Category Archives: NSA

The National Security Agency (NSA) on Christmas Eve released a grip of compliance reports that detail its own admitted failures to always operate inside the orbit of the law.

The reports spanned a 12 year period, from 2001 to 2013.According to the agency, Executive Order 12333 a controversial Regan-era law requires the NSA to detail and report intelligence activities they have reason to believe may be unlawful or contrary to Executive Order or Presidential Directive.

The reports, released in response to a Freedom of Information Act suit from the American Civil Liberties Union, are heavily redacted. That said, they still contain a wealth of information about what sort of errors the NSA makes, both on purpose and not. The language is, naturally, quite dry, but there is still much to glean from the reports, including what sort of compliance issues the NSA encounters, how often, and the mix between accidental, and willful issues.

You can find the whole trove here. For quick reference, Ive selected a few highlights from just the 2012 reports, which I think are illustrative of the overall tone of the other documents. Of course, nothing can beat a full reading on your own, which TechCrunch fully recommends.

First up, The Analyst Who NSAdHimself:

This is not a rare occurrence, however, and appears to be something of a running prank among analysts:

It seems to happen a lot!

A lot, a lot!

Read more here:
In Holiday Document Dump, NSA Declassifies Compliance Errors

Published December 26, 2014

The National Security Agency has released heavily redacted accounts of its employees violations against Americans privacy after the Sept. 11, 2001 terror attacks.

Responding to a Freedom of Information Act lawsuit, the agency was required to file the reports with the Intelligence Oversight Board, the Wall Street Journal reports. However, the reports were released publicly Wednesday, covering activities from 2001-2013.

By emphasizing accountability across all levels of the enterprise, and transparently reporting errors and violations to outside oversight authorities, NSA protects privacy and civil liberties while safeguarding the nation and our allies, the agency said in a statement.

The reports show violations including communications from people in the U.S. being inadvertently targeted or collected by the agency. Some of the violations resemble the disclosures of NSA programs by Edward Snowden.

The report cites incidents of poorly constructed data queries that targeted Americans, improper handling of data and information used improperly.

Some incidents showed how a U.S. Army sergeant used an NSA system to target his wife, which led to a reduction in rank and further punishment.

The NSA says the reports involve human error and intentional misuse of the intelligence system.

The agency reaffirmed that appropriate disciplinary or administrative action was taken.

Click for more from the Wall Street Journal.

Read the original here:
Report: NSA releases accounts of privacy violations

Nsa Entry Level Jobs
Nsa Entry Level Jobs - If you #39;re weary from pretty much all the mislead, nonsense, confusion, chaos as well as uncertainty typically associated with trying to learn how to REALISTICALLY gain...

By: Nada Shaunna

Read more here:
Nsa Entry Level Jobs - Video

GCHQ and NSA Store Millions of Yahoo Webcam Images
if u wanna latest news from anywhere of world,then click on subscribed button nd please comments on videos ....Thanks for Visiting our Channel.

By: John Oliver Official Channel

The rest is here:
GCHQ and NSA Store Millions of Yahoo Webcam Images - Video

BOMBSHELL! NSA Spying on You and Your Grandma in Far Greater Numbers than Al Qaeda
if u wanna latest news from anywhere of world,then click on subscribed button nd please comments on videos ....Thanks for Visiting our Channel.

By: John Oliver Official Channel

Read more:
BOMBSHELL! NSA Spying on You and Your Grandma in Far Greater Numbers than Al Qaeda - Video

Why I Spoke Out Against the NSA | John Napier Tye | TEDxCharlottesville
This talk was given at a local TEDx event, produced independently of the TED Conferences. NSA State Dept Whistleblower John Napier Tye is Legal Director and Campaign Director at Avaaz, the...

By: TEDx Talks

Visit link:
Why I Spoke Out Against the NSA | John Napier Tye | TEDxCharlottesville - Video

JERUSALEM The malware known as Regin linked to the National Security Agency as a tool for tapping mobile phone networks and infiltrating foreign computer systems now appears to have been developed as early as 15 years ago, making it among the first major pieces of invasive computer software built to enable government espionage.

The program was revealed last month in reports from security companies Kaspersky Lab and Symantec Corp. Soon thereafter, The Intercept published new leaks from NSA whistleblower Edward Snowden thatshed light on how programs such as Regin(pronounced Re-gen)were used to collect sensitive, technical information on more than 70 percent of the worlds cellular networks.

Between the Snowden documents and the disclosures from computer security professionals about Regin, for the first time researchers think theyve linked NSA wiretapping operations to the particular tool the agency used to accomplish it, caught in the act invading a foreign cellular network.

This is the first time weve seen it for real with our own eyes. For us it was pretty surprising, says Costin Raiu, director of Kaspersky Labs Global Research and Analysis Team.

The NSAs vast surveillance practices stockpiling of phone records, recording text messages, listening in on conversations of foreign heads of state, tapping into global fiber optic communications -- began to be revealed a year and a half ago when the Snowden documents emerged.

Now, analysis of the Regin malware provides rare insight into how such extensive hacking and wiretapping was accomplished.

Regin is not just a worm or a virus, but a malwareplatform, which can host many different types of attacks. It was built for stealth and flexibility and has been found on computers around the world, serving many different purposes.

Both Kaspersky Lab and Symantec judged Regin to not only be the work of a nation-state, but also one of the most sophisticated, if not the most sophisticated, pieces of malware in existence. Both companies also specifically noted that Regin was used against telecommunications companies and infrastructure (in addition to a variety of other targets).

Get Monitor cybersecurity news and analysis delivered straight to your inbox.

The precise way that Regin enters a computer system is still unknown, but it may involve visiting spoofed versions of well-known websites or a backdoor through an application. According to Symantec, in one case log files showed that Regin got in through an unknown exploit in Yahoo! Instant Messenger.

Here is the original post:
Regin spying tool linked to NSA among first malware meant for espionage

US intelligence agencies hacked into the email servers of Chinese tech giant Huawei five years ago, around the time concerns were growing in Washington that the telecommunications equipment manufacturer was a threat to US national security, a report says.

The National Security Agency began targeting Huawei in early 2009 and quickly succeeded in gaining access to the company's client lists and email archive, German weekly Der Spiegel reported on Saturday, citing secret US intelligence documents leaked by former NSA contractor Edward Snowden.

Among the people whose emails the NSA was able to read were Huawei president Ren Zhengfei, the magazine said.

The operation, which Der Spiegel claims was co-ordinated with the CIA, FBI and White House officials, also netted source codes for Huawei products.

Advertisement

One aim was to exploit the fact that Huawei equipment is widely used to route voice and data traffic around the world, according to the report.

But the NSA was also concerned that the Chinese government itself might use Huawei's presence in foreign networks for espionage purposes, it said.

In 2012, the House Intelligence Committee recommended that Huawei be barred from doing business in the US, citing the threat that its equipment could enable Chinese intelligence services to tamper with American communications networks.

Huawei didn't immediately respond to a request for comment late on Saturday.

In January, the company rejected a previous Der Spiegel report claiming that its equipment was vulnerable to hacking.

The rest is here:
NSA targeted Chinese tech giant Huawei

Eyes open: Sarah Harbi protests against the NSA outside the Department of Justice in Washington, DC. Photo: Reuters

Cyber security experts are questioning whether US President Barack Obama can make good on his assurance that intelligence agencies aren't spying on "ordinary folks."

That promise is especially dubious, experts say, in instances where Americans are communicating with US citizens living abroad and other people overseas.

"It's very clear there are enormous loopholes," said Jonathan Mayer, a cyber security fellow at Stanford University's Centre for International Security and Co-operation, who is reverse engineering the NSA surveillance program to learn how much collection if taken to extremes is legally possible. "Their rules, combined with their capabilities, cut against the classical protections built into our legal system."

Advertisement

The US National Security Agency (NSA) and the CIA are tasked with gathering foreign not domestic intelligence. Agency rules say they must have a "reasonable, articulated suspicion" about the people they target, and are required to sift through all the data they collect and eliminate any that might have been intercepted from an innocent American, on US soil or abroad.

This week the Obama Administration proposed that Congress overhaul the electronic surveillance program by having phone companies hold onto the call records as they do now.

But there remain a number of significant ambiguities that allow Americans' data to be swept up, saved and analysed, according to a series of disclosures from former intelligence contractor Edward Snowden, WikiLeaks source Private Chelsea (previously known as Bradley) Manning and the US government itself:

- Analysts need to be just "51 per cent confident" that someone is not in the US, based on phone numbers, Internet Protocol addresses and email addresses, before they can target the person.

-The NSA is allowed to store encrypted communications, domestic or foreign, at least until analysts can decrypt it to find out whether it contains information relating to national security. With widely used services like Gmail and Facebook adding encryption, this could encompass a vast amount of domestic communications.

See original here:
NSA rules leave privacy vulnerable: experts

The National Security Agency may have violated U.S. law for over a decade with the unauthorized surveillance of U.S. citizens'overseas communications, according to new reports on the agency's intelligence collection practices released by the NSA on Wednesday.

The U.S. spy agency released the highly confidential reports in response to a Freedom of Information Act lawsuit filed by the American Civil Liberties Union (ACLU).According to documents posted on the NSA website on Christmas Eve, the examples of violations include sending data on Americans to unauthorized recipients, storing such data on unprotected computers and retaining them after they were meant to be destroyed, according to Bloomberg.

In general, each NSA report contains similar categories of information, including an overview of recent oversight activities signals intelligence activities affecting certain protected categories; and descriptions of specific incidents which may have been unlawful or contrary to applicable policies, NSA said, on its website.

The reports include a series of quarterly and annual accounts that have been made available to the presidents Intelligence Oversight Board, Bloombergreported, adding that the reports cover the period between the fourth quarter of 2001 and the second quarter of 2013.

In one instance of an unauthorized surveillance practice, in 2012, an NSA analyst searched a U.S. organization in a raw traffic database without formal authorization because the analyst incorrectly believed that he was authorized to query due to a potential threat, according to the fourth-quarterreportfrom 2012. The surveillance found nothing suspicious.

Another report revealed an incident, also in 2012, when an analyst searched her spouses personal telephone directory without his knowledge to obtain names and telephone numbers for targeting. According to the report, the analyst was advised to cease her activities.

The ACLU, which filed the lawsuit to access the NSA reports, claimed that the intelligence information collected by the spy agency was sometimes misused.

The government conducts sweeping surveillance under this authority -- surveillance that increasingly puts Americans data in the hands of the NSA, Patrick C. Toomey, staff attorney with the ACLUs National Security Project, told Bloomberg in an e-mail. Despite that fact, this spying is conducted almost entirely in secret and without legislative or judicial oversight.

Meanwhile, the NSA said that it has multi-layered protections in place to ensure that no further errors occur in intelligence-gathering and retention.

The vast majority of compliance incidents involve unintentional technical or human error. In the very few cases that involve the intentional misuse of a signals intelligence system, a thorough investigation is completed, NSA said in an executive summary. NSA goes to great lengths to ensure compliance with the Constitution, laws and regulations.

Read the original here:
NSA Reports Show Agency May Have Violated Laws For A Decade By Spying On Americans