Category Archives: NSA

A new factsheet by the NSA and FBI has laid bare ludicrous contradictions in how US intelligence agencies choose to interpret a law designed to prevent spying on American citizens, but which they use to achieve exactly that end.

The document even claims that it is surveilling US citizens for their own protection while at the same time claiming that it is not doing so.

The obvious and painful contradictions within the 10-page document [PDF] are testament to the very reason why the factsheet had to be prepared in the first place: Congress is threatening not to renew the legislation due to the intelligence agencies' willful misrepresentation of the law to perform the very activities it was designed to prevent.

FISA the Foreign Intelligence Surveillance Act was enacted in 1978 and authorizes US intelligence agencies to carry out electronic surveillance of foreign persons outside the US. It specifically prohibited surveillance of US citizens and foreign persons within US borders.

But in 2008, the FISA Amendments Act (FAA) was passed to recognize the modern realities of internet communications: that foreign intelligence targets were using networks based in the United States to communicate. The law gave the intelligence agencies the right to demand that US companies hand over their communications in the search for foreign intelligence.

In an effort to ensure that those searches were restricted to non-US citizens however, the FAA which was re-authorized in 2012 and now needs to be re-authorized again before the end of 2017 included various procedures, and checks and balances.

Somewhat inevitably however, those procedures which remain almost entirely secret and the check and balances which have been shown to be ineffective at best have been slowly undermined by the intelligence agencies to the extent that the FBI now routinely uses personally identifiable information of US citizens, such as an email or phone number, to search a huge database of gathered information if it suspects them of a crime carried out in the US.

That reality is the diametric opposite of what the law was intended to do hence the ludicrous contradictions between what the intelligence agencies say the law authorizes and the everyday realities that they argue must be retained.

The first eight pages of the 10-page document are largely accurate, giving a rundown of the law, its history and intentions, and the procedures and checks introduced. In fact, it is a useful and largely objective rundown of the issue.

On page four, the document gives some examples of where use of Section 702 have proven effective: gathering insights into the minds of high-level Middle Eastern government ministers; checking up on sanctions; identifying both terrorists and terrorist sympathizers and alerting other governments to them.

Of the five examples given (of course it's impossible to know how many real-world examples there are), only one covers an arrest on US soil: the case of Najibullah Zazi who was tracked after he sent an email to an al-Qaeda operative in Pakistan asking for help in making bombs. Zazi planned to bomb the subway in New York City but was arrested in 2009 before he had the opportunity to do so. He pled guilty in 2010 and was sentenced to life in prison in 2012. (It is worth noting, however, that Zazi was already under surveillance from US intelligence agencies thanks to his visits to Pakistan, so it's unclear what role the Section 702 data really played.)

The document carefully words some sections covering concern over how the law was being interpreted. As a result of Edward Snowden's revelations, lawmakers and civil society groups started asking precise questions and that resulted in the intelligence agencies releasing limited information about the process it goes through to obtain the rights to spy on people. The document paints the provision of that information as the intelligence agencies' "commitment to furthering the principles of transparency," when nothing could be further from the truth.

It also tries to paint a report by the Privacy and Civil Liberties Oversight Board (PCLOB) into US spying in positive terms. The independent board, the document claims, largely exonerated the intelligence agencies and "made a number of recommendations" that have "been implemented in full or in part by the government."

In reality, the board's report was a damning indictment of the agencies' effort to reinterpret the law to be able to spy on just about anyone. The recommendations that have been implemented "in part" cover the most important improvements, in particular the publication of the procedures that the agencies use in reaching determinations. These critical documents remain entirely secret.

The PCLOB also paid a high price for standing up to the NSA and FBI: they had their authority cut out from under them, the budget was slashed, and all but one of its five board members have either resigned or have not had their terms renewed. It is a shell of an organization that doesn't even answer its phone or emails.

It is on pages nine and 10 that the real issues appear however where it addresses "702 issues that are likely to arise in the re-authorization discussion."

These are:

Despite the law specifically noting that US citizens and people within US borders cannot be spied on through Section 702, in reality the intelligence agencies do exactly that.

The explanation is that this information is "incidental" and is hoovered up as the NSA and others are gathering intelligence on others. The intelligence agencies claim that it affects very few US citizens and so Congress has persistently asked what that number is: how many US citizens are included in the 702 database?

The US House Judiciary Committee first asked that question a year ago April 2016. There is still no answer.

This latest document notes: "The IC (intelligence community) and DoJ (Department of Justice) have met with staff members of both the House and Senate Intelligence and Judiciary Committees, the PCLOB, and advocacy groups to explain the obstacles that hinder the government's ability to count with any accuracy or to even provide a reliable estimate of the number of incidental US person communications collected through Section 702."

It says that the agencies are "working to produce a relevant metric" to inform discussions.

This is a transparent attempt to prevent a figure on the number of US citizens in the database from being revealed, because it would almost certainly undermine the core contention of the intelligence agencies: that their procedures prevent the unnecessary gathering of information on US citizens.

See the rest here:
We're spying on you for your own protection, says NSA, FBI - The Register

Mike Steinmetz will make $176,419 a year to advise the governor on digital security policy.

PROVIDENCE, R.I. -- Governor Gina Raimondo has appointed Mike Steinmetz, a former National Grid and National Security Agency manager, as Rhode Island's first cybersecurity officer.

Steinmetz, who started Monday, will be Raimondo's top adviser on digital security policy and lead the creation of a state cybersecurity strategy, according to a news release Tuesday from the governor's office.

"Modern infrastructure is more than just roads and bridges," Raimondo said the release. "It's also the digital connections we're making faster and more frequently than ever before."

Steinmetz will make $176,419 a year, according to Raimondo spokesman David Ortiz.

The cybersecurity officer position was created in the state budget approved by lawmakers last year and reports to the director of administration. It is not considered a cabinet position and does not require state Senate confirmation, Ortiz said.

Before joining state government, Steinmetz was a National Grid director of strategy and planning and director of governance and compliance. Before that, he worked for the U.S. Department of Defense and the National Security Agency.

See more here:
Ex-NSA manager R.I.'s first cybersecurity officer - The Providence Journal

Published time: 17 Apr, 2017 17:26Edited time: 18 Apr, 2017 08:25

Malicious computer malware that caused substantial damage to Irans nuclear program may be the work of the NSA, researchers burrowing into the latest leak from hacking group Shadow Brokers have discovered within the computer data.

A tool found in Fridays leak matched one used by the notorious Stuxnet malware.

First detected in 2010, Stuxnet is believed to be the joint work of the US and Israel; a claim that Edward Snowden backed up in a 2013 interview but which has never been acknowledged by either government.

Designed to target industrial control systems used in infrastructure facilities, Stuxnet modifies data on controller software affecting their automated processes.

Computer code found in last weeks leak from Shadow Brokers, alleged to have been stolen from the NSA, was also found to match that used in Stuxnet.

Officials, who spoke under anonymity to The Washington Post, said in 2012 that the worm, developed under George W.Bushs administration and continued under Barack Obamas, was designed to damage Irans nuclear capabilities.

When it infected Irans nuclear facility in Natanz, it reportedly destroyed a fifth of their centrifuges after causing them to spin out of control, all the while relaying readings back to technicians at the plant that operations were normal.

"There is a strong connection between Stuxnet and the Shadow Brokers dump," Symantec researcher Liam O'Murchu told Motherboard. "But not enough to definitively prove a connection."

A definite link will be almost impossible to prove as Stuxnets script was later copied and used in an open-source hacking toolkit, allowing it to be replicated numerous times online.

However, O'Murchu said the script found in Fridays leak was last compiled on September 9, 2010 - three months after Stuxnet was first identified and shortly before it was added to the hacking toolkit.

Also contained in the leak was ASCII art of a medal with the words Won the gold medal!!! above it. Stuxnet was reportedly given the codename Olympic Games.

Security architect Kevin Beaumont tweeted the results of an antivirus program check on the Shadow Brokers exploits leaked on Friday, which returned that it had detected Stuxnet.

The latest evidence against the NSA was contained in Fridays leak from Shadow Brokers, which also detailed hacks aimed at Windows PCs and the SWIFT network, used to process payment orders.

READ MORE: What the hack? The leaks that shaped 2016

Read the original post:
Shadow Brokers leak links NSA to alleged US-Israeli Stuxnet ... - RT

A new cybersecurity summer camp is giving middle and high school girls a head start at a career intech.

The program, called GenCyber, will be entirely free thanks to theNational Security Agency (NSA), which is footing the bill fortuition, boarding andregistration fees for all participants. The NSAs goal forthe campis to inspire young people to direct their talents toward cybersecurity careers they believe are critical to national and economic security.

Another goal is to increase diversity in tech. Currently, women earn only 28 percent of computer science degrees, own only fivepercent of startups and hold only 11 percent of executive positions at Silicon Valley companies.

With the shortage of women in technology fields, anything we can do to encourage young women to explore STEM careers can only be good, said Jose-Marie Griffiths, president of Dakota State University, which will beone of the camps two locations.The other host campus isSouth Dakota School of Mines & Technology. Both were launched inSouth Dakota as an effort by the universities, because itsbeen identified as one of the industry sectors with the highest potential inthe state.

Core sessions at the camps will focus on cybersecurity, programming, networking and robotics. Students also have a choice of electives including multimedia forensics, socket programming, password cracking, iRobot create, network forensics, web hacking and 3-D printing.

At the DSU camp, an FBI Computer Analysis Response Team (CART) will present ondigital forensics, and twospeakers from Google will discuss security and privacy.There will also be a cyber sleuth escape room, and Access Data, a leading forensics company, will be hostinghands-on labs with social media and web traffic.

The SD Mines camp features a collaboration with Black Hills Information Security (BHIS), a company focused on customized security solutions for their clients. Officials from BHIS will be involved in enhancing the curriculum alongside professors in Mines Department of Mathematics and Computer Science. There will be some fun opportunities to get off campus as wellfield trips toMt. Rushmore and the South Dakota Air and Space Museum

You can find out more about attending theMines and Dakota States GenCyber here and here.

See the original post:
NSA Is Hosting a Free Cybersecurity Summer Camp for Teen Girls ... - Observer

BBC News

Microsoft patched 'NSA hack' Windows flaws before leak BBC News On Friday, a group called the Shadow Brokers published details of several hacking tools, indicating they had been used by the US National Security Agency (NSA) to spy on money transfers. Reports suggested Microsoft's Windows operating system remained ... Microsoft: Past patches address leaked NSA exploitsInfoWorld Hacking Group Claims NSA Infiltrated Mideast Banking SystemNew York Times What you need to know about that latest NSA data dumpRecode Fortune -Washington Post -Springfield Business Journal -Blogs TechNet - Microsoft all 344 news articles »

Original post:
Microsoft patched 'NSA hack' Windows flaws before leak - BBC News

NEW YORK: Pakistan should use diplomacy and not "proxies" that engage in violence to pursue its interests in Afghanistan and elsewhere, US National Security Adviser Lt Gen H R McMaster has said as he criticised the Pakistani leadership for selectively targeting terror groups.

McMaster in an interview to Afghan television channel ToloNews appeared to take a "tougher line" on Pakistan, which has been accused of using the Taliban as a proxy force and giving its leaders sanctuary.

"As all of us have hoped for many, many years -- we have hoped that Pakistani leaders will understand that it is in their interest to go after these groups less selectively than they have in the past," McMaster said during his latest visit to the war-torn country, according to a report in The New York Times.

"The best way to pursue their interests in Afghanistan and elsewhere is through the use of diplomacy, and not through the use of proxies that engage in violence," it quoted him as saying.

The report added that Afghan officials aware of the discussions with McMaster said there was a common understanding of the threat of terrorist groups emerging from Pakistan.

"And there are other indications that the United States may be weighing a tougher stance on Pakistan, among them General McMaster's reported pick of a point person on the country who has strongly advocated that the United States stop treating Pakistan as an ally and condition any future military aid on fighting terrorist groups," the report added.

It said many analysts, as well as some coalition partners, have been critical of the United States' uphill struggle to persuade Pakistan to crack down on the Afghan Taliban leadership, which has used Pakistan as a base for its battles in Afghanistan.

"Many people in Afghanistan are wondering about the nature of relations between the United States and Pakistan, particularly the fact that everyone recognisers the principal role of Pakistan in supporting Taliban and other terrorist groups," said Davood Moradian, the director of the Afghan Institute for Strategic Studies.

Moradian said the new administration realised that the prior "appeasement policy" with Pakistan had not worked and needed to be reconsidered.

View post:
Use diplomacy, not proxies: US NSA to Pakistan - Economic Times

Exorcists wearing tinfoil hats and burning sage staged a faux purification ritual in Manhattans TriBeCa neighborhood Saturday outside a building that they said was an outpost used by the U.S. government to surveil everyday Americans phone calls, texts and internet usage.

About 50 chanters and passers-by who joined in wailed mock prayers in the direction of the 550-foot-tall windowless monolith at 33 Thomas St., an AT&T-owned building that reportedly has space for surveillance operations by the National Security Agency.

The Intercept, one of the main online news sites publishing leaks by government whistleblower Edward Snowden, has reported that the granite and concrete building appears to have long served as a surveillance site for the agency. The NSA has not confirmed the claims.

This building has eyes, and it is watching you! performer and activist Joe Therrien, 35, of Bedford Stuyvesant, Brooklyn, shouted from inside a pen that the NYPD set up on Church Street for protesters.

The harvested data is then made accessible, added his girlfriend, Sam Wilson, 37, a puppeteer and bartender, in a Google-like mass-surveillance system that the NSA employees use to search through huge quantities of data!

The couple took turns listing the kinds: internet browsing history, chats, passwords, and phone calls.

The NSA could not be reached for comment Saturday, but agency officials have defended bulk surveillance as the only way to thwart terrorist attacks like 9/11.

An AT&T building security guard, speaking through an intercom, told a reporter seeking comment, today being Saturday, we dont have anyone.

An AT&T spokesman didnt immediately return a message seeking comment Saturday, but told The Intercept in November: NSA representatives do not have access to any secure room or space within our owned portion of the 33 Thomas St. building.

Protest organizer Noah Harley, 33, of Ridgewood, Queens, a translator and musician, said the exorcism was designed to be presented in a playful way, in contrast with other protests.

Kill em with kindness, he said.

The spectacle drew tourists, some of TriBeCas midday brunch crowd and other passers-by, including Virginia Mott of Bay Ridge, Brooklyn, and her sister, Tiffiney Biorn, who was visiting from Minneapolis.

When asked about the exorcism event, the sisters began a discussing the surveillance program.

You dont care if the NSA listens to your phone calls? Mott, 29, asked Biorn, 25.

Biorn answered: If they want but I dont do anything.

Mott said she could see both sides of the debate there could be good, there could be bad.

Regardless, she said, the government should be as transparent as possible about its surveillance practices. I mean, if theyre listening to everybody, they can say that, and then we dont know who theyre listening to.

See the original post here:
NSA surveillance protested with mock prayers, chants | Newsday - Newsday

Alleged NSA cyber-infiltration tools empower criminals and intelligence agencies to develop more in this direction, and could be used by anyone able to reproduce and modify the code, software developer and co-founder of Dyne.org Denis Roio says.

A hacking group named Shadow Brokers has published what it claims are some of the cyber-infiltration tools used by the NSA, alleging that the American spy agency used them to break into banking systems.

The leaked NSA malware is said to be capable of breaking into more than half of computers using a Microsoft Windows operating system.

The hacking group behind the revelation also says the NSA may have penetrated several banking services, including SWIFT.

RT:It is quite a staggering thought that 65 percent of Windows users could now be at risk. Is this as big a deal as it seems?

Read more

Denis Roio: The last release that was indeed published to the world is a big deal. It is one of the biggest leaks of actual malware, source code, and documentation on how to do this sort of malware. So, basically, it empowers even more criminals and intelligence agencies to develop more in this direction. Most of the news is reporting that Windows is affected, but unfortunately it is not the only operating system affected. The malware that the National Security Agency of the US has been using to intrude in other organizations also includes EFI (Extensible Firmware Interface) which is a BIOS extension, includes instructions and examples on how to actually build software that will reside on any computer, and not only on computers running on certain version of Windows. The EFI extension is a BIOS extension, it is in every PC, laptop, and desktop computer. And it is basically the small code that runs the operating system. Sometimes you can see on some computers the screen that says BIOS and make some checks of the computer and of the peripherals connected to it. Actually, it includes even code that can run in that phase of the booting and that can address all memory of the computers. So, I would say that the amount of people that are affected is huge, pretty massive.

RT:In what ways has peoples security been compromised exactly?

DR: The way in which the security is compromised is very fussy, is very hard to define. Obviously, this is something that runs attacks on several targets around the world. What is clear is that there is a network, almost like a botnet that is run to control the quantity of computers that are affected by this sort of malware. It resulted from this leak really that there is a fairly sophisticated network of computers that can connect to all the victims and that can report and act on their computers. So, how this is being used there is not only one way. Nowadays, a lot of very delicate operations in different states and organizations around the world are run on top of computers. I would say that most operating systems and computers that are being produced in the last ten years are basically affected. On this leak, there are less details about objects, as of Internet of Things objects, that connect to the network. But the result is that specifically, desktop usage is being addressed, is being targeted and can be manipulated. And you can imagine how many things we keep on our desktop, how much information on our hard disks that we access every day. This information can be changed, can be retrieved by these third party users of the malware, in this case the NSA, but not only. Of course, now that the software is out there, it can be used by anyone that can be able to study, reproduce, and even modify this sort of code.

When we speak about intelligence agencies we have to consider that these guys have huge cyber capabilities, so they are able to hit systems that are not updated. In many cases, these systems have not been designed to be resilient to cyber-attacks They [NSA] are trying to hit systems worldwide probably in order to get information. We have to consider that today almost every intelligence agency may get sensitive information trying to hack computers worldwide. Pierluigi Paganini, head of Cybersecurity Services at Grant Thornton Consultants

RT:What was the NSA doing with this malware, do you think?

DR: Clearly, the malware was developed to intrude in desktop computers and servers, control them and basically counterfeit the information that is on them. There are different users that can be applied to this. And I hear the news that most targets were in the eastern part of the world It is pretty bad that they targeted SWIFT, because financial networks should be neutral. And now it is clear they are not.

The statements, views and opinions expressed in this column are solely those of the author and do not necessarily represent those of RT.

Read the original here:
'Released docs on alleged NSA malware provide instructions for criminals' - RT

This is CNET, and here are the stories that matter right now. The TheShadowBrokers hacking group has released new information. They say that the NSA used Windows hacking tools to target several banks. The hacking tools were stolen last year, and allowed the NSA to break into a range of systems Microsoft says that it has already patched the holes that took advantage of these exploits. iPad 4 users, you might be in line for an upgrade. According to a number of reports, iPad 4 users who have had issues with their tablets might be able to take those machines to Apple to get another tablet. According to 9to5Mac, Apple may replace the faulty iPad 4 tablets with iPad Air 2 models. And finally, images of the Moto C may have leaked online. The images show a large rear camera and a texture power button. The images also show a standard headphone jack along with a micro USB port instead of the newer USB-C standard, and a removable back. [MUSIC] Stay up to date with the latest by downloading the CNET Tech Today app available for Android and iOS.

Go here to see the original:
NSA all up in banks? video - CNET - CNET

PARIS -- A new set of documents purportedly lifted from the U.S. National Security Agency suggests that American spies have burrowed deep into the Middle Easts financial network, apparently compromising the Dubai office of the anti-money laundering and financial services firm EastNets. The company said Friday that the documents were dated and denied that any customer data had been affected.

TheShadowBrokers, which startled the security experts last year by releasing some of the NSAs hacking tools, has recently resumed pouring secrets into the public domain. In a first for TheShadowBrokers, the data includes PowerPoint slides and purported target lists, suggesting that the group has access to a broader range of data than previously known.

This is by far the most brutal dump, said Comae Technologies founder Matt Suiche, who has closely followed the groups disclosures and initially helped confirm its connection to the NSA last year. In a blog post, he said it appeared that thousands of employee accounts and machines from EastNets offices had been compromised and that financial institutions in Kuwait, Bahrain and the Palestinian territories had been targeted for espionage.

In a statement, EastNets said there was no credibility to the allegation that its customers details had been stolen.

Play Video

Part One: The NSA allows 60 Minutes cameras inside the agency's secure areas for the first time to explain what it does and what it says it doesn...

The company, which acts as a service bureau connecting customers to the financial worlds electronic backbone, SWIFT, said the ShadowBrokers documents referred to a low-level internal server that had since been retired and that a complete check of its systems had turned up no evidence of any compromise.

The denial drew skepticism from those whod reviewed the files.

Eastnets claim is impossible to believe, said Kevin Beaumont, who was one of several experts who spent Friday combing through the documents and trying out the code. He said hed found password dumps, an Excel spreadsheet outlining the internal architecture of the companys server and one file that was just a massive log of hacking on their organization.

SWIFT, based in Belgium, released a less categorical statement, saying, we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorized third parties. It said there was no evidence its own network had been compromised.

Play Video

The National Security Agency is under new scrutiny after another alleged breach by a contractor. Harold Martin is accused of stealing top secret ...

Repeated messages seeking clarification from EastNets went unreturned.

The leak also included tools designed to target computers and servers running Microsofts Windows operating system, ZDNet reports. Most of the exploits target older Windows versions, dating back as early as Windows XP and Windows Server 2003, but many supported versions are still on the list, including Windows 7 and Windows 8.

Beaumont said the exploits suggest the work of a sophisticated actor and are a potential worry for many of Windows hundreds of millions of users.

The opinion was seconded by Matthew Hickey of Prestbury, England-based cybersecurity company Hacker House.

Its an absolute disaster, Hickey in an email to the Associated Press. I have been able to hack pretty much every Windows version here in my lab using this leak.

Microsoft said in a statement that it is reviewing the leak and will take the necessary actions to protect our customers. It declined to elaborate.

The NSA, which did not respond to emails, has previously shown interest in targeting SWIFT, according to documents leaked by former intelligence contractor Edward Snowden, and Suiche said other documents in the release suggested an effort to monitor the worlds financial transactions that went beyond EastNets.

Ill bet its not the only SWIFT service bureau thats been compromised, he said.

2017 CBS Interactive Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.

Read more:
New leak suggests NSA penetrated banking networks in Middle ...