectdata Click to Tweet

So what can organizations do in the face of a seemingly impossible situation that goes into effect immediately? Bridget Treacy and David Dumont, Data Privacy Partners at Hunton Andrews Kurth in London and Brussels respectively said: As matters stand, it is by no means clear how affected businesses can navigate these challenges, yet they cannot stand back and do nothing. A risk based approach will be required Based on the FAQs, the EDPB does not seem to consider that transfers to the U.S. are no longer possible. That said, data exporters and importers will need to carry out a difficult, case-by-case transfer risk assessment This ruling is likely to encourage data localization, with some already calling for EU data to be processed in the EU. There is also a possibility that the legal framework in certain countries will be regarded as too risky to accommodate EU personal data, with potentially serious repercussions for global commerce.

Ultimately, all of this runs through the DPA of the country (or countries) in question. Some of the DPAs are unofficially indicating that they will not launch immediately into scrutiny of existing transfer mechanisms and enforcement, granting something of an unspecified grace period in their territories. And some, such as Irelands DPA, were already so backlogged with cases prior to the unexpected Schrems II decision that it seems unlikely they will be able to pivot to prioritizing enforcement anytime soon.

More:
EDPB Guidance Emerges in the Aftermath of the Schrems II Case - CPO Magazine

The upcoming release of Christopher Nolan's Tenet, complete with as much secrecy, intrigue, and surprise as its plot must contain, as well as an impendingJames Bondfilm, inspired this pulse-taking of the contemporary spy genre. Unsurprisingly, there is as much talent, originality, and reason for revisiting as there was in Hitchcock's 60s and MacGyver's 80s.

RELATED: The 15 Best Spy & Secret Agent Movies Of All Time (According to IMDb)

A credit to the spy genre is its range, as represented below. Fans of movie agents equally appreciate, equally expect even, a sharp-tongued cocktail lounge interrogation and a mountainside helicopter leap to be within the bounds of possibility for their backed protagonists.

Haywire presents a banal spy story via a talent frenzy. Director Steven Soderbergh, of recently re-enthused Contagionfame, is the strong director of English talentsEwan McGregor and Michael Fassbender, the latter of who would go on to be nominated for an Oscar two years later.

At the films core is Gina Caranos Mallory Kane. She is as energetic and assured as her accomplished counterparts. Youve seen her since in Disney+sThe Mandalorian.

While there has been espionage since the days of Julius Caesar and up through the life of Edward Snowden, modern espionage fiction has pooled around the Cold War; and there is no Cold War spy storyteller more renowned than John le Carr. Film adaptations of his novels, which feature recurring characters, have been just as popular for decades.

Thus was the excitement whenle Carr (via source material) was linked with another of England's most exceptional talents, Gary Oldman. He dominates a powerhouse cast and handles a complex narrative all with his textbook carefree impact.

After one of the moreconcisetrilogies of all time, based on Robert Ludlum's novels and brought to life by Matt Damon's titular performances, drew to a close, rising Avenger Jeremy Renner stepped into the intimidating picture. As an agent affected by Jason Bourne's ripple effects, he brings just as much tenacity.

RELATED: 10 Reasons To Be Excited For Christopher Nolan's Tenet

The Bourne seriesworks the aforementioned spy-genre rangebetter than most. It is at once cerebral and rewatchable while rarely letting up the action.

Novelist Tom Clancy's Jack Ryan is among the most famous fictional spies in popularculture. He has beenbrought to life by Harrison Ford, Alec Baldwin, and most recently John Krasinski for Amazon Prime.

For this one-off installment, directed by Shakespeare aficionado and Tenet actor Kenneth Branagh, the multifaceted Chris Pine brought his A-game. His hometown charm makesevery high-octane moment seem more daring, while his beefy build makes his surviving always more believable.

Over the past decade or so, the MCU has popularized a particular blend of action and comedy which is ripe for utilization in the non-superhero action world. Matthew Vaughn's Kingsman, with itscast of fan favorites (Colin Firth, Michael Caine, Taron Egerton) completing kick-ass choreography, is a perfect example.

A 2020 prequelis scheduled to make this fantastic series into a proper trilogy, but there is undoubtedly potential for far more. After all, the "Millarworld" is the type where any type of expansion is possible.

There is no cinema list focused on the 2010s that would be complete without an A24 submission. For untested director Kyle Newman, the white-hot (even in 2015) indie studio was able to rile Sophie Turner, Samuel L. Jackson, and Jessica Alba.

RELATED: 10 Greatest A24 Movies (According to IMDb)

The real star of Barely Lethal, however, is Hailee Steinfeld. Oscar-nominated as a teenager for her performance in True Grit, she is apparently in line to take on a certain Avenger's costume.

A fascinating sub-era of recent film has been the slew of quieter, more introspective masterworks from big-name directors famous for larger-than-life spectacles. Critics andThe Academy alike were warm to Quentin Tarantino's Once Upon a Time in Hollywood, Scorsese's The Irishman, and Steven Spielberg's Bridge of Spies.

The latter brings the same high stakes as Spielberg espionage entries such as Munich and Minority Report, but strips away much of the action, leaving only an emotional husk filled by virtuoso performances by Tom Hanks and Mark Rylance.

In 1962, Dr. No brought Ian Fleming's novel protagonist James Bond to the big screen, launching a tradition that is celebrated riotously to this day. Within a few years, television was flooded with half a dozen spy-themed thrillers, including The Man From U.N.C.L.E., which debuted in 1964.

RELATED: The 10 Best James Bond Movies (According To Metacritic)

Having been less adapted than the Bond brand only provides more opportunity for inventiveness in this 2015 reboot. Director Guy Ritchie is in action-packed full form and Armie Hammer and Henry Cavill are as sleek as a duo of believable tough guys as could be imagined.

Since her outrageous, Oscar-nominatedturn in Bridesmaids, Melissa McCarthy has starred in a blockbuster-caliber comedy romp just about every year. Among those, Spy is the best.

McCarthy andfellow Bridesmaid Rose Byrne are an endlessly entertaining expectation-subverting duo. Byrne poses as too posh to be hilarious, whereas McCarthy plays up the goofy before holding her own against straight-playing sleuths like Jude Law's Bradley Fine. As is always impossibly true,the laughs and plot intensity balance one another.

The Mission Impossible series is over twenty years and six films old. Star Tom Cruise is approaching sixty. Yet the franchise's most recent installment was so successful among critics and fans that it feels as if the only desire is for more. This is reportedly to be arranged over the next two years.

Fallout brings back numerous familiar allies to Tom Cruise's Ethan Hunt, as well as Henry Cavill's studly CIA adversary August Walker. Also returning, of course, will be the iconic score.

NEXT: Tom Clancy's Jack Ryan: 10 Best Episodes In The Series So Far, Ranked (According To IMDb)

Next Pixar: 10 Villains Who Deserved Harsher Consequences

Joe loves all things popular culture. A relatively new writer, he has published work on Odyssey, Thought Catalog, Total Frat Move (back in "those" days), and Against Professional Philosophy. He lives and parties in Los Angeles. His most recent obsession is dystopian noir films.

Read the original:
10 Best Spy Movies From The 2010s (That Aren't James Bond) - Screen Rant

Today is Saturday, Aug. 1, the 214th day of 2020. There are 152 days left in the year.

Todays Highlight in History:

On August 1, 1957, the United States and Canada announced they had agreed to create the North American Air Defense Command (NORAD).

On this date:

In 1714, Britains Queen Anne died at age 49; she was succeeded by George I.

In 1907, the U.S. Army Signal Corps established an aeronautical division, the forerunner of the U.S. Air Force.

In 1912, the U.S. Marine Corps first pilot, 1st Lt. Alfred A. Cunningham, went on his first solo flight as he took off in a Burgess/Curtis Hydroplane from Marblehead Harbor in Massachusetts.

In 1914, Germany declared war on Russia at the onset of World War I.

In 1936, the Olympics opened in Berlin with a ceremony presided over by Adolf Hitler.

In 1944, an uprising broke out in Warsaw, Poland, against Nazi occupation; the revolt lasted two months before collapsing.

In 1966, Charles Joseph Whitman, 25, went on an armed rampage at the University of Texas in Austin that killed 14 people, most of whom were shot by Whitman while he was perched in the clock tower of the main campus building. (Whitman, who had also slain his wife and mother hours earlier, was finally gunned down by police.)

In 1981, the rock music video channel MTV made its debut.

In 2001, Pro Bowl tackle Korey Stringer, 27, died of heat stroke, a day after collapsing at the Minnesota Vikings training camp on the hottest day of the year.

In 2007, the eight-lane Interstate 35W bridge, a major Minneapolis artery, collapsed into the Mississippi River during evening rush hour, killing 13 people.

In 2013, defying the United States, Russia granted Edward Snowden temporary asylum, allowing the National Security Agency leaker to slip out of the Moscow airport where he had been holed up for weeks.

In 2014, a medical examiner ruled that a New York City police officers chokehold caused the death of Eric Garner, whose videotaped arrest and final pleas of I cant breathe! had sparked outrage.

Ten years ago: The United States announced that it would provide Pakistan with $10 million in humanitarian assistance in the wake of deadly flooding. Lolita Lebron, a Puerto Rico independence activist whod spent 25 years in prison for participating in a gun attack on the U.S. Congress in 1954, died in San Juan at age 90.

Five years ago: Japans Imperial Household Agency released a digital version of Emperor Hirohitos radio address on Aug. 15, 1945, announcing his countrys surrender in World War II; the digital recording offered clearer audio, although Hirohito spoke in an arcane form of Japanese that many of his countrymen would have found difficult to comprehend.

One year ago: President Donald Trump intensified pressure on China to reach a trade deal by warning he would impose 10% tariffs on Sept. 1 on the remaining $300 billion in Chinese imports that he hadnt already taxed.

We are making critical coverage of the coronavirus available for free. Please consider subscribing so we can continue to bring you the latest news and information on this developing story.

We are making critical coverage of the coronavirus available for free. Please consider subscribing so we can continue to bring you the latest news and information on this developing story.

Read more:
Today in History | | clintonherald.com - Clinton Herald

International politics could be considered a game of coalition building. Whoever builds a stronger and broader coalition of partners can exert more influence. There were two coalitions after World War II; countries advocating the western ideology of capitalism led by the US and on the other side, countries advocating the ideology of Marxist communism led by the Soviet Union (USSR). Both the blocs engaged in the Cold War to acquire sole global influence, and scholars of international relations termed the second half of twentieth century as a time of great power politics. The British forward policy of the Great Game prevailed in containment while preventing the rise of new Asian powers.

The world is going through somewhat the same phenomena these days. Policymakers in Washington are conceding that strategic competition, generally referred to as great power realpolitik, is now once again a reality of international politics.

Post-World War II, USA-UK made an intelligence sharing group to exchange intelligence information apropos the Soviet Union (USSR). Canada joined it in 1948 and Australia and New Zealand became members in 1956. The alliance is known as the Five Eyes. It is the most powerful intelligence network of the globe. The former NSA contractor Edward Snowden described it as a Supra-national intelligence organisation that does not answer to the known laws of its own countries. It does not usually come under media scrutiny due to its secrecy.

In the new millennium, allied members reached a consensus over countering Chinese influence regionally and globally. An informal alliance with European countries including Denmark, France, Netherlands, Germany, Belgium, Italy, Sweden and Spain was formed. Since 2018, the Five Eyes expanded their cooperation with India the most, as a top US congressional committee sought to bring three Asian countries namely India, Japan and South Korea at par with the Five Eyes.

The alliances members are clashing on a range of fronts with Chinafrom the handling of the 5G technology to the coronavirus pandemic to Hong Kong and the global supply chainthere was a growing understanding within the Five Eyes that taking on China alone or one at a time would not work.

Signs of joint action emerged two years ago when Canada arrested Meng Wanzhou, chief financial officer of Chinese telecom giant Huawei Technologies, at the request of the US. Last year, the US placed trade restrictions on Huawei, blocking American companies from doing business with it, and has called for its allies to ban the Chinese firm from their 5G networks. Australia and New Zealand have already blocked the Chinese firm Huawei while Canada has yet to reveal where it stands.

The US blamed China for allowing the pathogen to spread beyond its borders, and Australian Prime Minister Scott Morrison led calls for an investigation into the origin of the coronavirus.

The US and Britain have denounced Beijings decision to enact national security legislation for Hong Kong, with Britain saying the alliance would share the burden if Hong-Kongers wanted to leave the city. Georgina Downer, principal of geopolitical and strategic advisory firm Tenjin Consulting, said there were clear signs of concerted action by the five members.

The major strategic shift has seen when government leaders, particularly Australian Prime Minister Scott Morrison confirmed reports that the alliance would be used for economic purposes as well as strategic. China is the largest manufacturer of the global supply chain (making and selling commercial goods) which gave weight to her voice globally. The Five Eye countries want to hit Chinas global supply chain. The idea is that, either they want to move this supply chain towards Five Eye countries or their trusted allies i.e. the aforementioned European countries, India, Japan, South Korea and so on. The recent move by the United States to link South and Central Asia known as C5+1 by bringing investment is orchestrated to counter Chinas dominance of the global supply chain.

By keeping in mind the theory of the Heartland as a pivot of the world, and the Rimland to control it, the western bloc again stepped forward into the battlefield with the containment strategy.

On the other hand, the Chinese-led coalition is based on a series of global investments. Powerful Muslim countries which once allied themselves with the US in the Cold War are now part of Chinese investment, including Iran, Turkey, and Pakistan. Russia is also a concrete ally of the Peoples Republic of China.

The massive investment of $400 billion by China, in USs arch rival country Iran, created a twist in the game. It paved the way for Beijing to flex its muscles in the Middle East. It can prove to be a tool for China to use against Washington. Elsewhere, Turkish alignment with Muslim nations in contemporary times, growing relations with China and Russia and excluding itself from US-led NATO explicitly indicates that it aligned itself in the Asian bloc.

Pakistan, an important player of geopolitics, is geographically located at the confluence of three strategic plates, one, the Pivot and two in the Rimland; the meeting point of Central, South and West Asia. This is a crucial component of the containment sphere as it paved the way for Washington to dismember USSR amid the cold war. The growing partnership and strategic relations between China and Pakistan in the form of CPEC can change the trajectory of all power politics and the contemporary containment policy.

Follow this link:
New global alliances - The Nation

Editors Note Substack is dealing with a bad bug that has interfered with our ability to bring on new paid subscribers for over a week. This is unfortunate, as it has undermined the launch of The Dissenter newsletter. Until Substack can fix this, all editions, including exclusive editions, will be sent to everyone.

To subscribe, visit https://dissenter.substack.com/subscribe

On July 30, 2013, United States Army whistleblower Chelsea Manning was convicted of violating the Espionage Act and various other offenses.

It was National Whistleblower Appreciation Day, and though she was not found guilty of aiding the enemy, the verdict in her trial crystallized a contradiction among the political establishment. Officials profess a commitment to whistleblowers except when they blow the whistle on abuse, fraud, or corruption that they have a vested interest in defending.

The resolution for this years National Whistleblower Appreciation Day, like prior resolutions, stipulates that the United States will encourage whistleblowing but only according to federal law and only if it protects classified information (including sources and methods of detection of classified information) and also only if the whistleblowing involves honest and good faith reporting of misconduct, fraud, misdemeanors, and other crimes to the appropriate authority at the earliest time possible.

With those disqualifiers, Manning, NSA whistleblower Edward Snowden, FBI whistleblower Terry Albury, NSA whistleblower Reality Winner, alleged drone whistleblower Daniel Hale, and a number of other whistleblowers in recent history are rendered criminals.

Both Albury and Winner pled guilty to violating the Espionage Act and were sentenced to federal prison, where they are at the mercy of the Bureau of Prisons (BOP) cold-hearted protocols during the COVID-19 pandemic.

Hale was charged with violating the Espionage Act, but the pandemic delayed his trial.

Snowden remains in Russia, where he has lived for around seven years under political asylum. He was charged with violating the Espionage Act and trapped in the country after the State Department revoked his passport. (The Justice Department is now criminalizing WikiLeaks founder Julian Assange and other WikiLeaks staff for engaging in source protection and helping Snowden travel from Hong Kong.)

Republican Senator Chuck Grassley and other U.S. senators, who support National Whistleblower Appreciation Day, do not view these whistleblowers as the whistleblowers they are. They did not blow the whistle the right way. They did not prioritize the interests of the national security state or military industrial-complex. That makes them insider threats, or worse, traitors.

There are whistleblowers from the Organization for the Prohibition of Chemical Weapons (OPCW), who have exposed lies and disinformation around the case for military strike against Syria. Unfortunately, neither Democrats nor Republicans care much for what they have exposed to the world.

Who is and is not a whistleblower has grown more partisan. Under President Donald Trump, Democrats have their whistleblowers, who Republicans refuse to recognize. Likewise, when Barack Obama was president, Republicans had their own individuals who they designated as whistleblowers, which Democrats treated as illegitimate (Larry Alt and Pete Forcelli, who exposed the Operation Fast and Furious scandal, are good examples).

Support for whistleblowers may always be fraught with contradictions and inconsistencies within institutions and among political elites. Yet, the global COVID-19 pandemic and its impact on low-income, working class, and middle class Americans has shown how crucial it is to protect whistleblowers.

Countless citizens have risked their careers and jobs during a time when unemployment has skyrocketed and millions have been stripped of their health insurance.

A slaughterhouse worker in Denver blew the whistle on unsafe working conditions. Medical center staff in California revealed that management kept them in the dark as COVID-19 spread among nurses.

Prison staff at Federal Medical Center Carswell in Fort Worth, Texas, complained in April that the BOP was knowingly misleading the public on the threat of COVID-19 to prisoners and staff. Months later, Carswell had a massive outbreak where around 40 percent of prisoners tested positive for COVID-19.

Lauri Mazurkiewicz was fired from her job as a nurse at Northwestern Memorial Hospital in Chicago after she emailed colleagues that she did not want to work without a mask. She has asthma and an elderly father with a respiratory disease.

Corporate retaliation against whistleblowers was documented throughout the country. At an Amazon warehouse in Staten Island, New York, Chris Smalls was fired after he brought attention to Amazons lack of concern for worker safety. But what Smalls and others revealed was largely validated, and it sparked an investigation by the New York Attorney Generals office that forced Amazon to make modest changes to workplace conditions.

In recent weeks, media reports have brought attention to a blacklist that McDonalds management apparently has at some franchise locations, where mitoteros, which translates into gossipers or troublemakers, are designated for termination, especially if they organize workers for better conditions.

The Occupational and Safety Health Administration (OSHA), which is part of the Labor Department, was reportedly receiving two dozen whistleblower complaints a day during the COVID-19 pandemic. OSHA had over 1,000 open complaints in May. However, when Grassley and others celebrate whistleblowers, these are not the kind of whistleblowers they support because they make it harder for corporations that fund their campaigns to continuously make record profits.

Days for celebrating whistleblowers are certainly important, and there are plenty of lesser known whistleblowers, who this newsletter will spotlight. But as necessary is a shift in the culture away from one that lets officials arbitrarily decide who is and is not a whistleblower and which dissenters citizens are allowed to support.

Our advocacy must not limit whistleblowing to proper channels that are compromised or terribly constrained by authorities that will see to it that they do not work.

To truly appreciate whistleblowers, we need to see the press and public as one of the proper channels for revealing corruption and create greater protections for freedom of speech and expression that shield employees in corporations and governments from termination and prosecution.

***

Note: The July 30 edition of Dissenter Weekly will air at 1:45 PM ET and feature CIA whistleblower John Kiriakou. Well be spotlighting some lesser known whistleblowers who deserve celebration. You can watch a livestream on our Youtube.

See the original post here:
National Whistleblower Appreciation Day And Its Many Contradictions - Shadowproof

Singapore-based Group-IB listed the Equation Group, which is generally acknowledged as being a part of the NSA. It was originally discovered and named by Russian security outfit Kaspersky. In its latest Hi-Tech Crime Trends report for 2019-20, Group-IB pointed out that the Equation Group was operating against Russia and countries formed from the break-up of the former Soviet Union.

Of itself, GroupIB says it is a leading provider of highfidelity adversary tracking and threat attribution framework, and bestinclass antiAPT and online fraud prevention solutions

It claims to have been in business for 16 years, with more than 60,000 hours of incident response experience, says it has carried out more than 1000 cyber crime investigations globally and has more than 360 top-drawer cyber security experts on its staff.

When Kaspersky described the Equation Group, it characterised the entity as the one of the most sophisticated cyber attack groups in the world and "the most advanced ... we have seen", operating alongside but always from a position of superiority with the creators of Stuxnet and Flame.

Kaspersky says most of the Equation Group's targets had been in Iran, Russia, Pakistan, Afghanistan, India, Syria, and Mali.

According to Wikipedia, the name Equation Group was chosen because of the group's choice of sophisticated encryption methods in their operations. By 2015, Kaspersky had documented 500 malware infections by the group in at least 42 countries, while acknowledging that the actual number could be in the tens of thousands due to its self-terminating protocol.

The geographical areas that various APTs focus on. Courtesy Group-IB

In 2017, WikiLeaks published a discussion held within the CIA on how it had been possible to identify the group. One commenter wrote that "the Equation Group as labelled in the report does not relate to a specific group but rather a collection of tools" used for hacking.

Kaspersky announced the existence of the Equation Group during its annual summit in Mexico in 2015, saying the group had been active at least since 2001 and had more than 60 actors. The malware it used, dubbed EquationDrug and GrayFish, was found to be capable of reprogramming hard disk drive firmware.

Because of the advanced techniques involved and high degree of covertness, the group is suspected of ties to the NSA, but Kaspersky has not identified the actors behind the group.

In August 2016, a group calling itself The Shadow Brokers, widely suspected to be NSA insiders, released stolen exploits from the Equation Group on the web. Kaspersky cited similarities between the stolen code and earlier known code from the Equation Group malware samples it had in its possession, including quirks unique to the Group's way of implementing the RC6 encryption algorithm, and concluded that this announcement was legitimate.

The stolen files date from as recent as June 2013, thus prompting NSA whistleblower Edward Snowden to speculate that a likely lockdown resulting from his leak of the NSA's global and domestic surveillance efforts stopped The Shadow Brokers' breach of the Equation Group.

Exploits against Cisco Adaptive Security Appliances and Fortinet's firewalls were featured in some malware samples released by the Shadow Brokers. EXTRABACON, a Simple Network Management Protocol exploit against Cisco's ASA software, was a zero-day exploit at the time of the announcement.

Network equipment maker Juniper also confirmed that its NetScreen firewalls were affected. The EternalBlue exploit was used to conduct the damaging worldwide WannaCry ransomware attack in May 2017.

Apart from the Equation Group, the Group-IB report also lists what it claims are APTS from Russia, Iran, North Korea, Pakistan, the Middle East, China, Gaza, Vietnam, the UAE, Turkey and India. Several of these groups have more than geographical area of operation, according to Group-IB.

The report said the key threat to telecommunications networks was hijacking of the border gateway protocol, with nine of the APTs posing a threat to the sector, more than the number of groups that were considered a threat to the financial sector.

The firm said that as 5G networks expanded, the cyber security problems of each company's gear would reflect their share of the market.

"In a few years, telecom companies will struggle to detect hardware and firmware backdoors in 5G infrastructure equipment," Group-IB predicted.

"Many telecom operators are managed service providers and provide security services to government and commercial organisations. Threat actors will attack operators to penetrate the networks they protect."

The 63-page Group-IB report said that only two Russian-linked groups showed an interest in attacking the energy sector by compromising networks and using traditional malware.

Regarding the financial sector, the report said SilentCards was a new group that was focused on attacking banks in Africa.

The trend of attacks had changed since 2017, Group-IB claimed, pointing to big ransomware attacks like WannaCry, NotPetya and Bad Rabbit in 2017, followed by side-channel attacks and targeting vulnerabilities in processors the following year and moving to overt military operations in cyber space in 2019.

One incident of sabotage was noticed in March 2019 when Simn Bolvar Hydroelectric Plant, also known as the Guri Dam, was attacked. This resulted in a mass-scale blackout in Caracas and 22 of the 23 states. The Russian news agency TASS, cited the Venezuelan Communications Minister Jorge Rodriguez as saying there had been a cyber attack against the automated control system. This is the first time large parts of a country have been left without power for many days due to an attack of this kind.

A second incident involved a group affiliated to the Palestinian group Hamas. Group-IB said cited Israeli sources as saying on 4 May 2019, hackers tried to carry out a cyber attack but did not reveal details. The Israel Defence Forces launched an air strike on a building in the Gaza Strip in retaliation, where the hackers; headquarters is believed to have been located. This is said to be the first time that a missile strike has been launched in response to a cyber attack.

A third incident was recorded in June 2019. On 20 June, Iran's Islamic Revolutionary Guard Corps shot down a US drone. The US retaliated a few days later by launching a cyber attack on IRGC's missile control systems.

As this kind of attack needs months of preparation, the systems had probably been compromised some time ago, Group-IB reasoned.

BGP hijacking occurs when traffic is directed to the wrong sources. When it came to inter-carrier routing, carriers (and content providers like Google, Facebook etc) often need to send traffic to each other.

Launtel ISP chief Damian Ivereigh explained it this way: "They rely on a protocol called BGP Border Gateway Protocol which essentially allows each carrier to broadcast to each other what IP address ranges (called 'prefixes') should be sent to them. We, for example, announce to the world that any traffic for the IP address range 103.216.190.0 to 103.216.191.255 should be sent to us."

The security of the process was "not great" and one carrier could announce incorrect prefixes and effectively take over the address ranges of another provider (and take them down).

"This is limited only by the level of trust that each carrier places in another carrier when they receive an advertisement.

Group-IB listed three BGP incidents in 2018 and 2019 which had affected traffic on the Internet. On 25 November 2018, a small Russian operator Krek made a mistake in its BGP configuration which led to between 10% and 20% of Russian Internet users losing access for more than an hour.

Companies like Amazon, YouTube, Russian social network VK and online video streaming service ivi.ru and a number of other organisations were also affected.

The same month, MainOne, a Nigerian ISP, made a configuration error that changed routes in such a way that traffic to Google services was sent to China, with a total of 180 prefixes being affected. The problem was fixed after 74 minutes.

A third incident, on 6 June 2019, the Swiss company Safe Host caused a leak of 70,000 routes to China Telecom. Swisscom, the Dutch ISP KPN and French ISPs Bouygues Telecom and Numericable-SFR were all affected for two hours.

Group-IB said during the period covered by the report, its researchers had analysed attacks carried out by 38 groups from Russia, North Korea, Pakistan, China, Vietnam, Iran, the US, the UAE, India, Turkey and unspecified South American countries.

"It is important to note that there is still no public information about attacks originating from developed countries. This again confirms that well-orchestrated attacks are difficult to detect or attribute to a specific group or country," the report said.

Group-IB said its previous report had identified BIOS/UEFI attacks as a prominent trend, with experts predicting that the main targets would be firmware and motherboard makers in the Asia-Pacific region where many big companies have their production facilities.

Soon after the report was published, news of a malware campaign called Operation ShadowHammer came to light, with malware being delivered through the ASUS Live Update, a legitimate utility that automatically updates BIOS, UEFI, drivers and applications.

The malicious utility was signed with a legitimate certificate from ASUSTeK Computer and hosted on an ASUS server.

In July 2018, experts found a new malware campaign involving the Plead backdoor, which was digitally signed using a valid D-Link Corporation certificate. At the end of April 2019, these experts identified multiple attempts to deploy the same malware in an unusual way. The Plead backdoor was created and executed by a legitimate process named AsusWSPanel.exe.

The executable file was digitally signed by ASUS Cloud Corporation. Plead malware has always been most widely deployed in Taiwan.

In December 2018, Chinese attackers reportedly infiltrated the networks of Hewlett Packard Enterprise and IBM as part of the Cloudhopper campaign. By gaining access to the networks, they were subsequently able to break into computers belonging to HPE and IBM clients.

Cloudhopper compromised client data in 12 countries, including Brazil, Germany, India, Japan, the United Arab Emirates, Great Britain, and the United States.

The clients were from industries such as finance, electronics, medical equipment, biotechnology, automotive, mining, and oil and gas.

The Group-IB report also contains exhaustive details of JavaScript sniffers used to attack content management systems. details of other BGP attacks, details about attacks on ATMs and financial institutions and numerous other cyber heists, including PC banking trojans and bog-standard phishing exploits.

See the original post here:
Equation Group is alive and kicking and active in Russia: Group-IB report - iTWire

When I was working at the CIA, if you had told me that there would soon come a youth rebellion that relied on lasers and traffic cones as sword and shield, and that it would come to paralyze one of the worlds richest and most powerful governments, I would haveat the very leastraised an eyebrow. And yet as I write these words nearly a decade later, this is exactly what's happening in Hong Kong, the city where I met with journalists to reveal the secret that would transform me from an agent of government into one of the worlds most wanted men. As it happened, the very book that you now hold in your hands lay on the desk, the desk of the last hotel room I would ever pay for with a credit card.

Excerpted from Little Brother & Homeland by Cory Doctorow, with a new introduction by Edward Snowden. Buy on Amazon.

What I showed those journalists was proof, in the form of the governments own classified documents, that the self-described Five Eyesthe state security organs of the United States, United Kingdom, Australia, New Zealand, and Canadahad together conspired to weaken their laws. They had forced clandestine access to the networks of their largest telecommunications and internet titans (some of whom hadn't needed much in the way of arm-twisting) in pursuit of a single goal: the transformation of the free and fragmented internet into historys first centralized means of global mass surveillance. This violation of our fundamental privacy occurred without our knowledge or consent, or even the knowledge and consent of our courts and most lawmakers.

Heres the thing: although the global response to this violation was furious, producing the largest intelligence scandal of the modern age, mass surveillance itself continues to work today, virtually unimpeded. Nearly everything you do, and nearly everyone you love, is being monitored and recorded by a system whose reach is unlimited, but whose safeguards are not.

But while the system itself was not substantially changedas a rule, governments are less interested in reforming their own behavior than in restricting the behavior and rights of their citizenswhat did change was the public consciousness.

The idea that the government was collecting the communications of those who had done nothing wrong had once been treated as a paranoid conspiracy theory (or as the subject of instructive fiction, such as the work you're about to read). Suddenly, this prospect had become all too realthe sort of universally acknowledged truth that can be so quickly waved away as obvious and unremarkable by the crooked timber of our political operators.

Meanwhile, the corporations of the world digested the realization that their darkest shametheir willful complicity in crimes against the publichad not been punished. Rather, these collaborators had been actively rewarded, with either explicitly retroactive immunity or informal guarantees of perpetual impunity. They became our latest Big Brother, striving to compile perfect records of private lives for profit and power. From this emerged the contemporary corruption of our once-free internet, called surveillance capitalism.

We are coming to see all too clearly that the construction of these systems was less about connection than it was about control: the proliferation of mass surveillance has tracked precisely with the destruction of public power.

SUBSCRIBE

And yet despite this grim reading from my seven years in exile, I find more cause for hope than despair, thanks in no small part to those lasers and traffic cones in Hong Kong. My confidence springs not from how they are appliedto dazzle cameras and, with a little water, to contain and extinguish the gas grenades of a state gone wrongbut in what they express: the irrepressible human desire to be free.

The problems that we face today, of dispossession by oligarchs and their monopolies, and of disenfranchisement by authoritarians and their comfortably captive political class, are far from new. The novelty is in the technological means by which these problems have been entrenchedto put it simply, the bad guys have better tools.

Read more from the original source:
The Age of Mass Surveillance Will Not Last Forever - WIRED

Film director Oliver Stone is in a class by himself. He has dared to go into the political mine fields where only a few other Hollywood-based moviemakers have ventured. Perhaps, the fact that the talented Stone was a Vietnam War U.S. Army veteran (1967-68), toughened him up to take on the Establishment.

Earlier in his movie career, Stone caught a lot of flack for daring to challenge the official conspiracy version of how President John F. Kennedy was murdered in Dallas in 1963, with his intriguing film JFK. His war-related dramas, Platoon, in 1986; and, Born on the Fourth of July, (1989), opened a wide vista for Americans to reflect on the horrific hell that is war. Incidentally, the Born on the 4th of July movie also proved that Tom Cruise could act!

In his stellar career, Stone has been brave enough to also take on the Wall Street bankers in two fine movies: Wall Street (1987) and Money Never Sleeps (2010). The Wall Street wise guys are the ones whose unbridled greed brought our America the draconian Financial Collapse of 2008.

Stones memoir, Chasing the Light, has just been published. The three-time Oscar-winner, now 73 years old, recently told the New York Times, hes no longer anxious to make movies in Hollywood. He labeled Lalaland, too fragile, too sensitive and like an Alice in Wonderland tea party. (July 13, 2020.)

Stones film, Snowden came out in 2016. It is a compelling movie about a young NSA whistleblower, Edward Snowden, now age 37. I watched it again on Amazon Prime. It raised important Constitutional, national security and privacy issues which strike deep into the American psyche.

Snowden was a brilliant computer geek, whose career path led him first into the CIA and then the NSA. Later, he worked as a intelligence contractor, assigned to the NSA.

In 2013, Snowden revealed to the media, via the London-based newspaper, The Guardian; documentary-maker, Laura Poitras; and reporter, Glenn Greenwald, the massive global scope of the American surveillance state. Over the years, it had covertly devised a bulk data collection system. That disclosure scene is set early in the film inside a hotel room in Hong Kong.

Since 2013, Snowden has been residing in Russia, under an umbrella of temporary asylum, thanks to Vladimir Putin. The U.S. Justice department has a warrant out for Snowdens arrest, charging him with violating the 1917 Espionage Act, and other related criminal offenses.

Stones movie brought all of this suspense-filled drama to life. It jumped back and forth between Snowdens 2013 disclosure to the media in Hong Kong; to his short-lived life as a U.S. soldier; his hiring by the CIA/NSA; his sometimes rocky relationship with his girlfriend; to his awakening a la Saint Paul on the road to Damascus that theres something morally, legally and profoundly wrong with how his country was gathering intelligence on its citizens.

As Snowden, Joseph Gordon-Levitt gave a stellar performance, that was worthy of an Academy Award nomination. He masterfully showed him as a conservative, shy, goody-goody, cyber wizard, and supra-hacker dude, who when not playing with his Rubiks Cube, finally wakes-up to his part in the world of insidious surveillance.

By the way, the real Greenwald, on September 16, 2016, blasted the Washington Post for towering cowardice for calling for Snowdens prosecution.Ironically, the Post was one of the newspapers that first carried Snowdens whistleblowing revelations and it even won a Pulitzer Prize for its stellar reporting. Go figure!

Other government whistleblowers, such as the courageous Thomas Drake, had previously shown Snowden the way forward on this matter. Check out this video on Drake, at: (I Chose my Conscience over my Career):

The U.S. government doesnt see Snowden as a mere whistleblower. It has labeled him a traitor. It wants to burn his ass! This includes elements within the U.S. intelligence community and a majority of the U.S. Congress

Read this article:
Two Rebels Against the Establishment: Oliver Stone and Edward Snowden - CounterPunch

By Shannon Ebrahim 3h ago

Share this article:

The US ban on its companies working with or buying telecommunications equipment from Huawei, and the unilateral embargo on the Chinese telecom giants suppliers, is driven by a strategy of containment and disengagement from the rising superpower.

Huawei has become a flashpoint in the trade war between the two countries, with far-reaching ramifications as the US has been bullying its allies to ban Huawei technology and equipment.

US tactics may be working with some Western governments, but more broadly 170 countries have accepted using Huawei, and it has a growing market share in emerging economies.

The spokesperson for British Prime Minister Boris Johnson has acknowledged that the UK changed its decision on Huaweis participation in the UKs 5G network construction due to US sanctions against the company imposed in May.

The UK badly needs a good transAtlantic trade deal with the US given Brexit and the economic fallout after the Covid-19 pandemic, so it easily succumbed to US pressure.

US President Donald Trump admitted two weeks ago that he had talked many countries out of using Huawei, telling them that if they wanted to do business with the US, they could not use Huawei.

The move was clearly not one based on national security concerns, but rather political manipulation. As a result of US pressure, Canada and Singapore have decided in favour of Ericsson and Nokia, and the French have advised operators to steer clear of Huawei.

German Chancellor Angela Merkel is sitting on the fence, but German political parties are pushing for a ban.

Telecom Italia announced that it was excluding Huawei from its 5G tenders in Italy and Brazil.

All of this posturing may lead to China banning European competitors Ericsson and Nokia.

The US may be forcing countries to give up their co-operation with Huawei in 5G, but the US itself is unable to provide relevant technology and equipment.

The argument that Huawei is a threat to the national security of other nations is also largely hypocritical on the part of the US, considering that the US has been collecting five billion mobile phone call records around the world daily, and eavesdropping on Chancellor Merkels cellphone conversations for over a decade.

Wikileaks and Edward Snowden have clearly shown that the US is infringing on the national security of foreign countries. Apple phones and German cars sold in China are packed with software, data and sensors, so should China also ban them in the context of this escalating environment of mistrust?

What Huawei has done in Africa is to assist a number of countries to leapfrog into the fourth industrial revolution. Huawei serves 80% of South Africas population and holds the largest market share of ICT infrastructure.

Confounding the sceptics, Huawei ensures 50% of its employees in South Africa are local, and it has won Best Employer in South Africa for several consecutive years.

Just because the US is getting left behind in terms of the development of 5G networks, it is nonsensical to penalise other countries that want to make use of Chinese technology.

It also goes against the very notion of free trade that the US supposedly advocates worldwide.

* Ebrahim is Independent Medias group foreign editor.

See the original post here:
Lack of vision revealed in US policy bullying - Independent Online

In a morally and politically arresting column last week,The New York Times MichelleGoldberg noted that unidentified federal forces were snatching protesters from Portlands streets without warrants. Can we call it fascism yet?she asked,citingthe historian Timothy Snyders warning, in histruly arrestingOn Tyranny:Twenty Lessons from the Twentieth Century,that When the pro-leader paramilitary and the official police and military intermingle, the end has come.

It has come, indeed, unless we stop iten masse. Now. Not from behind our computers but in the streets and in public buildings and in massive but disciplined non-compliance with government edicts that flout the rule of law. But disciplined non-compliance requires organizing and communicating effectively enough to dissuade protesters (and outside provocateurs) from giving Trumpists and sensationalist media reasons to to call the protests riots.

Days before his inauguration in 2017, Donald Trump started in on creating his own private security force, independent of the military and Secret Service. Discovering that a president has command of the National Guard unit in the District of Columbia, as governors do in their states, Trumps transition team informed the DC units commander that his dismissal would be effective at noon on Inauguration Day, in the middle of the ceremony, so that he wouldnt even be able to supervise his troops return to their quarters. The American Prospectcalled the movea precedent-breaking decision that raises troubling questions about transparency and accountability.

Some of us had seen something like thiscoming evenin 2014,when public massacres and murders of unarmed young blacks by whites were rising, and again in 2016, as candidateTrump announcedthathe could shoot someone in the middle of Fifth Avenue without losing his supporters. Ever since, he has exciteda roiling horde of militia members, authoritarian police, enthusiasts of Stand Your Ground and Concealed Carry laws and border walls.

***

Last week, three days afterGoldberg cited Snyder on fascism, heoffered a thoughtful, historically rich explanation of why it is indeed upon us: Unidentified federal officers are testing the boundaries of government by, of, and for the people not just because the Department of Homeland Security is reliving 9/11 but because its overreach reflects a subtler but more devastating assault on the American people and their republic.

Drawing on his research on how fascism came to Germany less than a century ago, Snyder noted that it can come to any country not just when armed cadres of villains pop up but, long before that, when powerful social and commercial currents that seem morally and politically neutral and that many of us ride on and seek to profit from have hollowed out democratic and republican habits of the heart, leaving a political vacuum that authoritarians and desperate losers can sweep in to fill.

At that point, Snyder noted,citizens who cherish freedom have no alternative but to stand up in an organized fashion against their own elected officials and law-enforcement agenciesen masse,with discipline and clear purpose, to recreate democracy itself. This happened in British India, in apartheid South Africa, throughout the Soviet bloc, and in the segregationist American South, an authoritarian society that covered its brutality with syrupy affectations of civility.

***

Portlands Wall of Moms and its emulatorshave stood up. Theyve set an example that well need to follow, not merely by liking, tweeting, and signing petitions or attending gala celebrations of artistic resistance or otherwise scribbling our thoughts and sentiments online, as Im doing right now, but by engaging personally, at some risk to our bodies and immediate material interests, in strategically coordinated civil disobedience. Americans from Nathan Hale to Rosa Parks to Edward Snowden and countless others unsung have done that. Will we?

***

To understand whatboundariesTrump istesting, know that nearlytwothousand years agothe Roman Senate granted the republics first complete emperor, Augustus, whatEdward Gibbon characterizedas an important privilege: By a dangerous exception to the ancient maxims, he was authorized to preserve his military command, supported by a numerous body of guards, even in time of peace, and in the heart of the capital.

Augustus Praetorian Guard metastasized from somethinglike our Secret Service into a force thatroamed the empirehunting down the emperors personal enemies, including Roman senators themselves.Gibbon wrotethatRoman citizens became accustomed to the dark, seductive shift from republican ardor and eloquence to submission to force and fraud in political life. Theyno longer possessed that public courage which is nourished by the love of independence, the sense of national honor, the presence of danger, and the habit of command. They received laws and governors from the will of their sovereign, and trusted for their defense to a mercenary army.

Severalfounders of the American republic read Gibbon.AsBen Franklin voted for the new Constitution in 1787, he warned that it can only end in Despotism as other Forms have done before it, when the People shall have become so corrupted as to need Despotic Government, being incapable of any other. Founder Richard Henry Lee warned that History does not more clearly point out any fact than this, that nations which have lapsed from liberty, to a state of slavish subjection, have been brought to this unhappy condition, by gradual paces.

Gibbon might as well have been describing many people we know nowwhen he wrote that The rich and polite Italians enjoyed the present blessings of ease and tranquility, and suffered not the pleasing dream to be interrupted by the memory of their old tumultuous freedom. With its power, the senate had lost its dignity; many of the most noble families were extinct.

Analogies to ancient Rome or Nazi Germany can be facile and even dangerous, but it would be just as dangerous to ignore historys cautions unless were bent on repeating its follies. To avoid that, we need to confront not only Trump but the Ivy-bred Good Shepherds the rich and polite people, in Gibbons account whove shepherded us through a decades-long disintegration of civil society and republican governance, leaving New Orleans with Hurricane Katrinas perfect storm of unchecked global warming, failed infrastructure, and corrupt politics in 2005, when the devastated city was patrolled by the private military Blackwaterguards.

Trumpism has discredited conservatives who fantasize about restoring the capitalism of Adam Smith and John Locke, and it has sucked the wind out of the sails of leftists who fantasize that a precariat-proletariat will rise again. But the Wall of Moms (and now, of Dads, grandparents, and others) is standing up for a civic-republican way of life in which, as a commenter put it beneath one of my articles years ago, all parties have a fundamental allegiance to getting along, and specifically to handling losses without developing longstanding brutal grudges. If a small group had ever gotten together and made an agreement to subvert the system and behave destructively in a coordinated manner, they could have done a lot of damage before the rest of us figured out what was happening and then our only alternative would have been to terminate the system Strong as our constitutional system is, I dont think it was ever intended to resist a large-scale, long-term, tightly-organized effort to subvert it from within.

Were confronting not only a tightly organized effort that made its first move toward establishing a Praetorian Guard on Inauguration Day, 2017. Were also confronting aregime within which CEOs, members of Congress, mindless administrators, and credulous strivers, some of them in our own families and, perhaps, in our hearts, are betraying the civic-republican ethos Ive just sketched.

We can give it a new birth of freedom, as democrats have done against what seemed overwhelming odds in British colonial India, apartheid South Africa, the Soviet bloc, Jim Crow in our own South, and even in the sexism that the Wall of Moms has discredited unforgettably by staring down federal operatives dressed like Ninja Turtles and carrying big guns.

Its important that demonstrations be well disciplined and ready for the worst. Trump is desperate to find his Reichstag fire, an American equivalent of the torching of Germanys parliament building that gave Hilter an excuse to declare an emergency and assume dictatorial powers. Protesters must be told by credible leaders that any broken window or offensive graffiti, let alone looting, arms their oppressors. The civil-rights movement had to sideline Eldridge Cleaver and Kwame Toure; the anti-Vietnam War movement had to disown the Weathermen. The hard lesson is true power lies in massive non-compliance, not in handing photo-ops to authoritarians who want to shift the blame for violence.

For historical, conceptual, and practical guidance, I suggest the late Jonathan SchellsThe Unconquerable World: Power, Nonviolence, and the Will of the People, which shows how people in places like those just mentioned, and in the American Revolution, have transformed established power that was flouting real democracy.

Read more here:
Resistance for Real: The Moment Has Come BillMoyers.com - BillMoyers.com