Category Archives: Geopolitics

InSecurityWatch: Leaks, spooks, hacks war, more


We begin with the ACLU Blog of Rights, shining the light:

This Secret Domestic Surveillance Program Is About to Get Pulled Out of the Shadows

The federal government will have to produce information on a vast and secret domestic surveillance program and defend the program’s legality in open court. That’s the result of a decision issued Friday by the federal judge presiding over our lawsuit challenging the Suspicious Activity Reporting program, part of an ever-expanding domestic surveillance network established after 9/11.

The program calls on local police, security guards, and the public — our neighbors — to report activity they deem suspicious or potentially related to terrorism. These suspicious activity reports (“SARs” for short) are funneled to regional fusion centers and on to the FBI, which conducts follow-up investigations and stockpiles the reports in a giant database that it shares with law enforcement agencies across the country.

The decision is significant.

Surveillance programs have largely been shielded from judicial review, as many courts have accepted the government’s position that people cannot prove they have been under surveillance, and thus lack standing to sue. In this case, we represent clients who were confronted by law enforcement or know that SARs were uploaded to a counterterrorism database based on their entirely lawful activity. The government will now have to turn over information about a program that has never been subject to public scrutiny.

The problems with the Suspicious Activity Reporting program are manifold, beginning with the fact that government doesn’t require reasonable suspicion of criminal activity — an already low threshold — for a SAR to be maintained and shared. That violates a binding federal regulation, which is part of the basis for the lawsuit.

From AJ+, our first [but not last] leak story:

Spy Cables: Inside South Africa’s Spy Agency

Program notes:

Ever wondered how Africa’s most powerful spy agency operates? The Spy Cables show us how South Africa’s State Security Agency’s plans to build a secret satellite with Russia which would enable them to spy over all of Africa — take that NSA! Also, learn how a security screw up led to the African Union Chief almost being killed in Addis Ababa.

From the Guardian, domestic snooping:

South Africa spied on own government to get facts on joint project with Russia

  • Intelligence agency used agent with links to Russian government to glean information about satellite surveillance programme, leaked cables reveal

South Africa’s intelligence service relied on a spy “with direct access to the Russian government” to find out details of its own government’s involvement in a $100m (£65m) joint satellite surveillance programme with Russia, the leaked spy cables obtained by al-Jazeera and shared with the Guardian reveal.

The satellite system, known as Project Condor, which was launched into orbit by Russia in December last year, provides surveillance coverage of the entire African continent. The project has been shrouded in secrecy, with Russia originally refusing to reveal who its client was.

Those in the dark appear to have included South Africa’s intelligence agency. But a South African agent with access to Russian military intelligence was able to help, according to a leaked espionage report marked “top secret” and dated 28 August 2012.

From the Guardian, a Russian Al Queda warning:

Al-Qaida planning kamikaze attacks on ships in Mediterranean, cables claim

  • Leaked document from Russian intelligence agency claims north African branch wants to extend its range to Europe with marine unit

Al-Qaida has developed a seaborne unit to attack targets around the Mediterranean, according to a confidential report from Russian intelligence, one of a cache of secret documents from spy agencies around the world tracking jihadi terrorist groups.

According to the Russians, North African al-Qaida (Aqim – al-Qaida in the Islamic Maghreb) has established a 60-strong team of suicide bombers to plant mines under the hull of ships and to use small, fast craft for kamikaze attacks.

The claim, in a leaked document from Russia’s Federal Security Service (FSB), is one of a string of reports on the rise of Islamic State (Isis) and al-Qaida.

They include a two-month briefing by Omani intelligence estimating that Isis now has up to 35,000 fighters and an income of $1.5m (£1m) a day, reports from United Arab Emirates agents about the Isis leadership structure and a dossier from Jordanian intelligence on confessions extracted from terrorist suspects.

The Guardian has another leak story:

Spies, lies and fantasies: leaked cables lift lid on work of intelligence agencies

  • In the world of espionage, reports peppered with half-truths, rumours and the seemingly outlandish are par for the course, documents show

Intelligence agencies thrive on impressing politicians and the public with their mystique, exploits real or imagined, and possession of information that supposedly gives them a unique understanding of the world.

The reality is often bureaucratic and banal, the information unreliable, uncheckable or available in open sources and their judgments frequently politicised and self-serving. All of those elements can be found throughout the spy cables leaked to al-Jazeera and the Guardian.

Take the story about an Israeli plot to use water-gobbling plants to sabotage Egypt. The alleged scheme is mentioned in a 56-page report compiled by South African intelligence on the Israeli spy agency Mossad.

SecurityWeek covers snoopery north of the border:

Canada Monitoring Citizens’ Emails to Government: Media

Ottawa – Canada’s electronic eavesdropping agency has amassed a huge trove of emails sent to the government, as part of its cybersecurity mandate, according to a leaked secret document Wednesday.

And their retention by the Canadian Security Establishment (CSE) for days, months or years in some cases, is worrying privacy advocates.

Public broadcaster CBC, citing a 2010 document obtained from former US National Security Agency contractor Edward Snowden, said the CSE closely monitors visits to government websites and scans about 400,000 emails per day for suspicious content, links or attachments.

The electronic communications include Canadians’ electronic tax returns, emails to members of Parliament and passport applications, the Canadian Broadcasting Corporation said.

From RT, dis-Dane-ful:

Denmark’s plan to give spooks greater-than-NSA spy powers sparks outcry

Copenhagen is considering empowering its intelligence services to conduct covert electronic surveillance on citizens abroad without the need for a court order. Outraged privacy advocates have pledged to fight the initiative.

Despite the global outpouring of criticism of the National Security Agency and its affiliated partners in the so-called Five Eyes spying ring, which was exposed by NSA whistleblower Edward Snowden in 2013, it seems the Danish government is only too willing to take spying to an unprecedented new level.

As part of a package of new anti-terror initiatives, Copenhagen is now prepared to empower the Danish Defense Intelligence Service (Forsvarets Efterretningstjeneste, or FE) with greater snooping authority than the NSA.

However, plans to give Danish intelligence what appears to be unlimited access to the electronic communications of Danish citizens abroad is being criticized by privacy watchdog groups, including the think-tank Justitia and Associate Professor Anders Henriksen, from the University of Copenhagen.

From TheLoca.de, jailed for a speech “crime”:

Ex-lawyer jailed again for Holocaust denial

A Munich court on Wednesday sentenced a previously convicted Holocaust denier and ex-lawyer to a second jail term, after she publicly declared that there had been no organized genocide of the Jews under Adolf Hitler.

Sylvia Stolz, 51, was sentenced to 20 months’ imprisonment for telling an anti-censorship congress in Switzerland in 2012 that the “so-called Holocaust” under Adolf Hitler’s National-Socialist (Nazi) Party had never been legally defined or proven, the Süddeutsche Zeitung reported.

In an almost 100-minute address, video footage of which was used as evidence in her trial, Stolz stated before a crowd of 2,000 people there was no hard evidence of either Nazi plans or orders “to partially or wholly destroy Jewry”.
Therefore it was in itself a breach of the law that people like her who defended others put on trial for Holocaust denial should be prosecuted, she argued.

Another U.S. ISIS-related bust, via the Guardian:

Three New York men charged over alleged attempt to join Isis in Syria

  • One arrested at airport trying to board flight to Istanbul, another purchased ticket for Turkey on 29 March and third allegedly operated ‘domestic support network’

Three men from Brooklyn, New York are facing terrorism charges for allegedly attempting to join Islamic State (Isis) militants in Syria, federal authorities said on Wednesday.

Two of the men, Abdurasul Hasanovich Juraboev, 24, and Abror Habibov, 30, are Uzbekistani citizens; the other is a 19-year-old Kazakhstani citizen, Akhror Saidakhmetov. All three were charged with conspiracy to provide material support to Isis.

Their indictment was announced by the the FBI, the New York police department and US attorney Loretta Lynch, who is in the process of being confirmed by the Senate as US attorney general.

From the Guardian, a call for justice in the Windy City:

Chicago ‘black site’: former US justice officials call for Homan Square inquiry

  • Two ex-senior Justice Department officials say allegations about police operation are ‘very disturbing’ and raise serious questions about constitutional violations

Two former senior Justice Department officials are calling on their colleagues to investigate a secretive warehouse used for interrogations by Chicago police and likened to a CIA “black site” facility.

Sam Bagenstos, who during Barack Obama’s first term was the Justice Department’s No 2 civil rights official, said that the Guardian’s exposé of the Homan Square police warehouse raised concerns about “a possible pattern or practice of violations of the fourth and fifth amendments” that warranted an inquiry.

William Yeomans, who worked in the civil rights division from 1981 to 2005, and served as its acting attorney, said the allegations about off-the-books interrogations and barred access to legal counsel reported by the Guardian merited a preliminary investigation to confirm them, a first step toward a full civil rights investigation.

From the Guardian, intimidating cops under the gun in Old Blighty:

British police investigated over attempts to recruit activists as spies

  • Two Cambridgeshire officers face misconduct allegations after approaches by covert unit that campaigners said left them stressed and paranoid, with some ending their political activities

It is examining allegations that coercive and at times repeated approaches by police caused the activists to give up their political campaigning, or left them stressed and paranoid.

One campaigner wore a secret camera to capture police attempting to persuade him to spy on Cambridge University students, environmentalists, campaigners against government cuts and anti-racist activists. The footage was broadcast by the Guardian in 2013.

Another, a 23-year-old single mother, has alleged that police threatened to prosecute her if she disclosed to anyone, including her mother, the attempt to recruit her as an informer.

Cambridgeshire police are carrying out the internal investigation into what they have described as serious allegations surrounding its attempted recruitment of informers.

From the New York Times, more arrests for presidential wiretapping in Turkey:

Turkish Police Arrested and Accused of Wiretapping President Erdogan

Police officers in Turkey arrested dozens of fellow officers on Wednesday accused of wiretapping President Recep Tayyip Erdogan and top government officials.

The chief prosecutor’s office in Ankara, the capital, issued 54 arrest warrants, the Anadolu News Agency reported, and at least 40 people were arrested in a wave of early morning raids that were carried out simultaneously in 19 cities.

The arrests are the latest salvo in a feud between Mr. Erdogan and his former ally, Fethullah Gulen, an influential Muslim cleric who lives in exile in Pennsylvania and has been accused of participating in a plot to overthrow the government.

After the jump, Al Jazeera reporters busted for droning Paris, a drone ban in Morocco, Charlie Hebdo back on schedule, a big reward for a hacking bank robber, Instagram leaks celebrity locations, an Aussie Anonymous hacker charged with attacking spooky sites, major civil rights failures by the major powers, on to the ISIS front and historical nihilism as libraries are burned and artifacts sold, and ISIS sounds up Syrian Christians, Lakes Chad fish traders bombed by Niger to defund Boko Haram, as Boko Haram targets Nigerian elections, a 100-bomb North Korean nuclear arsenal envisioned, China demotes a spy chief, corrupt officials planned to assassinate China’s leaders, China extends its bombers’ reach, and Okinawan opposition to an American base increases. . . Continue reading

InSecurityWatch: Leaks, hacks, crime, spooks


We begin with a twofer from Reuters:

South African spooks red-faced from latest spy data leak

A mass leak of South African espionage secrets will cause many foreign agencies to think twice before sharing information with Pretoria, hampering its efforts to walk a delicate diplomatic tightrope between East and West, experts said on Tuesday.

Britain’s Guardian paper and Gulf TV channel Al Jazeera said they had obtained hundreds of dossiers, files and cables from the world’s top spy agencies to and from South Africa, dubbing it “one of the biggest spy leaks in recent times”.

“A leak like this affects the credibility of the agencies and how they cooperate,” said Mike Hough, a retired professor from Pretoria University’s Institute for Strategic Studies. “It could lead to the termination of certain projects.”

From Al Jazeera, something many journalists have assumed for a half century:

Spy cables: Israel airline used as intelligence ‘front’

  • Leaked documents reveal South Africa challenged Mossad over alleged clandestine security operations under El Al cover.

Secret cables obtained by Al Jazeera’s Investigative Unit confirm that South Africa’s spy agencies concurred with allegations that Israel uses its flag-carrier, El Al Airlines, as cover for its intelligence agencies.

Leaked documents from South Africa’s intelligence agency support claims made on a 2009 South African television programme by a former El Al employee-turned-whistleblower.

Despite official Israeli denials, the whistleblower’s claims prompted an emergency meeting between senior officials from both sides, as well as a separate note of enquiry from Canada’s intelligence agency.

Another leak, via the Guardian:

Spy cables: Greenpeace head targeted by intelligence agencies before Seoul G20

  • South Korea’s intelligence service requested information about South African activist Kumi Naidoo in runup to leaders’ meeting in 2010

The head of Greenpeace International, Kumi Naidoo, was targeted by intelligence agencies as a potential security threat ahead of a major international summit, leaked documents reveal.

Information about Naidoo, a prominent human rights activist from South Africa, was requested from South African intelligence by South Korea’s National Intelligence Service (NIS) in the runup to a meeting of G20 leaders in Seoul in 2010.

He was linked in the intelligence request with two other South Africans who had been swept up in an anti-terrorist raid in Pakistan but later released and returned to South Africa.

And from Al Jazeera, faults revealed:

Spy Cables expose S Africa’s alarming security failings

  • Secret documents reveal an array of security lapses and flaws within South African government and intelligence.

South African government and security agencies have left secrets exposed at every level and foreign spies have access to all areas of government, according to Intelligence documents obtained by Al Jazeera’s Investigative Unit.

A secret security assessment by South African intelligence says foreign espionage is booming, with more than 140 foreign spies estimated to be operating in South Africa – and that the South African state is doing a poor job of protecting itself.

They are thought to have gained access to government departments, ministries and “even the presidency” and are suspected of breaking into nuclear power plants, stealing military blueprints and hacking computers.

The report slams poor security awareness among civil servants, who regularly failing to observe the most basic procedures, leaving classified information unlocked and failing to adequately vet new recruits.

From the Los Angeles Times, a major security fail:

State Department official arrested, suspected of soliciting sex from minor

A senior State Department official who oversees counter-terrorism programs has been arrested on suspicion of of soliciting sex from a minor, authorities in Virginia said late Tuesday.

Daniel Rosen was arrested at his home in Washington, D.C., just after noon and is being held in the city’s jail on suspicion of use of a communications device to solicit a juvenile, said Lucy Caldwell, spokeswoman for the Fairfax County Police Department.

According to his LinkedIn profile, Rosen, 44, is the director of counter-terrorism programs and policy for the State Department. Police said they have notified the State Department of his arrest.

A kindred failure across the pond, via the London Telegraph:

Sir Malcolm Rifkind to step down as MP and resigns from security committee

  • Tory MP Sir Malcolm Rifkind is to step down as an MP at the General Election and has also resigned as chairman of the Parliamentary Intelligence and Security Committee

Sir Malcolm Rifkind, the Conservative MP embroiled in cash for access allegations, is to step down as an MP at the General Election and has also resigned as chairman of the Parliamentary Intelligence and Security Committee.

Sir Malcolm was suspended by the Conservative Party pending an internal investigation on Monday after telling undercover reporters from The Telegraph and Channel 4’s Dispatches that he would use his position as a politician to help a fictitious Chinese company.

His decision to stand down as the Conservative MP for Kensington means there will be a contest for one of the Conservative Party’s safest seats.

The Guardian exposes a case of Chicago P.D. reality rising to film noir levels:

Chicago’s Homan Square ‘black site’: surveillance, military-style vehicles and a metal cage

  • This building looks innocent enough. But those familiar with the secretive interrogation and holding facility describe a shocking display of police abuses

From the outside, you have to concentrate to realize Homan Square is a police facility. At first glance, it’s an unremarkable red brick warehouse, one of a handful on Chicago’s west side that used to belong to Sears Roebuck, complete with roll-up aluminum doors. No prominent signage tells outsiders it belongs to the police. The complex sits amidst fixtures in a struggling neighborhood: a medical clinic, takeout places, a movie theater, a charter school.

But a look at what surrounds the warehouse gives clearer indications of Homan Square’s police business. The yellow barrier for cars at the street checkpoint. The vans in the motor pool marked Chicago Police Forensic Services parked next to the unmarked cars. The black-and-white checkered door to match the signature pattern on Chicago police hats. The floodlights on the roof. The guy with a gun walking outside and smoking a cigarette in a black windbreaker with POLICE written on the back.

Over the years Homan Square has formed a backdrop for high-profile drug seizures, where Chicago officials or cops display cocaine, marijuana and guns taken off the street. The rock group Portugal.The Man reportedly sent Homan Square detectives three dozen doughnuts – plus croissants and danishes – in gratitude for helping the band recover stolen music equipment.

But its interrogations function is less well known, even to close observers of Chicago police. Anthony Hill, an attorney, said he once made it into Homan Square, to the surprise of police, and said he saw “four, five cells,” describing it as a “bare-bones police station.

“When I got in, they were so shocked I was there they didn’t know what to do with me,” he said.

The Hill takes a profitable spin through the revolving spooky door:

NSA staffers rake in Silicon Valley cash

Former employees of the National Security Agency are becoming a hot commodity in Silicon Valley amid the tech industry’s battle against government surveillance.

Investors looking to ride the boom in cybersecurity are dangling big paydays in front of former NSA staffers, seeking to secure access to the insider knowledge they gained while working for the world’s most elite surveillance agency.
With companies desperate to protect their networks against hackers, many tech executives say the best way to develop security products is to enlist the talents of people who have years of experience cracking through them.

“The stories he could tell,” venture capitalist Ray Rothrock recalled about his meetings with a former NSA employee who founded the start-up Area 1 Security. “They come with a perspective that nobody in Silicon Valley has.”

From the Verge, from their resumes:

The NSA’s SIM heist could have given it the power to plant spyware on any phone

Last week, The Intercept published shocking new documents detailing a campaign by US and UK spies to hack into the SIM manufacturer Gemalto, stealing crucial encryption keys that protect and authenticate cellphone signals. But while it was clearly a major attack, I had a hard time seeing the operational benefits for the world’s spy agencies. SIM encryption only protects calls between your phone and the cell tower, which means any would-be surveillers would need to stay within a mile of the target. It’s also puzzling because carriers are often happy to hand over all their data with a blanket court order. Why would the GCHQ go to so much trouble for access to data they mostly already have?

But in the days since the report published, there’s been concern over an even more frightening line of attack. The stolen SIM keys don’t just give the NSA the power to listen in on calls, but potentially to plant spyware on any phone at any time. Once the stolen keys have bypassed the usual protections, the spyware would live on the SIM card itself, undetectable through conventional tools, able to pull data and install malicious software. If the NSA and GCHQ are pursuing that capability, it could be one of the biggest threats unearthed by Snowden so far.

Our earlier report focused on the Ki keys, used to encrypt traffic between the phone and the tower — but this new attack uses a different set of keys known as OTA keys, short for “over-the-air.” Each SIM card gets its own OTA key, typically used to remotely install updates. Manufacturers can send a binary text message directly to the SIM card, and as long as it’s signed with the proper OTA key, the card will install the attached software without question. If those keys were compromised, it would give an attacker carte blanche to install all manner of spyware. Researcher Claudio Guarnieri, who’s researched the Snowden documents extensively, says the OTA keys could make the Gemalto heist the most important news to come out of the documents so far. “It’s scary,” Guarnieri says. “If the NSA and GCHQ have obtained a large quantity of OTA keys, we’re facing the biggest threat to mobile security ever.”

From the Guardian, real class-y AT&T:

AT&T is putting a price on privacy. That is outrageous

  • Poor customers should not have to choose between being spied on and forking over money

Imagine if the postal service started offering discount shipping in exchange for permission to scan every letter you receive and then target you with junk mail based on the contents of your personal mail.

One of the largest telecommunications companies in America, AT&T, is doing just that for customers of its super-fast gigabit broadband service, which is rolling out in select cities. Though a few months ago, it dropped the use of an undeletable “supercookie” that tracked subscribers’ web browsing activity, AT&T reportedly plans to track and monetize its broadband customers’ internet activity – “webpages you visit, the time you spend on each, the links or ads you see and follow, and the search terms you enter” – to deliver targeted “ads online, via email or through direct mail”.

The tracking and ad targeting associated with the gigabit service cannot be avoided using browser privacy settings: as AT&T explained, the program “works independently of your browser’s privacy settings regarding cookies, do-not-track and private browsing.” In other words, AT&T is performing deep packet inspection, a controversial practice through which internet service providers, by virtue of their privileged position, monitor all the internet traffic of their subscribers and collect data on the content of those communications.

What if customers do not want to be spied on by their internet service providers? AT&T allows gigabit service subscribers to opt out – for a $29 fee per month.

After the jump, ghoulish corporate vultures follow our health concerns online, a Dutch university occupation evicted, Germans lose faith in democracy, the Anthem health data breach scope widens, widespread ongoing hack points persist in many aps, denial of service attacks target Google in Vietnam, on to the Mideast and an Assyrian Christian army mobilizing to fight ISIS, a Saudi apostasy death sentence, a Pakistani cell phone fingerprint requirement, pushing for a North Korean nuclear surrender, China raises NATO hackles with a missile sale to Turkey, Hong Kong delegates to the Beijing legislature call for a crackdown, Shinzo Abe aims for more power for military commanders, more Okinawan anger over an American military base move, and a Japanese human rights downgrade. . . Continue reading

InSecurityWatch: Leaks, hacks, spooks, war, ISIS


And more. . .

We begin with the first of a series of stories prompted by a major cache of secret cables handed over to the Al Jazeera Investigative Unit:

Mossad contradicted Netanyahu on Iran nuclear programme

Spy Cables reveal Mossad concluded that Iran was not producing nuclear weapons, after PM sounded alarm at UN in 2012

Less than a month after Prime Minister Benjamin Netanyahu’s 2012 warning to the UN General Assembly that Iran was 70 per cent of the way to completing its “plans to build a nuclear weapon”, Israel’s intelligence service believed that Iran was “not performing the activity necessary to produce weapons”.

A secret cable obtained by Al Jazeera’s Investigative Unit reveals that Mossad sent a top-secret cable to South Africa on October 22, 2012 that laid out a “bottom line” assessment of Iran’s nuclear work.

It appears to contradict the picture painted by Netanyahu of Tehran racing towards acquisition of a nuclear bomb.

Another Al Jazeera story:

Israeli cable reveals S Africa missile theft cover-up

  • Leaked Mossad cable shows Israel obtained stolen missile plans, and South Africa asked for their return

Next, the first of two headlines about the cables from the Guardian:

Spy cables: MI6 intervened to halt South African firm’s deal with Iranian client

  • Furnace maker was ‘advised most strongly’ to end contract with company suspected of being involved in weapons manufacturing

The next Guardian headline:

CIA attempted to contact Hamas despite official US ban, spy cables reveal

  • Leaked files show US ‘desperate to make inroads’ into Gaza as well as Barack Obama’s alleged threat to Palestinians over statehood

While the Daily Dot points out a non-deletion:

Al Jazeera error puts North Korean spy’s life on the line

Newly leaked documents show the British government attempting to recruit a North Korean spy—but journalists have failed to properly redact the cables, potentially putting the life of the North Korean and his family in grave jeopardy.

Al Jazeera, the Qatar-based news organization, published on Monday a leaked cable from the British Secret Intelligence Service outlining in great detail its attempt to bring a North Korean asset into a “long term clandestine relationship in return for payment.”

The four-page document was published with dozens of redactions, including the exact name of the North Korean individual in question.

However, the journalists left in key information. Dates and specific locations relating to where the North Korean individual met with British spies remains readable, vastly narrowing down the suspects North Korean authorities will no doubt be looking for.

Finally, a video summary for Al Jazeera America’s AJ+:

The Spy Cables – 4 Things We Learned From Leaked Documents

Program notes:

The Spy Cables are the largest release of intelligence documents since Edward Snowden’s and have been obtained exclusively by Al Jazeera’s investigative unit. They show us how spies spy on one another and also occasionally help each other spy on mutual enemies. South Africa’s spy agency and MI6 have worked together to shift a North Korean spy’s allegiance. Also, find out who South Korea considers a dangerous individual – the answer might surprise you.

Here’s the masterpage for the Al Jazeera Investigative Unit leak cache stories.

From the New York Times, playing politics to the heights of absurdity:

Concerns Mount as Homeland Security Shutdown Looks Likely

The notion that Congress might actually shut down the Department of Homeland Security as part of a broader fight over President Obama’s immigration policies seemed laughable just a few weeks ago.

Literally.

A top Republican staff member laughed when asked if Republicans, who are usually security-minded, were prepared to shut down the agency in a political battle over Mr. Obama’s recent executive actions.

But now, with just days remaining until funding for the Homeland Security agency runs out on Friday, a shutdown of the department is looking increasingly likely.

And from CNN, the usually unmentioned:

DHS intelligence report warns of domestic right-wing terror threat

  • They’re carrying out sporadic terror attacks on police, have threatened attacks on government buildings and reject government authority.

A new intelligence assessment, circulated by the Department of Homeland Security this month and reviewed by CNN, focuses on the domestic terror threat from right-wing sovereign citizen extremists and comes as the Obama administration holds a White House conference to focus efforts to fight violent extremism.

Some federal and local law enforcement groups view the domestic terror threat from sovereign citizen groups as equal to — and in some cases greater than — the threat from foreign Islamic terror groups, such as ISIS, that garner more public attention.?

The Homeland Security report, produced in coordination with the FBI, counts 24 violent sovereign citizen-related attacks across the U.S. since 2010.

Network World covers a demand:

NSA director wants gov’t access to encrypted communications

It probably comes as no surprise that the director of the U.S. National Security Agency wants access to encrypted data on computers and other devices.

The U.S. should be able to craft a policy that allows the NSA and law enforcement agencies to read encrypted data when they need to, NSA director Michael Rogers said during an appearance at a cybersecurity policy event Monday.

Asked if the U.S. government should have backdoors to encrypted devices, Rogers said the U.S. government needs to develop a “framework.”

From Nextgov, a prognostication desideratum:

Spy Research Agency Is Building Psychic Machines to Predict Hacks

Imagine if IBM’s Watson — the “Jeopardy!” champion supercomputer — could answer not only trivia questions and forecast the weather, but also predict data breaches days before they occur.

That is the ambitious, long-term goal of a contest being held by the U.S. intelligence community.

Academics and industry scientists are teaming up to build software that can analyze publicly available data and a specific organization’s network activity to find patterns suggesting the likelihood of an imminent hack.

The dream of the future: A White House supercomputer spitting out forecasts on the probability that, say, China will try to intercept situation room video that day, or that Russia will eavesdrop on Secretary of State John Kerry’s phone conversations with German Chancellor Angela Merkel.

From the New York Times, documenting:

Document Reveals Growth of Cyberwarfare Between the U.S. and Iran

The document, which was written in April 2013 for Gen. Keith B. Alexander, then the director of the National Security Agency, described how Iranian officials had discovered new evidence the year before that the United States was preparing computer surveillance or cyberattacks on their networks.

It detailed how the United States and Britain had worked together to contain the damage from “Iran’s discovery of computer network exploitation tools” — the building blocks of cyberweapons. That was more than two years after the Stuxnet worm attack by the United States and Israel severely damaged the computer networks at Tehran’s nuclear enrichment plant.

And from the Washington Post, they want in on the action:

CIA looks to expand its cyber espionage capabilities

CIA Director John O. Brennan is planning a major expansion of the agency’s cyber espionage capabilities as part of a broad restructuring of an intelligence service long defined by its human spy work, current and former U.S. officials said.

The proposed shift reflects a determination that the CIA’s approach to conventional espionage is increasingly outmoded amid the exploding use of smartphones, social media and other technologies.

U.S. officials said Brennan’s plans call for increased use of cyber capabilities in almost every category of operations — whether identifying foreign officials to recruit as CIA informants, confirming the identities of targets of drone strikes or penetrating Internet-savvy adversaries such as the Islamic State.

From the McClatchy Washington Bureau, what else to expect?:

Rejection of NSA whistleblower’s retaliation claim draws criticism

Thomas Drake became a symbol of the dangers whistleblowers face when they help journalists and Congress investigate wrongdoing at intelligence agencies. He claims he was subjected to a decade of retaliation by the National Security Agency that culminated in his being charged with espionage.

But when the Pentagon Inspector General’s Office opened an inquiry into the former senior NSA official’s allegations of retaliation in 2012, it looked at only two of the 10 years detailed in his account, according to a recently released Pentagon summary of the probe, before finding no evidence of retaliation. That finding ended Drake’s four-year effort to return to government service.

Whistleblower advocates say Drake’s experience, spelled out in a document McClatchy obtained this month through the Freedom of Information Act, underscores the problem that intelligence and defense workers face in bringing malfeasance to the surface. The agencies that are supposed to crack down on retaliation are not up to the task, especially when the alleged wrongdoing involves classified information, they charge.

From the Independent, debunking the justification for the new state security regime Down Under:

Tony Abbott admits there were 18 warning calls before Sydney attack

A national security hotline received 18 calls about “self-styled” cleric Man Haron Monis just days before he took 18 people hostage at a café in Sydney, a report into the siege has revealed.

The calls between 9 and 12 December last year all concerned material on his Facebook page.

Just three days later he was shot dead by police after a 17-hour siege which left two hostages dead along with Monis himself.

It was later revealed that the Iranian-born attacker, who had long been known to security services, was out on bail at the time of the attack.

And from VICE News, a failure to communicate North of the Border:

The Canadian Security Intelligence Service Refused to Tell Us How Much It Spent on an Unconstitutional Snooping Campaign

“We neither confirm nor deny that the records you requested exist. We are, however, advising you, as required by paragraph 10(1)(b) of the Act, that such records, if they existed, could reasonably be expected to be exempted.”

Translation: We’re not telling.

In January, VICE filed an Access to Information (ATI) request, asking for a slew of financial reports from the Canadian Security Intelligence Service. The specific documents we’re after are invoices for thousands, if not millions of payments made from various law enforcement bodies to Canada’s telecommunications companies.

For a decade, up until a surprise 2014 Supreme Court ruling, Canada’s investigators made informal requests to the country’s cellphone and internet providers for their customers’ personal information. They never had to go to a judge to make those requests. As an incentive, police paid nominal amounts of money per request—$1.50 here, $10 there—that they wouldn’t normally pay for requests authorized by a warrant.

After the jump, when your cell phone battery gives you away, more adware snooping enablement malfunctions, a bankster’s secrecy apologia, corporate espionage in the Indian oil biz, Obama’s promised Border Patrol reforms unfulfilled, Russian accusations of Western dominance aspirations, the Hitler-posing Pegida xenophobe reclaims his role, on to the Mideastern battlefield and a French carrier dispatched, signs that ISIS has deep roots, and the movement’s new English language schools, the emerging narrative on Libya, an embargo-busting Russian missile offering to Iran, the ISIS threat to Pakistan, a school assassination plotter nabbed, Myanmar captures rebel army bases, Japan’s Shnzo Abe makes a provocative insular move and South Korea responds, Japan plans more military attache deployments abroad, and a crown prince issue historical advice. . . Continue reading

InSecurityWatch: Fear, malls, hacks, terror, war


With begin with CNBC and the latest shrieking from Europe:

Nato must prepare for Russian Blitzkrieg, warns UK general

Nato forces must prepare for an overwhelming Blitzkrieg-style assault by Russia on an eastern European member state designed to catch the alliance off guard and snatch territory, the deputy supreme commander of the military alliance has warned.

Openly raising the prospect of a conventional armed conflict with Russia on European soil, the remarks by Sir Adrian Bradshaw, second-in-command of Nato’s military forces in Europe, are some of the most strident to date from Nato. They come amid a worsening in relations with the Kremlin just days into a second fragile ceasefire aimed at curbing continued bloodshed in Ukraine’s restive east between Kiev’s forces and Russian-backed separatists.

Speaking at the Royal United Services Institute think-tank in London on Friday, Sir Adrian warned that as well as adapting to deal with subversion and other “hybrid” military tactics being used by Russia in Ukraine, allied forces needed to be prepared for the prospect of an overt invasion.

The Christian Science Monitor sounds the latest alarm:

Big US, Canadian shopping malls: Next terrorist target?

A new video threat from the Al Qaeda-linked extremist group Al Shabab calls for terrorist attacks on major shopping malls in the US, Canada, and Britain. Malls are adding extra security.

Homeland Security Secretary Jeh Johnson says he’s “confident” that big shopping malls will enhance security measures in the wake of new threats of attack by Al Shabab, an Al Qaeda-linked extremist group based in Somalia.

Still, Secretary Johnson said on CNN Sunday, “Anytime a terrorist organization calls for an attack on a specific place, we’ve got to take that seriously.” Johnson spoke on five Sunday morning TV news programs.

On Saturday, Al Shabab released an online video calling for attacks on western shopping centers, including the Mall of America in Minnesota, the West Edmonton Mall in Alberta, and Oxford Street in London.

From the Washington Post, first responder/worst responder?:

DHS tackles endless morale problems with seemingly endless studies

Afflicted with the lowest morale of any large federal agency, the Department of Homeland Security did what comes naturally to many in government.

It decided to study the problem. And then study it some more.

The first study cost about $1 million. When it was finished, it was put in a drawer. The next one cost less but duplicated the first. It also ended up in a drawer.

So last year, still stumped about why the employees charged with safeguarding Americans are so unhappy, the department commissioned two more studies.

And from the Guardian, cashing in:

Al-Shabaab mall threat ‘all the more reason’ to avoid shutdown, says homeland security chief

  • Somali terror group releases video threatening US, Canada and UK malls
  • DHS funding will end Friday if immigration impasse is not solved

The US homeland security secretary on Sunday seized on a new threat of attacks against western shopping centres by Islamist terrorists to pressure Congress to avert a partial shutdown of his department and agree to a funding deal.

Jeh Johnson said a propaganda video released by al-Shabaab on Saturday calling for strikes on the Mall of America in Minnesota, Oxford Street and two Westfield malls in London, and Canada’s West Edmonton Mall, showed “all the more reason why I need a budget”.

“It’s absurd that we’re even having this conversation about Congress’s inability to fund homeland security in these challenging times,” Johnson told CNN. On ABC, he said “it’s imperative that we get it resolved”, adding that senators and members of the House were each blaming those in the other chamber for the impasse.

The Independent covers a precedent set:

How Britain’s treatment of ‘The Hooded Men’ during the Troubles became the benchmark for US ‘torture’ in the Middle East

When Amal Clooney flies into Belfast shortly to meet a group of former Irish prisoners known as ‘The Hooded Men’ it will be the latest chapter of an extraordinary story concerning a quest for justice that has lasted almost half a century.

The international law and human rights specialist has joined the legal team representing all but one of the surviving men who say they were tortured under the British Government’s internment programme. More than 340 men were rounded up on 9-10 August 1971 but a group of just 12 were chosen for “deep interrogation” and subjected to hooding, prolonged stress positions, white noise, sleep deprivation and deprivation of food and drink – the torture methods developed by the British Army during the Troubles and collectively known as the “five techniques”. Two more men suffered the same treatment later that year.

The Hooded Men won their case against the UK in 1976 when the European Commission of Human Rights ruled the techniques were torture, but the findings were overturned by the European Court of Human Rights (ECtHR) on appeal two years later. It ruled that while the five techniques amounted to “a practice of inhuman and degrading treatment” they did not cause suffering of the intensity and cruelty to constitute torture.

From BuzzFeed News, solidarity in the North:

Muslims In Norway Form Human Shield Around Synagogue In Sign Of Solidarity

More than 1,000 people attended the peaceful demonstration in Oslo, with many holding hands and surrounding the synagogue in a protective ring.

Hundreds of Muslims formed a human protective shield around an Oslo synagogue Saturday in a sign of solidarity with the Jewish community there, Reuters reported.

The peaceful demonstration followed the killings of two people at a Copenhagen synagogue the previous week by a Danish-born son of Palestinian parents.

Pictures of the event circulated through social media tagged with the hashtag #ringofpeace.

From teleSUR, old school spookery:

Spying Scandal Threatens to Hurt Ties Between Chile and Peru

  • Peruvian media reported Thursday that three Peruvian navy officers were under investigation for allegedly spying on behalf of Chile.

The Chilean Foreign Minister stated Sunday that he is in consultation with the Chilean ambassador in Peru in order to help prepare the official response to Peru’s diplomatic letter concerning the alleged spying by Chile.

Bilateral relations between Peru and Chile were shaken last week as news broke that three Peruvian navy officers were under investigation for having allegedly spied for Chile between 2005 and 2012. Peru’s Minister of Defense confirmed that the officials were arrested and are being investigated by a military court.

“Ambassador Ibarra, our ambassador in Lima, is currently enjoying a legal vacation in Chile, we are going to keep him in Chile for consultations precisely so he can help prepare the (diplomatic) response to the Peruvian diplomatic letter,” said Chilean Foreign Minister Heraldo Muñoz.

Clouding the issue, via Nextgov:

DOD Wants Physical Separation for Classified Data in the Cloud … For Now

The Defense Department’s evolving cloud strategy and recently updated security requirements govern how commercial cloud service providers can — and in some cases, have already begun to — host some the Pentagon’s most sensitive data.

But the Pentagon isn’t ready yet for classified information to be stored off-premise in the cloud.

In the immortal words of Olivia Newton-John, DOD wants to get physical with classified data that ends up in the cloud, meaning it wants “physical separation” between systems with classified workloads and that of other systems.

From the New York Times, wink, wink:

Chip Maker to Investigate Claims of Hacking by N.S.A. and British Spy Agencies

Gemalto, a French-Dutch digital security company, said on Friday that it was investigating a possible hacking by United States and British intelligence agencies that may have given them access to worldwide mobile phone communications.

The investigation follows news reports on Thursday that the National Security Agency in the United States and the Government Communications Headquarters in Britain had hacked Gemalto’s networks to steal SIM card encryption codes.

The claims — reported on a website called The Intercept — were based on documents from 2010 provided by Edward J. Snowden, the former N.S.A. contractor.

The Register covers an ongoing hacking embarrassment in Foggy Bottom:

Hellooo, NSA? The US State Department can’t kick hackers out of its networks – report

  • Email servers still compromised after THREE months

An attack against US State Department servers is still ongoing three months after the agency spotted miscreants inside its email system, it’s reported.

In November the State Department was forced to suspend its unclassified email systems after it was successfully infiltrated by hackers unknown. At the time the agency said its classified emails were unaffected by the hack.

Now Bloomberg and the Wall Street Journal report multiple sources saying that the attack is still ongoing: the bad guys and girls still have remote access to internal computers.

Every time sysadmins find and delete a malware infection, installed by the hackers, another variant pops up.

The latest from Nextgov:

EXCLUSIVE: State Department Trashed 30,000 Log-in Key Fobs After Hack

The State Department over the past few months replaced some 30,000 network log-in fobs and digital tokens that employees had been using to access its systems remotely, after the agency’s unclassified network was hacked, according to a department official.

During the switchover, some State personnel said they were not able to access work outside the office for months.

“All of us had to turn them in and go through a very extended procedure of changing every aspect of our internal passwording,” said one foreign service officer. “Every one of us had to create new passwords and new PIN numbers to go along with our fobs. They changed the type of format that you use to create a PIN to make it more secure and they changed the requirements for your basic State Department password to make it more secure.”

After the jump, Android malware fakes a shutout to grab your data, hacking your car wash, Italy scores a win over the Googles, France pleads for anti-terror help from Silicon Valley giants, the big guns pull back in Ukraine’s civil war, Isis suicide bombers claim dozens in Libya as Isis woes in Libya fuel an Italian immigrant panic, hints of Isis schisms, Qatar finds itself on the outs over terror, Turkey leverages border fears to gain intel, on to Boko Haram and an abductee reunion, Boko Haram launches another bloody raid, and France calls for support for an all-African anti-Boko Haram force, Australia proclaims a new anti-terror strategy, China irked by an Indian visit to disputed territory, Myanmar rebels claim a government body count, China’s threat to Western eyes in the sky, on to Japan and a call to unleash the military abroad, Shinzo Abe wants Japanese civilian hands to relinquish defense department control, a decision nears on a Japanese insular deployment, another Japanese insular move sparks a South Korean protest, Japan plans an Iraqi diplomatic expansion, and another base relocation protest. . . Continue reading

InSecurityWatch: Fox fustian, crime, fear, war


And so very much more. . .

First up, from Al Jazeera’s AJ+, it’s official:

Fox News Says…The Holy War Is Here!

Program notes:

A Holy War has begun and you should be very afraid! That’s according to Fox News, the news network famous for fear mongering and “fair and balanced” reporting.

From the Washington Post, a domestic security problem:

Threatening ‘white power’ letters appear at police department with a history of racial tensions

Dozens of copies of a threatening and racially charged letter were circulated within a Connecticut police department with a long history of racial tensions, black officers said.

The note, typed on official City of Bridgeport Department of Police letterhead, began and ended with the words “WHITE POWER.” “These Black Officers Belong in the toilet,” the letter reads in part.

Bridgeport Police Lt. Lonnie Blackwell said the unsigned letter comes as no surprise to officers of color in the department, which has long struggled to remedy discrimination claims dating to at least the 1970s.

“This is not the first race-based letter that has circulated recently throughout the Bridgeport Police Department, but this is the most severe and damaging letter,” Blackwell, an African American department veteran, told The Washington Post in an interview. “We’re very concerned for our safety and our well-being as black police officers.”

From the Washington Post, we are not surprised:

Lying in the military is common, Army War College study says

A new study by Army War College professors found that not only is lying common in the military, the armed forces themselves may be inadvertently encouraging it.

The study, released Tuesday, was conducted by retired Army officers and current War College professors Leonard Wong and Stephen J. Gerras. They found that untruthfulness is “surprisingly common in the U.S. military even though members of the profession are loath to admit it.”

The paper’s release follows a series of high-profile incidents involving bad behavior across the services, including a still-widening corruption case involving senior Navy officers and at least two incidents in which Army generals were accused of sexual assault.

From The Hill, similarly unsurprising:

White House: Israel ‘cherry-picking’ intel that distorts Iran talks

The White House is accusing Israel of “cherry-picking” information that distorts the U.S. position in nuclear talks with Iran.

“There’s no question that some of the things that the Israelis have said in characterizing our negotiating position have not been accurate. There’s no question about that,” White House press secretary Josh Earnest said during a press briefing on Wednesday.

“We’ve also been very clear about the fact that the United States is not going to be in a position of negotiating this agreement in public, particularly when we see that there is a continued practice of cherry-picking specific pieces of information and using them out of context to distort the negotiating position of the United States.”

The White House spokesman said those involved in the talks are obligated to act in “good faith.”

From the New York Times, reasonable suspicions:

Fear of Israeli Leaks Fuels Distrust Over U.S. Talks With Iran

With the Obama administration racing to negotiate the outlines of a nuclear deal with Iran by the end of March, aides to Prime Minister Benjamin Netanyahu of Israel have charged in recent days that they are being deliberately left in the dark about the details of the talks. The Americans have said that is untrue, but even one of Washington’s closest negotiating partners reports being warned about being too open with the Israelis, “because whatever we say may be used in a selective way.”

The tensions between the United States and Israel over negotiating with Tehran have a long and twisted history, and they plunged to a new low when Mr. Netanyahu engineered an invitation to address a joint meeting of Congress, in less than two weeks, to warn against a “bad deal.”

Now, with Mr. Netanyahu maneuvering to survive a March 17 election, and Mr. Obama pressing for a breakthrough agreement that could end three decades of enmity with Iran and reduce the chances of a military confrontation, it seems that Washington and Jerusalem are engaging in the diplomatic equivalent of posting notes to each other on the refrigerator door.

From the Guardian, Jeb endorses the panopticon:

Jeb Bush backs brother’s NSA surveillance program ‘to keep us safe’

  • Presidential contender says of NSA dragnet ‘this is a hugely important program’, in sharp contrast to Republican rivals for the White House

Former Florida governor Jeb Bush delivered a full-throated defense of government surveillance programs on Wednesday, expressing a resounding faith in techniques pioneered by his brother, George W Bush, and staking out a position in sharp contrast with other prospective 2016 presidential candidates.

Dragnet metadata collection by the National Security Agency and similar programs were necessary to keeping US citizens safe from foreign terror threats, Bush said – unprompted – during remarks laying out his foreign policy vision as a prospective 2016 presidential candidate.

“For the life of me, I don’t understand – the debate has gotten off track, where we’re not understanding and protecting,” Bush said in a major speech at the Chicago Council on Global Affairs.

From the Associated Press, an accessory pays up:

Poland to pay $262,000 to inmates held at secret CIA prison

Poland will pay 230,000 euros ($262,000) in compensation to two terror suspects who say they were tortured at a CIA secret prison that Poland hosted from 2002-2003, a government minister said Wednesday.

Foreign Minister Grzegorz Schetyna spoke after the European Court of Human Rights in France rejected Poland’s appeal of its earlier ruling.

“We will abide by this ruling because we are a law-abiding country,” Schetyna told Polish Radio 3. “It is a question of the coming weeks, a month.”

But he questioned how the money would be used and whether it needed to be paid directly to the suspects, who are imprisoned in Guantanamo.

From the Guardian, NSAnywhere:

Google warns of US government ‘hacking any facility’ in the world

  • Google says increasing the FBI’s powers set out in search warrants would raise ‘monumental’ legal concerns that should be decided by Congress

Google is boldly opposing an attempt by the US Justice Department to expand federal powers to search and seize digital data, warning that the changes would open the door to US “government hacking of any facility” in the world.

In a strongly worded submission to the Washington committee that is considering the proposed changes, Google says that increasing the FBI’s powers set out in search warrants would raise “monumental and highly complex constitutional, legal and geopolitical concerns that should be left to Congress to decide”.

The search giant warns that under updated proposals, FBI agents would be able to carry out covert raids on servers no matter where they were situated, giving the US government unfettered global access to vast amounts of private information.

From the Guardian, the penultimate contempt:

UK admits unlawfully monitoring legally privileged communications

  • Intelligence agencies have been monitoring conversations between lawyers and their clients for past five years, government admits

The regime under which UK intelligence agencies, including MI5 and MI6, have been monitoring conversations between lawyers and their clients for the past five years is unlawful, the British government has admitted.

The admission that the activities of the security services have failed to comply fully with human rights laws in a second major area – this time highly sensitive legally privileged communications – is a severe embarrassment for the government.

It follows hard on the heels of the British court ruling on 6 February declaring that the regime surrounding the sharing of mass personal intelligence data between America’s national security agency and Britain’s GCHQ was unlawful for seven years.

The Independent covers InSecurity in British high places:

Downing Street accused of being ‘systemically negligent’ with national security secrets after name of ex-SAS officer finds its way into the public domain

Downing Street has been accused of “systemic” negligence in its approach to the handling of sensitive information – by the body charged with keeping threats to national security out of the media.

No 10 is at the centre of an extraordinary row with the secretive DA Notice Committee after the name of a senior former SAS officer found its way into the public domain, The Independent can reveal.

The officer was named when he took up his post as military adviser to No 10 last year. The DA Notice Committee alleges that the name of the ex-SAS man was deliberately given to The Sun newspaper in direct contravention of rules governing the identification of present or former members of Britain’s Special Forces.

After the jump, French surveillance gaps, Aussie metadata storage scheme costs still secret, another claim Pyongyang hacked Sony, whipping up malware with a British cooking site, fake Windows 10 update sites serve up malware too, a unique twist to an Israeli malware attack, a biased Pakistani web crackdown, while Obama disses North Korea’s hacker team, on to the Isis front and a fragmenting Iraq, the former U.S. ambassador to Syria changes course on arming “moderates,” whilst Washington admits having vetted at least 1,200, Isis threatens to flood an increasingly xenophobic Europe with refugees and Italy’s already alarmed, and a reminder of an American bad example, civilians killed in an anti-Boko Haram air strike in Nigeria while Nigeria claims beaucoup Bokos slain, another Tanzanian albino infant butchered for black magic, Pakistan orders a mass expulsion of Afghans, allegations Indian weaponized rape, India greenlights six nuclear subs, seven stealth frigates, mass flight from Myanmar civil war, China tells neighbors to order Uighur returns, Seoul censors a “Comfort Women” book, and a Japanese paper sued over “Comfort Women”a articles, Shinzo Abe’s government readies an overseas deployment law, Abe targets legalized foreign weaponry sales, and new Tokyo/Beijing security talks slated, And two reminders of some nasty old habits resurfacing, first in a racist rank by Brits in Paris, and then in dramatic evidence of prejudice against would-be Latino-named voters in the U.S. . . . Continue reading

InSecurityWatch: Hacks, terror, crime, and war


From the Washington Post, transparency to some, opacity for the masses:

The NSA has reportedly found ways to avoid even the strongest security measures

The U.S. intelligence community has found ways to avoid even the strongest of security measures and practices, a new report from Moscow-based Kaspersky Lab suggests, demonstrating a range of technological accomplishments that place the nation’s hackers as among the most sophisticated and well resourced in the world.

Hackers who are part of what the cybersecurity researchers call “Equation Group” have been operating under the radar for at least 14 years, deploying a range of malware that could infect hard drives in a way almost impossible to remove and cold hide code in USB storage devices to infiltrate networks kept separate from the Internet for security purposes.

Kaspersky’s report did not say the U.S. government was behind the group. But it did say the group was closely linked to Stuxnet — malware widely reported to have been developed by the National Security Agency and Israel that was used in an attack against Iran’s uranium enrichment program — along with other bits of data that appear to align with previous disclosures. Reuters further linked the NSA to the Kaspersky report, citing anonymous former employees of the agency who confirmed Kaspersky’s analysis.

And from the London Daily Mail, a map revealing just where the cyberinfection has struck:

BLOG Cyberinfection

More from Russia’s RT:

Washington ‘real danger’ of cyber warfare, not China or N. Korea – WikiLeaks

The US is engaging in “offensive cyber warfare,” Kristinn Hrafnsson, spokesman for whistleblower organization WikiLeaks, told RT, following the unmasking of a sophisticated hacking ring that has infected thousands of computers in over 30 countries.

“Who is the real criminal?” Hrafnsson asked, during a live interview with RT. “We have been led to believe that the real danger of cyber warfare is from China or North Korea. But I think the real danger here is the US, the superpower. And they can cause real havoc all over the world with their technologies.”

“We are not surprised. We should not be taken aback by anything after what we have learned from Edward Snowden, but we are surprised by the sophistication,” said the Icelandic journalist, who has worked with Julian Assange’s WikiLeaks since 2010.

“To go to the core of the computer, which makes it almost impossible to detect is something that we haven’t seen before.”

The accompanying RT video:

‘Surprise that NSA has tech capable to infiltrate air-gapped computers’

Program notes:

Russian cyber-security company Kaspersky says it has discovered a global hacking group, which has managed to stay hidden for years. WikiLeaks spokesperson Kristinn Hrafnsson says that after such revelations there is no trust in privacy and security in the modern world.

From Motherboard, Kafkaesque:

Companies Fighting US Government Barred From Naming Themselves, Because Security

Two major companies—a telecom and an “internet company”—have asked the US government simply for the right to disclose how often the NSA, FBI, and other agencies ask them for user information. Who are these companies? Who knows! The federal government has said that it’s illegal for them to come forward and name themselves.

That’s the astounding claim alleged by the two companies Tuesday in the Northern District of California court. The companies filed what’s known as an amicus curiae brief in support of Twitter’s ongoing legal battle with the US government, in which the social media company is fighting for the right to be able to publish more granular data about government information requests on its users.

The requests, called National Security Letters (NSLs), are not approved by a judge and are issued by the FBI. NSLs ?have since been deemed unconstitutional, but that decision is being appealed. In the meantime, more NSLs continue to be issued. Last year, the US Department of Justice finally said that companies could disclose information about NSL requests, but only in a way that makes it nearly useless.

From Network World, a handover:

Russian extradited to US for hacks that stole 160 million credit card numbers

A Russian man accused of high-profile cyberattacks on Nasdaq, Dow Jones, Heartland Payment Systems and 7-Eleven has been extradited to the U.S. and appeared in court in Newark, New Jersey, Tuesday.

Vladimir Drinkman, 34, of Syktyykar and Moscow, Russia, was charged for his alleged role in a data theft conspiracy that targeted major corporate networks and stole more than 160 million credit card numbers, the U.S. Department of Justice said in a press release. Drinkman was arrested in the Netherlands in June 2012 and had been detained there.

Drinkman appeared Tuesday in U.S. District Court for the District of New Jersey and entered a plea of not guilty to 11 counts he faces. His trial is scheduled to begin in April.

From Network World, cybermercs:

Arabic cyberespionage group attacking Middle Eastern, other targets

An Arabic cyberespionage group has attacked thousands of high-profile targets in Egypt, Israel, Jordan and other countries for the past two years, cybersecurity vendor Kaspersky Lab said.

The cybermercenaries, which the vendor dubbed the Desert Falcons, has stolen more than 1 million files from 3,000 victims in more than 50 countries, Kaspersky Lab said Tuesday. The group, likely native Arabic speakers, began in 2011, with the first infections coming in 2013, the company said.

Targeted countries include Algeria, Lebanon, Turkey and the United Arab Emirates in the Middle East, and the U.S., Russia, France and Sweden beyond the region, Kaspersky said.

Hacking escalation in Japan, via SecurityWeek:

Japan Sees 25 billion Cyberattacks in 2014: Govt Agency

More than 25 billion cyberattacks on the Japanese government and other bodies were logged in 2014, an agency said Tuesday, with 40 percent of them traced to China.

The National Institute of Information and Communications Technology (NICT), which has a network of a quarter of a million sensors, said there were 25.66 billion attempts to compromise systems, according to a report by Kyodo News.

The figure includes attacks aimed at testing the vulnerability of software used in servers. The survey was first carried out in 2005, when it recorded just 310 million attempts to breach security.

NICT said an increasing number of the attacks it was seeing involve attempts to take over routers, security cameras and other systems connected to the Internet.

From the Register, about that Samsung in your bedroom. . .:

Samsung’s spying smart TVs don’t encrypt voice recordings sent over the internet – new claim

  • They only listen with permission but blab everything in the clear

Not only is your Samsung smart TV snooping on what you say, it sends recordings of your voice over the internet unencrypted – leaving it open to eavesdropping and mischief – security researchers say.

Samsung insisted last week that its TV voice-control technology isn’t half as creepy as its terms and conditions suggested. Now findings by security consultancy Pen Test Partners will renew fears of smart gizmos riding roughshod over your privacy.

Modern Samsung smarts TVs can be controlled by voice: just speak, and a builtin microphone will hear you. You start a command by saying a phrase, such as “Hi TV”. This causes the television to listen in for more, and then – as the terms and conditions state – your voice, and whatever else is going on around you, is recorded and transmitted over the internet for processing.

A digital connection, via CNN:

Report: Cherif Kouachi texted Coulibaly an hour before Paris attacks began

One of the brothers who committed January’s massacre at the French satirical magazine Charlie Hebdo texted the man who would later kill hostages at a Paris kosher supermarket a little more than an hour before the first attack, French newspaper Le Monde reported Tuesday.

Le Monde also reported that the January 7 Charlie Hebdo massacre nearly was canceled the day before, because one of the attackers was sick.

The newspaper cited unnamed French investigative sources for both accounts. Le Monde reported that it didn’t know the message’s content, but said it helps to show the Charlie Hebdo attacks by Cherif and Said Kouachi and supermarket attack by Amedy Coulibaly were coordinated — something that Coulibaly himself purportedly admitted to a TV reporter before police killed him.

From TheLocal.se, a financial bust:

Four detained in Sweden over Isis Syria funding

Swedish police detained four people Tuesday on suspicion of having used six companies to help fund the extremist Islamist group Isis (also known as the Islamic State).

Police said a “large raid” took place in Stockholm as part of a probe into money laundering and undeclared work but declined to comment further.

Sources close to the investigation told Swedish newspaper Dagens Nyheter the suspects had ties to Syria and IS.

Forewarned, via Shanghai Daily:

Prison officials alerted Danish intelligence to attack suspect

DENMARK’S domestic intelligence service yesterday acknowledged that prison officials alerted the agency last year to the suspected gunman in last weekend’s shooting attacks that killed two people and wounded five in Copenhagen.

The Danish Security and Intelligence Service, known by its Danish acronym PET, said the September report didn’t give any reason to believe the 22-year-old was planning an attack.

PET also said it didn’t have any intelligence before the gunman’s shooting sprees at a cultural center and synagogue that an attack was imminent.

From TheLocal.de, at least he’s not starting in Munich:

Pegida plans Dresden mayoral bid

Lutz Bachmann, founder of anti-Islam movement Pegida, said on Monday that the group was ready to choose a candidate to run for Dresden city hall in June.

At a 4,000-strong rally in the city, the fifteenth since the movement began last October, Bachmann said that there were three possible candidates, and the person selected would be introduced soon.

Bachmann himself is out of the running, as he has a criminal record and was forced to step down from leading the group after evidence of racist comments he had made against immigrants emerged online, alongside a picture of him styled as Hitler.

After the jump, the Ukrainian internment camps demanded by Europe, the Attorney General parses the semantics of the panopticon, on to the Middle Eastern battlefront and accelerating incinerations, ISIS war restraint mulled, Washington issues an ISIS leadership hit list, and Iraqi Shiites remove their militia from the fight, Obama okays armed drone sales to allies, Netanyahu slammed for profiteering from public office — and then there’s that $2,500-a-month ice cream habit, Sudan stages a massive press crackdown, opium — not government — reigns in western Afghanistan, India’s prime minister denounces sectarian violence, an Asian trade pact greases the skids for organized crime, U.S. base relocation on Okinawa hits an environmental stumbling block, Shinzo Abe to reiterate an apology for Japan’s World War II actions, and to close, the penal hazards of vitamins. . . Continue reading

InSecurityWatch: Data, hacks, cabals, terror, war


We begin with Network World and a big thumbs down:

Proposal for altered data retention law is still unlawful, Dutch DPA says

The Dutch government’s proposed revision of the country’s data retention law is not enough to bring it into compliance with a recent European Union court ruling, the Dutch privacy watchdog said Monday.

An effort by the Dutch government to adjust a law requiring telecommunications and Internet companies to retain their customers’ location and traffic metadata for investigatory purposes should be dropped, as the infringement of the private life of virtually all Dutch citizens is too great, the Dutch Data Protection Authority (DPA) said on Monday.

The Dutch government is looking to change data retention obligations for telephone and Internet communications operators following a decision last year by the Court of Justice of the European Union (CJEU). The court invalidated the European data retention directive, on which the Dutch law is based, because it violates fundamental privacy rights.

From SecurityWeek, a record year:

Records Compromised in Data Breaches Skyrocketed in 2014: Research

Security firm Gemalto released a report on 2014 data breaches recently and the news was not good.

In its latest Breach Level Index report, the company revealed that one billion records were compromised last year in more than 1,500 data breaches worldwide. Compared to 2013, those numbers are an increase of nearly 80 percent in terms of data records and more than 40 percent in terms of breaches overall.

Gemalto’s Breach Level Index calculates the severity of data breaches across multiple dimensions based on breach disclosure information. Among the notable attacks included in the report are the Home Depot breach, the attack on JP Morgan Chase and the attack on eBay.

While Threatpost covers a massive cabal:

Massive, Decades-Long Cyberespionage Framework Uncovered

Researchers at Kaspersky Lab have uncovered a cyberespionage group that has been operating for at least 15 years and has worked with and supported the attackers behind Stuxnet, Flame and other highly sophisticated operations. The attackers, known as the Equation Group, used two of the zero days contained in Stuxnet before that worm employed them and have used a number of other infection methods, including interdicting physical media such as CDs and inserting their custom malware implants onto the discs.

Some of the techniques the group has used are closely associated with tactics employed by the NSA, specifically the interdiction operations and the use of the LNK vulnerability exploit by Stuxnet.

The Equation Group has a massive, flexible and intimidating arsenal at its disposal. Along with using several zero days in its operations, the attack crew also employs two discrete modules that enable them to reprogram the hard drive firmware on infected machines. This gives the attackers the ability to stay persistent on compromised computers indefinitely and create a hidden storage partition on the hard drive that is used to store stolen data. At the Security Analyst Summit here Monday, researchers at Kaspersky presented on the Equation Group’s operations while publishing a new report that lays out the inner workings of the crew’s tools, tactics and target list. The victims include government agencies, energy companies, research institutions, embassies, telecoms, universities, media organizations and others. Countries targeted by this group include Russia, Syria, Iran, Pakistan, China, Yemen, Afghanistan, India but also US and UK, between and several others.

And CBC News covers an even bigger data thief:

NSA hid spying software in hard drive firmware, report says

  • Government, military in Iran, Russia, Pakistan, Afghanistan targeted

The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world’s computers, according to cyber researchers and former operatives.

That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations.

Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said.

From Al Jazeera America, the latest European incident:

Police arrest two on suspicion of aiding Copenhagen shooter

  • The gunman opened fire on a cafe hosting a free speech debate and attacked a synagogue, killing two

Danish police said Monday they have arrested two people on suspicion of aiding a gunman in deadly attacks during the weekend on a synagogue and an event promoting free speech, violence that has shocked a nation proud of its reputation for safety and openness.

The two men arrested over the weekend are “suspected of helping the perpetrator by giving him advice and assistance in connection with the shootings at Krudttøndenre and Krystalgade,” police said in a statement issued Monday, referring to the locations of the attacks.

A Copenhagen judge later remanded the two suspects to 10 days’ detention.

And CNN covers the shooter:

Denmark terror suspect swore fidelity to ISIS leader on Facebook page

The man suspected of killing two people in Copenhagen swore fidelity to ISIS leader Abu Bakr al-Baghdadi in a posting made on what’s apparently his Facebook page just before the weekend shooting spree.

The post pledges “allegiance to Abu Bakr in full obedience in the good and bad things. And I won’t dispute with him unless it is an outrageous disbelief.”

The suspect in Saturday’s attack has been named as Omar Abdel Hamid El-Hussein, a senior member of the Danish government said. Police have not formally identified the gunman, who opened fire at a free speech forum in Copenhagen on Saturday before shooting several people outside a synagogue and then firing at police. Police killed him in the shootout.

The Washington Post covers another generator of European angst:

UK man charged with attempting to obtain chemical weapon

British police say a man from northwest England has been charged with trying to obtain a chemical weapon.

Greater Manchester Police says Mohammed Ammer Ali, from Liverpool, was arrested after officers raid properties in the city last week as part of a counter-terrorism operation.

He is charged with attempting to have a chemical weapon in his possession between Jan. 10 and Feb. 12.

Ali, who is 31, is due to appear in a London court Tuesday.

And from Deutsche Welle, echoes of the past:

French teens detained for vandalizing Jewish graves

  • Investigators have detained five teenagers in connection with the vandalizing of Jewish graves in a cemetery in eastern France. The incident, amid rising anti-Semiticism in France, followed the attacks in Copenhagen

The five suspects detained by French police on Monday are aged between 15 and 17, Philippe Varnier, the prosecutor of the eastern Bas-Rhin region, told a news conference.

All five are from the region of Sarre-Union in Alsace, where some 250 Jewish tombs were defaced and damaged on Thursday.

Vannier said the youngest of the teenagers had gone to police after being shocked at the worldwide reaction to the incident, in which tombs were uprooted or turned around, vaults opened and a monument to the Holocaust vandalized.

“Apparently, he was very very affected by the scale of the reaction to this affair, including the statements from the hightest state authorities,” Vannier told reporters, adding that the boy had denied any anti-Semitic motive.

After the jump, a truce disintegrates in Ukraine, the apocalyptic eschatology ideology of ISIS, the U.S. takes the lead in the Boko Haram fight, Nigerian troops retake two Boko Haram-held towns, while Boko Haram attacks a Cameroonian army base, Yemeni Shiite rebels eye the oil fields, European Jewish leaders reject Netanyahu’s summons, a Netanyahu coalition partner denies Palestinian statehood or a land return, an Indian newspaper closed for reprinting a Charlie Hebdo cartoon, Japan’s Shinzo Abe uses Hormuz Straits minesweeping to push remilitarization, and Abe reaffirms his implacable push for remilitarization while Japan ups the fees for foreigners spying on Japanese corporations. . . Continue reading