Category Archives: Geopolitics

InSecurityWatch: Hacks, war, corruption, zones


We begin with a notable hack from TechWorm:

$104 and 8 hours of Amazon’s cloud computing is all it took to hack NSA’s website

  • Researchers hack NSA’s website with only $104 and 8 hours of Amazon’s cloud computing power using the #FREAK vulnerability

A group of researchers only needed $104 and 8 hours of Amazon’s cloud computing power and off course, FREAK to hack the NSA’s website. The researchers used NSA’s anti-encryption policies, which were the main reason for the newly disclosed internet flaw called FREAK, to make NSA’s own website a guinea pig.

The bug which was disclosed by Akamai and subsequently reported by Techworm on Monday allows any potential hacker to intercept a supposedly secure connection between people using Android or Apple devices and PC’s using Mac OS X and Safari browser. The websites vulnerable to this flaw may be in thousands including NSA.gov, FBI.gov and Whitehouse.gov.

Actually this isnt a flaw, it is a mis-implementation of encryption policies by United States and in a way NSA so that they could have a non-encrypted backdoor on every mobile. It would be stupid to assume that NSA created a massive security dark hole, that allows hackers to impersonate said website and steal confidential data like passwords and logins, without knowing it was doing that.

From the Register, ignoring the evident:

US watchdog: Anthem snubbed our security audits before and after enormous hack attack

  • Hackers probe where federal officials were forbidden

A year or so before American health insurer Anthem admitted it had been ruthlessly ransacked by hackers, a US federal watchdog had offered to audit the giant’s computer security – but was rebuffed.

And, after miscreants looted Anthem’s servers and accessed up to 88.8 million private records, the watchdog again offered to audit the insurer’s systems, and was again turned away.

“We do not know why Anthem refuses to cooperate,” government officials told The Register today.

The Office of the Inspector General (OIG) for the US Office of Personnel Management (OPM) told us it wanted to audit Anthem’s information security protections back in 2013, but was snubbed by the insurer.

From CBC News, a password showdown at the Canadian border:

Quebec resident Alain Philippon to fight charge for not giving up phone password at airport

  • Whether border officials can force you to provide password hasn’t been tested in Canadian courts

A Quebec man charged with obstructing border officials by refusing to give up his smartphone password says he will fight the charge.

The case has raised a new legal question in Canada, a law professor says.

Alain Philippon, 38, of Ste-Anne-des-Plaines, Que., refused to divulge his cellphone password to Canada Border Services Agency during a customs search Monday night at Halifax Stanfield International Airport.

Philippon had arrived in Halifax on a flight from Puerto Plata in the Dominican Republic. He’s been charged under section 153.1 (b) of the Customs Act for hindering or preventing border officers from performing their role under the act.

The Washington Post covers whistlblower fails at the FBI:

Report says procedures put a chilling effect on potential FBI whistleblowers

Jane Turner loved being a FBI agent.

It had been her dream job since she was 13, and she had been a good agent during her 25 years with the bureau.

But once she became a whistleblower, the FBI turned on her the way the mob turns on a snitch, by her telling. She wasn’t killed, but her career was.

Turner has become a prime example of the way the FBI should not treat whistleblowers. The Government Accountability Office (GAO) cites her case in a report that will be the focus of a Senate hearing Wednesday.

From the Associated Press, seeking access to the cloud:

Poland asks US for IT data vital in eavesdropping probe

A prosecutor says that Poland has asked U.S. authorities to release data from an IT company’s cloud that could be vital for the ongoing probe into a government eavesdropping scandal.

Spokeswoman for a Warsaw prosecutor’s office, Renata Mazur, said Thursday that a request was sent to U.S. justice authorities in January. She refused to name the IT company in question.

Polish prosecutors believe the cloud may hold some conversations between former government ministers and business people that were secretly taped in Warsaw restaurants. Some of the compromising conversations were published last year by the Wprost magazine, leading to some lower-ranking officials being fired, but many other recordings remain unknown.

The Guardian covers European net neutrality anxiety:

Freedom campaigners warn against dangers of two-speed internet

  • While the US voted to protect open internet, European ministers are accused of pushing to ‘permit every imaginable breach of net neutrality’

European ministers are pushing for new laws which would “permit every imaginable breach of net neutrality”, internet freedom campaigners have warned.

Days after the US voted to protect an open internet where all traffic is considered equal, proposals agreed by the telecoms ministers of 28 members states could allow a two–speed internet, where companies such as YouTube or Netflix could legally pay mobile networks or broadband providers for faster, more reliable delivery of their content – potentially to the detriment of other internet users.

Campaigners warn the move could stifle online innovation and undermine the digital economy.

From the Associated Press, spooky imbalance and the permafrost:

UK report: Spy agencies should seek female recruits online

British lawmakers say the country’s intelligence agencies, which inspired James Bond, aren’t doing enough to promote real-life Jane Bonds.

A report on women in the intelligence services says female staff members are being held back by a layer of middle managers, dubbed “the permafrost,” who have “a very traditional male mentality and outlook.”

The report published Thursday by Parliament’s Intelligence and Security Committee said that women make up 37 percent of the workforce at domestic spy service MI5, overseas intelligence agency MI6 and electronic eavesdropping center GCHQ. But women account for only 19 percent of senior staff.

The lawmakers said the agencies should cast a wider net to recruit middle-aged women and mothers, who had “valuable life experience.” It said agencies in which all staff “are cut from the same cloth” could lead to unacknowledged biases that hampered the work of espionage.

From BBC News, food for conspiratorial thought:

German BND spy agency hit by ‘Watergate’ leak

Germany’s Federal Intelligence Service (BND) is dealing with what media have described as its own “Watergate” scandal, after taps were removed from its unfinished new Berlin headquarters.

The removal happened on Tuesday and left large parts of the building flooded, police say.

An investigation has begun into the theft, but police have so far found no signs of a break-in. The incident is seen as embarrassing for the BND, as well as expensive.

From the Guardian, an old-fashioned spookery:

Russian police officer found guilty of spying for US

  • Roman Ushakov convicted of treason for handing over classified material and sentenced to 15 years in prison, in case likely to inflame US-Russian tensions

A Russian police officer has been convicted Thursday on charges of spying for the United States – using a cache disguised as a rock – and sentenced to 15 years in prison. It was the latest in a host of spy cases amid rising Russia-west tensions over Ukraine.

The Moscow city court on Thursday found Roman Ushakov guilty of treason for handing over classified information to the United States. Prosecutors produced his messages, which contained sensitive information about the interior ministry, as well as a rock-like cache with cash and a letter from the CIA, according to the Interfax news agency.

Interfax quoted prosecutor Viktor Antipov as saying Ushakov was caught red-handed, pleaded guilty and gave detailed testimony about his contacts with US intelligence. Antipov said Ushakov worked in Siberia, but gave no further details.

From the Associated Press, Bolivia’s former top narc investigated:

Former chief of Bolivia drug police under investigation

The retired police general who reorganized Bolivia’s counter-narcotics force after President Evo Morales expelled U.S. drug agents is under investigation for illicit enrichment and drug trafficking ties.

A judge was to decide Wednesday whether Gen. Oscar Nina should be jailed. Nina’s wife and two children were ordered jailed late Tuesday for suspected laundering of illicit earnings.

Interior Minister Hugo Moldiz cited “serious suspicions” that Nina and his family had links to drug trafficking. Prosecutor Gomer Padilla said investigators had discovered assets unsubstantiated by income but did not disclose their nature.

After the jump, another hotel chain hacked, Another piece of point of sale malware targets credit card data, a social engineering death threat, a privacy half-measure, drones to target cell phones with ads, on to the ISIS front, first, with oil fields ignited to block advance on Tikrit,, thousands take flight, U.S. strategies rely on Iranian help and an Iranian general becomes a star at home, ISIS bulldozes a legendary archaeological site, and an air strike kills Syrian Al Qaeda leaders, Afghanistan’s security forces dwindle, on to the Boko Haram front, first with an abundance of potential recruits, a massacre in a Nigerian village, and victims very young and very old, the South China Seas Game of Zone drives out a British oil exploration company, North Korea praises an attack on a U.S. ambassador, China refuses Japan’s plea to silence a Game of Zones website, but Beijing and Tokyo agree to security talks, Shinzo Abe’s team proposes streamlining the army command structure for combat readiness, and to close, Tokyo sues Okinawa to block release of an American base relocation agreement. . . Continue reading

InSecurityWatch: Assault, leaks, hacks, war, more


We begin with a violence in South Korea, via SINA English:

US ambassador to South Korea attacked and hurt: local media

U.S. Ambassador Mark Lippert was attacked by a man wielding a razor and screaming that the rival Koreas should be unified, South Korean police and media said Thursday. TV images showed Lippert bleeding from his head and wrist, but his injuries weren’t immediately clear. He was taken to a hospital for treatment.

YTN TV reported that the man screamed “South and North Korea should be reunified” during the attack. The rival Koreas have been divided for decades along the world’s most heavily armed border. The U.S. stations 28,500 troops in South Korea as a deterrent against North Korea, and some South Koreans see the U.S. presence as a barrier toward a unified Korea.

YTN TV said Lippert’s injuries weren’t seen as life threatening. Police confirmed that Lippert was attacked and a suspect was detained and being questioned but didn’t have other details, including the type of weapon and the extent of Lippert’s injuries. YTN said a man only identified by his surname, Kim, was detained after the attack.

BBC News covers a clearance:

Darren Wilson will not face US charges over Brown killing

The US Justice Department has said it will not charge former Ferguson police officer Darren Wilson over the killing of black teenager Michael Brown.

But the same department has accused city’s police and court system of widespread racial bias.

The investigation found no evidence to disprove Mr Wilson’s testimony that he feared for his safety or other evidence enough to bring civil rights charges.

A Missouri grand jury also declined to charge him with murder in November.

From United Press International, blowback:

One Ferguson official fired, two suspended in wake of DOJ report

“This type of behavior will not be tolerated in the Ferguson Police Department or any other department. We must do better not only as a city, but also as a state and country.” — Ferguson Mayor James Knowles.

In the wake of a scathing U.S. Justice Department report accusing the Ferguson judicial system of systematic racism, one police official was fired and two others were suspended, the city’s mayor said Wednesday.

Mayor James Knowles spoke to reporters Wednesday evening after Attorney General Eric Holder presented the results of two investigations stemming from the August shooting death of unarmed black teenager Michael Brown by white police officer Darren Wilson.

The department determined no charges would be brought against Wilson but found evidence of racism and misconduct in Ferguson’s police department and municipal court system.

Knowles said one police official was fired and two others were suspended in response to the Justice Department uncovering several racist emails sent by police and court employees.

The Atlantic Monthly‘s headline notes the distinction:

Officer Cleared, City Indicted

In two sweeping reports, the Justice Department cleared former officer Darren Wilson, but lambasted Ferguson’s police department for discriminatory practices.

Almost seven months after Michael Brown was shot and killed by officer Darren Wilson in Ferguson, Missouri, the Justice Department cleared Wilson of civil-rights violations in a report released on Wednesday. But the tenor of the report— along with a separate 105-page report that excoriated the Ferguson Police Department for “racial bias”—was hardly tame.

“There is no evidence upon which prosecutors can rely to disprove Wilson’s stated subjective belief that he feared for his safety,” the report read, in a cutting use of negative space. It also concluded that there were no “prosecutable violations” by Wilson and that witness accounts of Brown surrendering with his hands up, a gesture that became the inspiration for the protests that followed his death, “are inconsistent with the physical evidence.”

The more incendiary details came from the investigation into Ferguson’s police department and its municipal court, the practices of which “both reflect and exacerbate existing racial bias, including racial stereotypes,” the report read. “Ferguson’s own data establish clear racial disparities that adversely impact African Americans. The evidence shows that discriminatory intent is part of the reason for these disparities.”

From Reuters, a stacked deck asserted:

Snowden says U.S. not offering fair trial if he returns

Edward Snowden, the fugitive former U.S. spy agency contractor who leaked details of the government’s mass surveillance programs, said on Wednesday he is not being offered a fair trial if he returns to the United States.

“I would love to go back and face a fair trial, but unfortunately … there is no fair trial available, on offer right now,” he said in a live question and answer discussion organized by Canadian Journalists for Free Expression, Ryerson University and the CBC.

“I’ve been working exhaustively with the government now since I left to try to find terms of a trial.”

More context from the Intercept’s Glenn Greenwald:

The “Snowden is Ready to Come Home!” Story: a Case Study in Typical Media Deceit

Most sentient people rationally accept that the U.S. media routinely disseminates misleading stories and outright falsehoods in the most authoritative tones. But it’s nonetheless valuable to examine particularly egregious case studies to see how that works. In that spirit, let’s take yesterday’s numerous, breathless reports trumpeting the “BREAKING” news that “Edward Snowden now wants to come home!” and is “now negotiating the terms of his return!”

Ever since Snowden revealed himself to the public 20 months ago, he has repeatedly said the same exact thing when asked about his returning to the U.S.: I would love to come home, and would do so if I could get a fair trial, but right now, I can’t.

His primary rationale for this argument has long been that under the Espionage Act, the 1917 statute under which he has been charged, he would be barred by U.S. courts from even raising his key defense: that the information he revealed to journalists should never have been concealed in the first place and he was thus justified in disclosing it to journalists. In other words, when U.S. political and media figures say Snowden should “man up,” come home and argue to a court that he did nothing wrong, they are deceiving the public, since they have made certain that whistleblowers charged with “espionage” are legally barred from even raising that defense.

From CBC News, weakness north of the U.S. border:

Edward Snowden says Canadian intelligence gathering has ‘weakest oversight’

  • NSA whistleblower says he would return to U.S. to face charges but can’t be guaranteed a fair trial

U.S. National Security Agency whistleblower Edward Snowden says Canada has one of the “weakest oversight” frameworks for intelligence gathering in the Western world.

Snowden made the comments during a teleconference discussion hosted by Canadian Journalists for Free Expression and the Ryerson School of Journalism, moderated by CBC Radio host Anna Maria Tremonti. He was speaking via video link from Russia.

“Canadian intelligence has one of the weakest oversight frameworks out of any Western intelligence agency in the world,” he said.

Snowden said he wouldn’t specifically weigh in on the government’s new anti-terror legislation, saying that whether it is good or bad is ultimately up for Canadians to decide.

Bill C-51 provides for a sweeping range of measures that would allow suspects to be detained based on less evidence and lets CSIS actively interfere with suspects’ travel plans and finances.

Critics say the legislation is too broad and lacks oversight.

CBC News covers a needed resource:

Edward Snowden archive aims to ‘piece together the bigger picture’

  • Canadian project to create fully searchable database began last summer

A Canadian team has created a searchable database of all the publicly released classified documents leaked by former U.S. National Security Agency contractor Edward Snowden in hopes it’ll help citizens better understand the complex files trickling out around the world.

The Canadian Journalists for Free Expression and the Politics of Surveillance Project at University of Toronto’s faculty of information revealed the archive on Wednesday before hosting a live Q&A with Snowden, the U.S. whistleblower and subject of the Oscar-winning documentary Citizenfour.

“What we’re hoping this database can do is start to piece together the bigger picture,” said Laura Tribe, CJFE’s national and digital programs lead.

The database may be found online here.

Advice from one who knows, via CBC News:

The apps Edward Snowden recommends to protect your privacy online

There are a host of free, easy-to-use apps and programs that can help protect your privacy online, and if everybody uses them it can provide a sort of “herd immunity” said Edward Snowden in a live video chat from Russia on Wednesday.

Snowden recommended using programs and apps that provide end-to-end encryption for users, which means the computer on each end of the transaction can access the data, but not any device in between, and the information isn’t stored unencrypted on a third-party server.

“SpiderOak doesn’t have the encryption key to see what you’ve uploaded,” said Snowden, who recommends using it instead of a file-sharing program like Dropbox. “You don’t have to worry about them selling your information to third parties, you don’t have to worry about them providing that information to governments.”

“For the iPhone, there’s a program called Signal, by Open Whisper Systems, it’s very good,” said Snowden. He also recommended RedPhone, which allows Android users to make encrypted phone calls, and TextSecure, a private messenging app by Open Whisper Systems.

“I wouldn’t trust your lives with any of these things, they don’t protect you from metadata association but they do strongly protect your content from precisely this type of in-transit interception,” said Snowden.

The Guardian covers a franchise operation:

New Zealand spying on Pacific allies for ‘Five Eyes’ and NSA, Snowden files show

  • Secret papers show NZ spy agency GCSB is collecting calls and internet traffic in bulk and sending it to the US National Security Agency

New Zealand is spying indiscriminately on its allies in the Pacific region and sharing the information with the US and the other “Five Eyes” alliance states, according to documents from the whistleblower Edward Snowden.

The secret papers, published by the New Zealand Herald, show that the New Zealand Government Communications Security Bureau (GCSB) collects phone calls and internet communications in bulk in the region at its Waihopai Station intercept facility in the South Island.

Since a 2009 upgrade, Waihopai has been capable of “full take” collection of both content and metadata intercepted by satellite, the documents showed. The data is then channelled into the XKeyscore database run by the US National Security Agency, where it also becomes available to agencies in each of the “Five Eyes” countries: the US, Britain, Canada, Australia and New Zealand.

A leaked NSA memo credits the GCSB with providing “valuable access not otherwise available to satisfy US intelligence requirement”.

From TheLocal.de, intention or irony?:

NSA inquiry chief suffers phone tampering

Patrick Sensburg, chairman of the Bundestag (German parliament) inquiry into spying by the US National Security Agency (NSA), asked security experts to examine his phone after suspecting he might have been hacked – only for it to be tampered with in the post.

Die Welt reported on Wednesday that Christian Democratic Union (CDU) MP Sensburg’s encrypted Blackberry Z30 wasn’t working properly in February.

Parliamentary officials immediately packed it in a lead-lined container (to block wireless signals) and sent it for testing at the Federal Office of IT Security (BSI) in Bonn by ordinary DHL parcel post.

It was the first time an MP’s phone had had to be transported in this way. But the Bundestag confirmed to Die Welt that the BIS found the signal-proof container had been opened before the phone arrived at their offices.

From Nextgov, a panopticon deadline looms:

Time is Running Out to Reform NSA Mass Surveillance

There’s another national security clock ticking in Congress.

Lawmakers have less than 100 days left to decide whether they want to reform the National Security Agency’s controversial bulk collection of U.S. call data—or risk losing the program entirely. Core provisions of the post-9/11 Patriot Act are due to sunset on June 1, including Section 215, which grants intelligence agencies the legal authority they need to carry out mass surveillance of domestic metadata—the numbers and timestamps of phone calls but not their actual content.

Government officials have said they have no backup plan for replacing the intelligence void if Congress fails to reauthorize the law in some fashion. And earlier this week, Director of National Intelligence James Clapper suggested lawmakers should bear the brunt of blame if the program lapses and the homeland is struck by terrorism.

After the jump, a 2014 U.S. identity theft tally, a GoDaddy-based hack attack spree, Merkel issues a Russian sanctions threat, a Pakistani convicted of a Big Apple bomb plot, Charlie Hebdo arson arrests in Germany, France faces a long-term attack-level terror alert as drones send Paris into another flurry, the House of Lords lays out a British drone boom, another Colombian journalist assassinated, on to the ISIS front and a major strike at Syrian Air Force Intelligence, America’s top soldier welcomes Iran’s involvement in the ISIS war, and ISIS grows desperate for cash, Libyan fundies grab oil fields, on to the Boko Haram front and an ultimatum from Chad, and more than a million Nigerian refugees, ISIS threatens a Pakistani university, India’s prime minister bans a powerful lethal gang rape documentary, a leak reveals a self-serving Sri Lanka hyperbole, Indonesian press limitations, China ups its military budget again and an admiral calls for more aircraft carrier to control the Indian Ocean, China reassures tech firms over new cyber-backdoor demands and inaugurates a crackdown on foreign NGOs, Japan marks a distancing from South Korea, the Comfort Women issue sparked a South Korean visit, Japan announces a watch of the Chinese military budget, and a debate erupts over allegations of Shinzo Abe media meddling. . . Continue reading

InSecurityWatch: Bigots, hackable Hillary, war


From the Independent, some things never change:

Netanyahu speech: Far-right blogger calls for Black Congressional Caucus Democrats boycotting speech to be hanged

A far right-wing radio host has sparked a race row, after she called on Democrat politicians, including members of the Black Congressional Caucus, to be hanged if they boycotted a controversial speech by Israel’s Prime Minister Benjamin Netanyahu to Congress today.

More than four dozen House and Senate Democrats said in advance they would not attend the event in a highly unusual move given historically close ties between the two allies.

Andrea Shea King, a member of the populist Tea Party movement, said in her weekly talk-radio show: “I would like to think that these guys [Congressmen boycotting the speech] could pay with their lives, hanging from a noose in front of the US Capitol Building.”

BBC News covers a spooky plea deal:

Ex-CIA chief in federal charge plea

David Petraeus, a former CIA director and four-star general, has reached a plea deal with the US Justice Department in which he will admit to mishandling classified materials.

It ends a long investigation into whether he provided secret information to his mistress. He resigned from his post at the CIA in 2012, after it emerged he was having an affair with his biographer.

A Justice Department statement said a plea agreement had been filed. The deal means that Mr Petraeus will plead guilty to one count of unauthorised removal and retention of classified material, but could avoid an embarrassing trial.

From the Intercept, the business of justice as usual:

Petraeus Plea Deal Reveals Two-Tier Justice System for Leaks

David Petraeus, the former Army general and CIA director, admitted today that he gave highly-classified journals to his onetime mistress and that he lied to the FBI about it. But he only has to plead guilty to a single misdemeanor that will not involve a jail sentence thanks to a deal with federal prosecutors. The deal is yet another example of a senior official treated leniently for the sorts of violations that lower-level officials are punished severely for.

According to the plea deal, Petraeus, while leading American forces in Afghanistan, maintained eight notebooks that he filled with highly-sensitive information about the identities of covert officers, military strategy, intelligence capabilities and his discussions with senior government officials, including President Obama. Rather than handing over these “Black Books,” as the plea agreement calls them, to the Department of Defense when he retired from the military in 2011 to head the CIA, Petraeus retained them at his home and lent them, for several days, to Paula Broadwell, his authorized biographer and mistress.

In October 2012, FBI agents interviewed Petraeus as part of an investigation into his affair with Broadwell — Petraeus would resign from the CIA the next month — and Petraeus told them he had not shared classified material with Broadwell. The plea deal notes that “these statements were false” and that Petraeus “then and there knew that he previously shared the Black Books with his biographer.” Lying to FBI agents is a federal crime for which people have received sentences of months or more than a year in jail.

Reuters covers a return contemplated:

Fugitive ex-U.S. spy Snowden in talks on returning home: lawyer

A Russian lawyer for Edward Snowden said on Tuesday the fugitive former U.S. spy agency contractor who leaked details of the government’s mass surveillance programs was working with American and German lawyers to return home.

Anatoly Kucherena, who has links to the Kremlin, was speaking at a news conference to present a book he has written about his client. Moscow granted Snowden asylum in 2013, straining already tense ties with Washington.

“I won’t keep it secret that he… wants to return back home. And we are doing everything possible now to solve this issue. There is a group of U.S. lawyers, there is also a group of German lawyers and I’m dealing with it on the Russian side.”

The United States wants Snowden to stand trial for leaking extensive secrets of electronic surveillance programs by the National Security Agency (NSA). Russia has repeatedly refused to extradite him.

From Nextgov, Hillary insecurity:

Were Clinton’s Personal Emails an Open Door to Hackers?

Hillary Clinton’s use of a personal email account during her time as secretary of state is raising alarm over how secure her communications were from hackers and foreign governments interested in prying into private files of the nation’s top diplomat.

Clinton, who is expected to be the Democratic front-runner for president in 2016, exclusively relied on a personal account to conduct official business during her four-year stint running the State Department, The New York Times first reported late Monday.

“The focus here really needs to be on the information-security piece,” said Chris Soghoian, principal technologist with the American Civil Liberties Union. “It’s irresponsible to use a private email account when you are the head of an agency that is going to be targeted by foreign intelligence services.”

From the National Journal, Hillary hucksterism:

Clinton Emails Raise Red Flags for Keystone Review, Greens Say

  • Revelations that Clinton used private email at State erode trust among key environmental allies

Major environmental organizations are sounding the alarm over revelations that Hillary Clinton used a personal email account to conduct official business during her tenure as secretary of State, pointing to disputes about her review of the Keystone XL pipeline.

Green groups Friends of the Earth and 350.org warn that the private correspondence could have been used to cover up a conflict of interest during Clinton’s review of the controversial pipeline. And Clinton’s penchant for private email, first reported by The New York Times on Monday, is all but guaranteed to deepen distrust between the likely 2016 Democratic front-runner and her presumed allies in the environmental movement.

“This is deeply concerning,” said Ben Schreiber, the climate and energy program director for Friends of the Earth. “The total lack of transparency is a real red flag for us and adds to other concerns that we have about Clinton’s ties to the oil industry.”

From the ACLU Blog of Rights, mum’s the word:

Feds Refuse to Release Documents on “Zero-Day” Security Exploits

Federal agencies served with a Freedom of Information Act request are refusing to release documents related to their purchase, use and disclosure of zero-day exploits, keeping the American public in the dark about a practice that leaves the Internet and its users less secure.

Zero-day exploits are special software programs that take advantage of security vulnerabilities in software that are unknown to the software’s manufacturer. These exploits are frequently used by intelligence agencies and the military as well as, we suspect, by federal law enforcement agencies. But they can be used by any hackers, whether they work for the U.S. government, a foreign government, a criminal group, or anyone else. Zero-day vulnerabilities and the tools that exploit them are extremely powerful, because there is very little that potential targets can do to protect themselves.

But the effectiveness of such exploits depends on their secrecy—if the companies that make the affected software are told about the flaws, they will issue software updates to fix them. Governments thus have a strong incentive to keep information about the exploits they have developed or purchased secret from both the public and the companies who create the software we all use.

On February 5, we received a response from the Office of the Director of National Intelligence (ODNI) to a Freedom of Information Act request we filed for the disclosure of guidance or directives related to the government’s policies for the purchase, discovery, disclosure and exploitation of zero-days. The ODNI claimed that these records are classified under Executive Order 13526, Section 1.4(c), which states that information can be considered for classification if its disclosure could reasonably be expected to cause damage to national security issues pertaining to “intelligence activities (including covert action), intelligence sources or methods, or cryptology.” This response is consistent with the Obama administration’s refusal to make public most information related to its surveillance and cybersecurity policies.

From Threatpost, not reassuring:

Government Report Critical of FAA Security Controls

Federal Aviation Administration has been put on notice that its information security controls are not up to par and that a risk-based program must be implemented from the ground up in order to assure the safety of its networks and passengers in the sky.

A scathing Government Accounting Office (GAO) report released earlier this year hammered the FAA about vulnerabilities on the networks used to support communication between the ground and aircraft and monitoring systems for air traffic control that make up the national airspace system (NAS).

The GAO contends that the FAA has ignored mandates and procedures as outlined by NIST and FISMA guidelines, and has not established a governance structure in order to align security decisions with its overall mission. More specifically, the GAO said the FAA has not established specific security roles and responsibilities for the NAS, or updated its information security strategic plan in order to line it up with the FAA’s reliance on computer networks.

From the Guardian, a Berlin/London spooky rift:

British refusal to cooperate with spy inquiry causes row in Germany

  1. Committee under pressure to censor disclosures about UK activity after Downing Street threatens to break off intelligence-sharing with Berlin

Downing Street and the German chancellery are embroiled in a worsening dispute over intelligence-sharing and the covert counter-terrorism campaign because of conflicts arising from the surveillance scandals surrounding the US National Security Agency and Britain’s GCHQ.

According to German newspaper reports citing government and intelligence officials in Berlin, the Bundestag’s inquiry into the NSA controversy is being jeopardised by Britain’s refusal to cooperate and its threats to break off all intelligence-sharing with Berlin should the committee reveal any UK secrets.

The weekly magazine Focus reported last month that a national security aide to David Cameron had written to Peter Altmaier, Angela Merkel’s chief of staff, refusing all requests for help in the inquiry and warning that Britain would cease supplying terrorism-related intelligence to the Germans unless Berlin yielded.

It emerged during the NSA revelations that the Americans had hacked into Merkel’s mobile phone, generating outrage in Germany and feeding growing anti-American sentiment.

From Techdirt, so that’s why your calls are dropping:

In Unsealed Document, FBI Admits Stingray Devices Will Disrupt Phone Service

  • from the making-Stingray-omelets-required-breaking-a-few-communications dept

A small crack in the FBI’s Stingray secrecy has appeared. A 2012 pen register application obtained by the ACLU was previously sealed, but a motion to dismiss the evidence obtained by the device forced it out into the open. Kim Zetter at Wired notes that the application contains a rare admission that Stingray use disrupts cellphone service.

[I]n the newly uncovered document (.pdf)—a warrant application requesting approval to use a stingray—FBI Special Agent Michael A. Scimeca disclosed the disruptive capability to a judge.

“Because of the way, the Mobile Equipment sometimes operates,” Scimeca wrote in his application, “its use has the potential to intermittently disrupt cellular service to a small fraction of Sprint’s wireless customers within its immediate vicinity. Any potential service disruption will be brief and minimized by reasonably limiting the scope and duration of the use of the Mobile Equipment.”

Hacking songs British tabloid style, via the Independent:

Mirror hacking trial: Staff ‘sung Ying Tong song’ as they hacked Yentob’s phone

The “industrial scale” phone hacking conducted by journalists at Mirror Group Newspapers went “right to the top” of the organisation, the High Court has heard.

Senior journalists at Trinity Mirror’s three national titles presided over a culture that made hacking at Rupert Murdoch’s News of the World “look like a cottage industry”, the first civil trial related to voicemail hacking was told.

Phone hacking was so endemic that one senior journalist even suggested that an Enigma-style code-breaking machine should be developed that would automatically “crack” protected voicemail pin-numbers, to make listening to messages even easier.

After the jump, Ukraine demands a Crimean return, Russia and Egypt hold naval maneuvers in the Mediterranean, imams lose visas for Dutch speeches, a  Gaddafi kin’s European 9/11/ warning, the Turkish president’s high tech food tasters, a Mossad report debunks Netanyahu’s Iranian claims, straight from the plot of a 1983 James Bond thriller to the phone in your pocket, allegations of overzealous federal monitoring of corporate cybersecurity, your hardwired-for-self-subervison tech?, casting an iCloud over iPhone security, an American military satellite explodes, and on to the ISIS front with Iran engaged and the battle for Tikrit bogs down, Iran eyes a Japanese nuclear reactor buy, then on to the Boko Haram front with a beheading video and Cameroon vows a prolonged Boko Haram fights as the country’s own youth sign up, Pakistan welcomes a prolonged U.S. Afghan stay, a Chinese admiral welcomes tension with the U.S., and Beijing documents Japanese militarism for a World War II reminder, Shinzo Abe mulls his own World War II declaration, a Japanese minesweeping mission assertedwhile Abe faces a donor conflict of interest allegation, plus U.S. police chiefs financially tied to a body cam maker. . .
Continue reading

InSecurityWatch: Spooks, hack, terror, geopolitics


We begin with the hardly unexpected, via BBC News:

UK spy watchdog ‘taken in’ by security agencies – MP

The committee monitoring the security services has been taken in by the “glamour” of spying and is failing to do its job, its founder has said.

Conservative MP David Davis said the Intelligence and Security Committee had been “captured by the agencies they are supposed to be overseeing”.

And ex-chairman Sir Malcolm Rifkind acted as a “spokesman” for MI5, MI6 and GCHQ rather than a watchdog.

From Deutsche Welle, the Macedonian panopticon sparks outrage:

Macedonia reels over evidence of Orwellian surveillance

Opposition allegations of massive wiretapping of more than 20,000 people imply that a small group linked to Prime Minister Nikola Gruevski controls Macedonia’s institutions, judiciary and media.

A large group of journalists gathered this week at the headquarters of the biggest opposition party in Macedonian capital Skopje. They were personally invited to pick up folders and documents – filled with transcripts of their telephone conversations over the past couple of years.

“Over a hundred Macedonian journalists were wiretapped in the past years,” opposition Social Democrat (SDSM) leader Zoran Zaev announced at minutes later. “These conversations show the link between the prime minister, the secret police and the media.”

The journalists’ phone transcripts were the fourth batch of such material released by Zaev’s SDSM this year. The opposition leader claims there is evidence that over 20,000 people were wiretapped as part of a system of media surveillance implemented by the prime minister, Nikola Gruevski, his cousin, the secret service chief, Saso Mijalkov, and a few other close associates.

National Journal covers the spooky pro forma:

NSA Spying Wins Another Rubber Stamp

  • Mass surveillance will continue for now, but is set to expire on June 1—unless Congress acts.

A federal court has again renewed an order allowing the National Security Agency to continue its bulk collection of Americans’ phone records, a decision that comes more than a year after President Obama pledged to end the controversial program.

The Foreign Intelligence Surveillance Court has approved a request to keep the NSA’s mass surveillance of U.S. phone metadata operating until June 1, coinciding with when the legal authority for the program is set to expire in Congress.

The extension is the fifth of its kind since Obama said he would effectively end the Snowden-exposed program as it currently exists during a major policy speech in January 2014. Obama and senior administration officials have repeatedly insisted that they will not act alone to end the program without Congress.

From SecurityWeek, nibbled to death by ducks:

US Spymaster Warns Over Low-level Cyber Attacks

A steady stream of low-level cyber attacks poses the most likely danger to the United States rather than a potential digital “armageddon,” US intelligence director James Clapper said on Thursday.

US officials for years have warned of a possible “cyber Pearl Harbor” that could shut down financial networks, poison water supplies or switch off power grids. But Clapper told lawmakers that American spy agencies were more focused on lower-profile but persistent assaults that could have a damaging effect over time.

“Rather than a ‘cyber Armageddon’ scenario that debilitates the entire US infrastructure, we envision something different,” Clapper told the Senate Armed Services Committee.

US Warns of Cyber Attacks”We foresee an ongoing series of low-to-moderate level cyber attacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security,” he said.

Bloomberg covers allegations of Vegas hackery:

Iran Behind Cyber-Attack on Adelson’s Sands Corp., Clapper Says

The top U.S. intelligence official confirmed for the first time that Iran was behind a cyber attack against the Las Vegas Sands Corp. last year.

Identifying Iran as the perpetrator came more than a year after the Feb. 10, 2014, attack against the world’s largest gambling company, which crippled many of the computer systems that help run the $14 billion operation. Sands’ chairman and chief executive officer and top shareholder is billionaire Sheldon Adelson, a leading U.S. supporter of Israel and of Republican political candidates.

James Clapper, the director of national intelligence, told the Senate Armed Services Committee Thursday that the attack by Iran, followed by the hacking of Sony Corp. by North Korea in November, marked the first destructive cyber-assaults on the U.S. by nation-states. Iran’s role in the attack that crippled operations at several of Sands’ U.S. casinos was reported in December by Bloomberg Businessweek.

From RT, an Aussie cyberspook data bonanza proposed:

Australian metadata bill proposes phone, internet record storage for 2yrs

A new bill that would force Australian telecom firms to store clients’ personal data to help law enforcement agencies track down extremists conspiring to carry out acts of terrorism has attracted the scrutiny of analysts.

Committee chair, Liberal MP Dan Tehan, said the legislation forwards 38 recommendations to enhance safeguards.

“These recommendations, which are all bipartisan, will ensure that those mechanisms there operate efficiently and effectively and the public can be confident the regime is being used appropriately,” he said, as quoted by Sky News.

From the Independent, British Airways spies on its own:

British Airways spying scandal: How the world’s most famous airline spied on its own staff

British Airways paid £1m to hush up the details of a spying operation in which the phones and emails of its own cabin staff were allegedly improperly accessed during a bitter dispute with Britain’s largest union.

The payment was made to stop the union, Unite, suing BA over the operation by specialist investigators based at Heathrow. Unite claimed the private communications of 10 BA staff, some of whom were also union officials, were accessed during a period in 2011 when the airline faced renewed strike action.

The decision to deploy the airline’s in-house investigators, many of them former Scotland Yard and security services personnel, was taken at the highest level within BA, according to information given to The Independent. The use of effective espionage against members of a major UK union, by a flagship UK company worth close to £12bn, raises new questions about the scale of use of private investigators inside Britain’s largest companies.

Yet another router exploit, via Network World:

Hackers exploit router flaws in unusual pharming attack

An email-based attack spotted in Brazil recently employed an unusual but potent technique to spy on a victim’s Web traffic.

The technique exploited security flaws in home routers to gain access to the administrator console. Once there, the hackers changed the routers’ DNS (Domain Name System) settings, a type of attack known as pharming.

Pharming is tricky to pull off because it requires access to an ISP’s or an organization’s DNS servers, which translate domain names into the IP addresses of websites. Those DNS systems are typically well-protected, but home routers often are not.

Security firm Proofpoint wrote in a blog post Thursday that launching the attack via email was a novel approach since pharming is normally a network-based attack.

From the Los Angeles Times, an Uber driver data breach:

Uber security breach may have affected up to 50,000 drivers

Thousands of Uber driver names and driver’s license numbers may be in the hands of an unauthorized third party due to a data breach that occurred last year, the ride-hailing company said Friday.

In a statement, Uber’s managing counsel of data privacy, Katherine Tassi, said the company discovered on Sept. 17, 2014, that one of its many databases could have potentially been accessed because one of the encryption keys required to unlock it had been compromised. Upon further investigation, it found the database had been accessed once by an unauthorized third party on May 13, 2014.

The company said it could not say how the security vulnerability was first discovered because the matter was under investigation.

After the jump, a French cartoon festival killed over terror fears, Muslims, Roma, and others, stage a philosemitic demonstration in Sweden, a leading Putin foe assassinated in Moscow, a former Mossad boss calls for a Netanyahu defeat, Pakistani vigilantes tackles ISIS and the Taliban, another historical revisionist heard from in Tokyo and the Pentagon sends in the Marines to join a Japanese landing drill, Abe and allies refine military moves abroad, more Japanese blowback from Abe’s agenda, and two Abe cabinet members under clouds of corruption suspicions, plus Kansas legislators threaten teachers with prison over “harmful” literature. . . Continue reading

InSecurityWatch: War, politics, hacks, terror. . .


And much more.

We begin the the latest round of the Great Game from the Washington Post:

Top U.S. intelligence official backs arming Ukraine forces against Russia

The top U.S. intelligence official said Thursday that he supports arming Ukrainian forces against Russian-backed separatists, as the Obama administration continues deliberations about whether to deepen involvement in a conflict pitting the West against Russian President Vladi-mir Putin.

James R. Clapper Jr., the director of national intelligence, said providing weapons to Ukraine would likely trigger a “negative reaction” from the Russian government, which Western officials are hoping will ensure that separatists stick to a European-brokered cease-fire that took effect this month.

“It could potentially further remove the very thin fig leaf of their position that they have not been involved in Ukraine,” Clapper told members of the Senate Armed Services Committee, adding that Russia could respond by sending more sophisticated weapons to separatist areas.

From RT, asserting a naval presence:

Russia secures military deal to use Cyprus’ ports despite EU concerns

Russian navy ships will keep having access to stop off at Cyprus’ ports in Mediterranean as the two countries have agreed to prolong the pre-existing deal on military cooperation.

The agreement, which applies to Russian vessels involved in counter-terrorism and anti-piracy efforts, was signed by President Vladimir Putin and his Cypriot counterpart, Nicos Anastasiades, in Moscow.

The signing came aimed heightened tensions and sanctions between Russia and the EU over the military conflict in Ukraine.

President Putin, however, stressed that the agreement, as well as Russia-Cypriot ”friendly ties aren’t aimed against anyone.”

From Agence France-Presse, how to keep them from droning on:

BLOG Drones

From Nextgov, what could possibly go wrong?:

CIA’s New Big Data Hub Will be Hosted in the Cloud

The CIA is preparing to take the next step in its quest to shake up the status quo of siloed agencies within the intelligence community.

CIA Chief Information Officer Doug Wolfe confirmed Wednesday the intelligence agency will start using Cloudera’s Enterprise Data Hub platform by April, a move he expects “to extend the innovation and push the envelope on a whole range of different solutions” for all 17 IC agencies.

The enterprise data hub, also known as a “data lake,” would presumably provide standardized data sets compiled by intelligence analysts across various agencies to decision-makers among many other features found in the company’s widely used open source big data platform.

From SINA English, a Chinese wall:

Some foreign tech brands removed from China government purchase list

CHINA has dropped some of the world’s leading technology brands from its approved state purchase lists, while approving thousands more locally made products.

Chief casualty is US network equipment maker Cisco Systems Inc, which in 2012 counted 60 products on the Central Government Procurement Center’s list, but by late 2014 had none, according to a Reuters analysis of official data.

Apple Inc has also been dropped over the period, along with Intel Corp’s security software firm McAfee and network and server software firm Citrix Systems.

An official at the procurement agency said there were many reasons why local makers might be preferred, including sheer weight of numbers and the fact that domestic security technology firms offered more product guarantees than overseas rivals.

From the Guardian, absence of evidence asserted:

No evidence of NSA and GCHQ Sim card hack, says allegedly compromised firm

  • Gemalto, the world’s largest Sim card manufacturer, denies claims intelligence services hacked into its servers and stole the keys to billions of mobile phones

The firm allegedly hacked by the NSA and GCHQ has stated that it cannot find any evidence that the US and UK security services breached and stole the encryption keys billions of Sim cards.

The alleged hack was revealed by documents from the NSA files provided by Edward Snowden, which detailed attacks on Gemalto – the world’s largest Sim card manufacturer – which allegedly saw them steal encryption keys that allowed them to secretly monitor voice calls and data from billions of mobile phones around the world.

But after an investigation, the Dutch security company, which supplies Sim cards to all of the major UK mobile phone networks and 450 operators globally, has said that no evidence of a theft of Sim card security details has been found.

From the Intercept, the sound of one hand clapping:

Gemalto Doesn’t Know What It Doesn’t Know

The company was eager to address the claims that its systems and encryption keys had been massively compromised. At one point in stock trading after publication of the report, Gemalto suffered a half billion dollar hit to its market capitalization. The stock only partially recovered in the following days.

After the brief investigation, Gemalto now says that the NSA and GCHQ operations in 2010-2011 would not allow the intelligence agencies to spy on 3G and 4G networks, and that theft would have been rare after 2010, when it deployed a “secure transfer system.” The company also said the spy agency hacks only affected “the outer parts of our networks — our office networks — which are in contact with the outside world.”

Security experts and cryptography specialists immediately challenged Gemalto’s claim to have done a “thorough” investigation into the state-sponsored attack in just six days, saying the company was greatly underestimating the abilities of the NSA and GCHQ to penetrate its systems without leaving detectable traces.

“Gemalto learned about this five-year-old hack by GCHQ when the The Intercept called them up for a comment last week. That doesn’t sound like they’re on top of things, and it certainly suggests they don’t have the in-house capability to detect and thwart sophisticated state-sponsored attacks,” says Christopher Soghoian, the chief technologist at the American Civil Liberties Union. He adds that Gemalto remains “a high-profile target for intelligence agencies.”

Target tally totaled, via SecurityWeek:

Target Data Breach Tally Hits $162 Million in Net Costs

The cost of the Target breach keeps on climbing.

According to the firm’s latest earnings report, the net expense of the breach stands at $162 million.

The actual total has now reached a gross expense of $191 million. That amount was partially offset by a $46 million insurance receivable in 2014. In 2013, the company’s gross expense related to the breach was $61 million, which was offset by a $44 million insurance payment. That brings the net expense of the breach for the retail giant to $162 million.

According to the Ponemon Institute’s ninth annual global study on data breach costs released last year, the average total price tag of a breach was $145 for every record stolen or lost – an increase of nine percent compared to the cost noted in the previous report. The study focused on 314 companies across 10 countries. All the companies that participated in the 2014 study had experienced a data breach ranging from a low of 2,400 compromised records to a high of slightly more than 100,000. The most expensive data breaches occurred in the U.S. and Germany, and cost $201 and $195 per compromised record, respectively.

From Threatpost, Anthem for more bad news:

Up to 18.8 Million Non-Anthem Customers Affected in Breach

In addition to roughly 80 million Anthem customers, nearly 20 million more individuals who aren’t customers of the health insurer could ultimately wind up implicated in this month’s massive data breach.

The company disclosed yesterday that between 8.8 million and 18.8 million Blue Cross Blue Shield customers’ records may have been storoed in the database that was hacked. Anthem is part of a network of independent BCBS plans, and the latest batch of affected customers may have used their BCBS insurance in states such as Texas or Florida where the company runs partnerships.

It’s the first time the company has disclosed information regarding the breach as it relates to data other than its own since the compromise was announced on Feb. 5.

From SecurityWeek, ad-hacking your wireless:

Researchers Spot Aggressive Android Adware on Google Play

Highly aggressive adware has been found hidden in ten Android applications hosted on Google Play, Bitdefender reported.

Adware is highly common on both desktop PCs and smartphones. However, the threats discovered by the security firm stand out not just because they are aggressive, but also because they employ clever tricks to stay hidden on the infected device.

Once installed, the apps redirect victims to a webpage, hosted at mobilsitelerim.com/anasayfa, which serves ads designed to trick users into installing other pieces of adware disguised as system or performace updates, or get them to sign up for premium services. The displayed ads differ depending on the user’s location, Bitdefender said.

“Although they’re not malicious per se, by broadcasting sensitive user information to third parties, they resemble aggressive adware found on desktop PCs. The resulting barrage of pop-ups, redirects and ads irks users and seriously damages both the user experience and the performance of Android devices,” Bitdefender security researcher Liviu Arsene explained in a blog post.

And from Threatpost, an enduring threat:

Ransomware Looming As Major Long-Term Threat

On May 30, 2014, law enforcement officials from the FBI and Europol seized a series of servers that were being used to help operate the GameOver Zeus botnet, an especially pernicious and troublesome piece of malware. The authorities also began an international manhunt for a Russian man they said was connected to operating the botnet, but the most significant piece of the operation was a side effect: the disruption of the infrastructure used to distribute the CryptoLocker ransomware.

The takedown was the result of months of investigation by law enforcement and security researchers, many of whom were collaborating as part of a working group that had come together to dig into CryptoLocker’s inner workings. The cadre of researchers included reverse engineers, mathematicians and botnet experts, and the group quickly discovered that the gang behind CryptoLocker, which emerged in 2013, knew what it was doing. Not only was the crew piggybacking on the GameOver Zeus infections to reach a broader audience, but it also was using a sophisticated domain-generation algorithm to generate fresh command-and-control domains quickly. That kept the CryptoLocker crew ahead of researchers and law enforcement for a time.

“The interesting thing is all the opsec involved in this. The architecture thought out with this was really clear. The people working on this really sat down and architected and then engineered something,” said Lance James of Deloitte & Touche, who spoke about the takedown effort at Black Hat last year. “It took a lot more people on our side to hit it harder.”

After the jump, Austria enacts an Islamic crackdown, on to the ISIS front, first with a spooky assessment, crowdsourcing an anti-ISIS army, and a ‘Jihadi John’ profile from Old Blighty its spooky origins, Yemeni Arab Spring activists see their hopes dim, a Boko Haram bombing body count, bomb-sniffing pachyderms deployed, on to Pakistan and an American blogger slain, thence to North Korea and Japanese sanctions threatened, Washington deploys its top airborne spycraft to the South China Sea, Japan’s already considerable military power, and Shinzo Abe engineers more overseas naval deployments, and eases more legal restrictions. . . Continue reading

InSecurityWatch: Leaks, spooks, hacks war, more


We begin with the ACLU Blog of Rights, shining the light:

This Secret Domestic Surveillance Program Is About to Get Pulled Out of the Shadows

The federal government will have to produce information on a vast and secret domestic surveillance program and defend the program’s legality in open court. That’s the result of a decision issued Friday by the federal judge presiding over our lawsuit challenging the Suspicious Activity Reporting program, part of an ever-expanding domestic surveillance network established after 9/11.

The program calls on local police, security guards, and the public — our neighbors — to report activity they deem suspicious or potentially related to terrorism. These suspicious activity reports (“SARs” for short) are funneled to regional fusion centers and on to the FBI, which conducts follow-up investigations and stockpiles the reports in a giant database that it shares with law enforcement agencies across the country.

The decision is significant.

Surveillance programs have largely been shielded from judicial review, as many courts have accepted the government’s position that people cannot prove they have been under surveillance, and thus lack standing to sue. In this case, we represent clients who were confronted by law enforcement or know that SARs were uploaded to a counterterrorism database based on their entirely lawful activity. The government will now have to turn over information about a program that has never been subject to public scrutiny.

The problems with the Suspicious Activity Reporting program are manifold, beginning with the fact that government doesn’t require reasonable suspicion of criminal activity — an already low threshold — for a SAR to be maintained and shared. That violates a binding federal regulation, which is part of the basis for the lawsuit.

From AJ+, our first [but not last] leak story:

Spy Cables: Inside South Africa’s Spy Agency

Program notes:

Ever wondered how Africa’s most powerful spy agency operates? The Spy Cables show us how South Africa’s State Security Agency’s plans to build a secret satellite with Russia which would enable them to spy over all of Africa — take that NSA! Also, learn how a security screw up led to the African Union Chief almost being killed in Addis Ababa.

From the Guardian, domestic snooping:

South Africa spied on own government to get facts on joint project with Russia

  • Intelligence agency used agent with links to Russian government to glean information about satellite surveillance programme, leaked cables reveal

South Africa’s intelligence service relied on a spy “with direct access to the Russian government” to find out details of its own government’s involvement in a $100m (£65m) joint satellite surveillance programme with Russia, the leaked spy cables obtained by al-Jazeera and shared with the Guardian reveal.

The satellite system, known as Project Condor, which was launched into orbit by Russia in December last year, provides surveillance coverage of the entire African continent. The project has been shrouded in secrecy, with Russia originally refusing to reveal who its client was.

Those in the dark appear to have included South Africa’s intelligence agency. But a South African agent with access to Russian military intelligence was able to help, according to a leaked espionage report marked “top secret” and dated 28 August 2012.

From the Guardian, a Russian Al Queda warning:

Al-Qaida planning kamikaze attacks on ships in Mediterranean, cables claim

  • Leaked document from Russian intelligence agency claims north African branch wants to extend its range to Europe with marine unit

Al-Qaida has developed a seaborne unit to attack targets around the Mediterranean, according to a confidential report from Russian intelligence, one of a cache of secret documents from spy agencies around the world tracking jihadi terrorist groups.

According to the Russians, North African al-Qaida (Aqim – al-Qaida in the Islamic Maghreb) has established a 60-strong team of suicide bombers to plant mines under the hull of ships and to use small, fast craft for kamikaze attacks.

The claim, in a leaked document from Russia’s Federal Security Service (FSB), is one of a string of reports on the rise of Islamic State (Isis) and al-Qaida.

They include a two-month briefing by Omani intelligence estimating that Isis now has up to 35,000 fighters and an income of $1.5m (£1m) a day, reports from United Arab Emirates agents about the Isis leadership structure and a dossier from Jordanian intelligence on confessions extracted from terrorist suspects.

The Guardian has another leak story:

Spies, lies and fantasies: leaked cables lift lid on work of intelligence agencies

  • In the world of espionage, reports peppered with half-truths, rumours and the seemingly outlandish are par for the course, documents show

Intelligence agencies thrive on impressing politicians and the public with their mystique, exploits real or imagined, and possession of information that supposedly gives them a unique understanding of the world.

The reality is often bureaucratic and banal, the information unreliable, uncheckable or available in open sources and their judgments frequently politicised and self-serving. All of those elements can be found throughout the spy cables leaked to al-Jazeera and the Guardian.

Take the story about an Israeli plot to use water-gobbling plants to sabotage Egypt. The alleged scheme is mentioned in a 56-page report compiled by South African intelligence on the Israeli spy agency Mossad.

SecurityWeek covers snoopery north of the border:

Canada Monitoring Citizens’ Emails to Government: Media

Ottawa – Canada’s electronic eavesdropping agency has amassed a huge trove of emails sent to the government, as part of its cybersecurity mandate, according to a leaked secret document Wednesday.

And their retention by the Canadian Security Establishment (CSE) for days, months or years in some cases, is worrying privacy advocates.

Public broadcaster CBC, citing a 2010 document obtained from former US National Security Agency contractor Edward Snowden, said the CSE closely monitors visits to government websites and scans about 400,000 emails per day for suspicious content, links or attachments.

The electronic communications include Canadians’ electronic tax returns, emails to members of Parliament and passport applications, the Canadian Broadcasting Corporation said.

From RT, dis-Dane-ful:

Denmark’s plan to give spooks greater-than-NSA spy powers sparks outcry

Copenhagen is considering empowering its intelligence services to conduct covert electronic surveillance on citizens abroad without the need for a court order. Outraged privacy advocates have pledged to fight the initiative.

Despite the global outpouring of criticism of the National Security Agency and its affiliated partners in the so-called Five Eyes spying ring, which was exposed by NSA whistleblower Edward Snowden in 2013, it seems the Danish government is only too willing to take spying to an unprecedented new level.

As part of a package of new anti-terror initiatives, Copenhagen is now prepared to empower the Danish Defense Intelligence Service (Forsvarets Efterretningstjeneste, or FE) with greater snooping authority than the NSA.

However, plans to give Danish intelligence what appears to be unlimited access to the electronic communications of Danish citizens abroad is being criticized by privacy watchdog groups, including the think-tank Justitia and Associate Professor Anders Henriksen, from the University of Copenhagen.

From TheLoca.de, jailed for a speech “crime”:

Ex-lawyer jailed again for Holocaust denial

A Munich court on Wednesday sentenced a previously convicted Holocaust denier and ex-lawyer to a second jail term, after she publicly declared that there had been no organized genocide of the Jews under Adolf Hitler.

Sylvia Stolz, 51, was sentenced to 20 months’ imprisonment for telling an anti-censorship congress in Switzerland in 2012 that the “so-called Holocaust” under Adolf Hitler’s National-Socialist (Nazi) Party had never been legally defined or proven, the Süddeutsche Zeitung reported.

In an almost 100-minute address, video footage of which was used as evidence in her trial, Stolz stated before a crowd of 2,000 people there was no hard evidence of either Nazi plans or orders “to partially or wholly destroy Jewry”.
Therefore it was in itself a breach of the law that people like her who defended others put on trial for Holocaust denial should be prosecuted, she argued.

Another U.S. ISIS-related bust, via the Guardian:

Three New York men charged over alleged attempt to join Isis in Syria

  • One arrested at airport trying to board flight to Istanbul, another purchased ticket for Turkey on 29 March and third allegedly operated ‘domestic support network’

Three men from Brooklyn, New York are facing terrorism charges for allegedly attempting to join Islamic State (Isis) militants in Syria, federal authorities said on Wednesday.

Two of the men, Abdurasul Hasanovich Juraboev, 24, and Abror Habibov, 30, are Uzbekistani citizens; the other is a 19-year-old Kazakhstani citizen, Akhror Saidakhmetov. All three were charged with conspiracy to provide material support to Isis.

Their indictment was announced by the the FBI, the New York police department and US attorney Loretta Lynch, who is in the process of being confirmed by the Senate as US attorney general.

From the Guardian, a call for justice in the Windy City:

Chicago ‘black site’: former US justice officials call for Homan Square inquiry

  • Two ex-senior Justice Department officials say allegations about police operation are ‘very disturbing’ and raise serious questions about constitutional violations

Two former senior Justice Department officials are calling on their colleagues to investigate a secretive warehouse used for interrogations by Chicago police and likened to a CIA “black site” facility.

Sam Bagenstos, who during Barack Obama’s first term was the Justice Department’s No 2 civil rights official, said that the Guardian’s exposé of the Homan Square police warehouse raised concerns about “a possible pattern or practice of violations of the fourth and fifth amendments” that warranted an inquiry.

William Yeomans, who worked in the civil rights division from 1981 to 2005, and served as its acting attorney, said the allegations about off-the-books interrogations and barred access to legal counsel reported by the Guardian merited a preliminary investigation to confirm them, a first step toward a full civil rights investigation.

From the Guardian, intimidating cops under the gun in Old Blighty:

British police investigated over attempts to recruit activists as spies

  • Two Cambridgeshire officers face misconduct allegations after approaches by covert unit that campaigners said left them stressed and paranoid, with some ending their political activities

It is examining allegations that coercive and at times repeated approaches by police caused the activists to give up their political campaigning, or left them stressed and paranoid.

One campaigner wore a secret camera to capture police attempting to persuade him to spy on Cambridge University students, environmentalists, campaigners against government cuts and anti-racist activists. The footage was broadcast by the Guardian in 2013.

Another, a 23-year-old single mother, has alleged that police threatened to prosecute her if she disclosed to anyone, including her mother, the attempt to recruit her as an informer.

Cambridgeshire police are carrying out the internal investigation into what they have described as serious allegations surrounding its attempted recruitment of informers.

From the New York Times, more arrests for presidential wiretapping in Turkey:

Turkish Police Arrested and Accused of Wiretapping President Erdogan

Police officers in Turkey arrested dozens of fellow officers on Wednesday accused of wiretapping President Recep Tayyip Erdogan and top government officials.

The chief prosecutor’s office in Ankara, the capital, issued 54 arrest warrants, the Anadolu News Agency reported, and at least 40 people were arrested in a wave of early morning raids that were carried out simultaneously in 19 cities.

The arrests are the latest salvo in a feud between Mr. Erdogan and his former ally, Fethullah Gulen, an influential Muslim cleric who lives in exile in Pennsylvania and has been accused of participating in a plot to overthrow the government.

After the jump, Al Jazeera reporters busted for droning Paris, a drone ban in Morocco, Charlie Hebdo back on schedule, a big reward for a hacking bank robber, Instagram leaks celebrity locations, an Aussie Anonymous hacker charged with attacking spooky sites, major civil rights failures by the major powers, on to the ISIS front and historical nihilism as libraries are burned and artifacts sold, and ISIS sounds up Syrian Christians, Lakes Chad fish traders bombed by Niger to defund Boko Haram, as Boko Haram targets Nigerian elections, a 100-bomb North Korean nuclear arsenal envisioned, China demotes a spy chief, corrupt officials planned to assassinate China’s leaders, China extends its bombers’ reach, and Okinawan opposition to an American base increases. . . Continue reading

InSecurityWatch: Leaks, hacks, crime, spooks


We begin with a twofer from Reuters:

South African spooks red-faced from latest spy data leak

A mass leak of South African espionage secrets will cause many foreign agencies to think twice before sharing information with Pretoria, hampering its efforts to walk a delicate diplomatic tightrope between East and West, experts said on Tuesday.

Britain’s Guardian paper and Gulf TV channel Al Jazeera said they had obtained hundreds of dossiers, files and cables from the world’s top spy agencies to and from South Africa, dubbing it “one of the biggest spy leaks in recent times”.

“A leak like this affects the credibility of the agencies and how they cooperate,” said Mike Hough, a retired professor from Pretoria University’s Institute for Strategic Studies. “It could lead to the termination of certain projects.”

From Al Jazeera, something many journalists have assumed for a half century:

Spy cables: Israel airline used as intelligence ‘front’

  • Leaked documents reveal South Africa challenged Mossad over alleged clandestine security operations under El Al cover.

Secret cables obtained by Al Jazeera’s Investigative Unit confirm that South Africa’s spy agencies concurred with allegations that Israel uses its flag-carrier, El Al Airlines, as cover for its intelligence agencies.

Leaked documents from South Africa’s intelligence agency support claims made on a 2009 South African television programme by a former El Al employee-turned-whistleblower.

Despite official Israeli denials, the whistleblower’s claims prompted an emergency meeting between senior officials from both sides, as well as a separate note of enquiry from Canada’s intelligence agency.

Another leak, via the Guardian:

Spy cables: Greenpeace head targeted by intelligence agencies before Seoul G20

  • South Korea’s intelligence service requested information about South African activist Kumi Naidoo in runup to leaders’ meeting in 2010

The head of Greenpeace International, Kumi Naidoo, was targeted by intelligence agencies as a potential security threat ahead of a major international summit, leaked documents reveal.

Information about Naidoo, a prominent human rights activist from South Africa, was requested from South African intelligence by South Korea’s National Intelligence Service (NIS) in the runup to a meeting of G20 leaders in Seoul in 2010.

He was linked in the intelligence request with two other South Africans who had been swept up in an anti-terrorist raid in Pakistan but later released and returned to South Africa.

And from Al Jazeera, faults revealed:

Spy Cables expose S Africa’s alarming security failings

  • Secret documents reveal an array of security lapses and flaws within South African government and intelligence.

South African government and security agencies have left secrets exposed at every level and foreign spies have access to all areas of government, according to Intelligence documents obtained by Al Jazeera’s Investigative Unit.

A secret security assessment by South African intelligence says foreign espionage is booming, with more than 140 foreign spies estimated to be operating in South Africa – and that the South African state is doing a poor job of protecting itself.

They are thought to have gained access to government departments, ministries and “even the presidency” and are suspected of breaking into nuclear power plants, stealing military blueprints and hacking computers.

The report slams poor security awareness among civil servants, who regularly failing to observe the most basic procedures, leaving classified information unlocked and failing to adequately vet new recruits.

From the Los Angeles Times, a major security fail:

State Department official arrested, suspected of soliciting sex from minor

A senior State Department official who oversees counter-terrorism programs has been arrested on suspicion of of soliciting sex from a minor, authorities in Virginia said late Tuesday.

Daniel Rosen was arrested at his home in Washington, D.C., just after noon and is being held in the city’s jail on suspicion of use of a communications device to solicit a juvenile, said Lucy Caldwell, spokeswoman for the Fairfax County Police Department.

According to his LinkedIn profile, Rosen, 44, is the director of counter-terrorism programs and policy for the State Department. Police said they have notified the State Department of his arrest.

A kindred failure across the pond, via the London Telegraph:

Sir Malcolm Rifkind to step down as MP and resigns from security committee

  • Tory MP Sir Malcolm Rifkind is to step down as an MP at the General Election and has also resigned as chairman of the Parliamentary Intelligence and Security Committee

Sir Malcolm Rifkind, the Conservative MP embroiled in cash for access allegations, is to step down as an MP at the General Election and has also resigned as chairman of the Parliamentary Intelligence and Security Committee.

Sir Malcolm was suspended by the Conservative Party pending an internal investigation on Monday after telling undercover reporters from The Telegraph and Channel 4’s Dispatches that he would use his position as a politician to help a fictitious Chinese company.

His decision to stand down as the Conservative MP for Kensington means there will be a contest for one of the Conservative Party’s safest seats.

The Guardian exposes a case of Chicago P.D. reality rising to film noir levels:

Chicago’s Homan Square ‘black site’: surveillance, military-style vehicles and a metal cage

  • This building looks innocent enough. But those familiar with the secretive interrogation and holding facility describe a shocking display of police abuses

From the outside, you have to concentrate to realize Homan Square is a police facility. At first glance, it’s an unremarkable red brick warehouse, one of a handful on Chicago’s west side that used to belong to Sears Roebuck, complete with roll-up aluminum doors. No prominent signage tells outsiders it belongs to the police. The complex sits amidst fixtures in a struggling neighborhood: a medical clinic, takeout places, a movie theater, a charter school.

But a look at what surrounds the warehouse gives clearer indications of Homan Square’s police business. The yellow barrier for cars at the street checkpoint. The vans in the motor pool marked Chicago Police Forensic Services parked next to the unmarked cars. The black-and-white checkered door to match the signature pattern on Chicago police hats. The floodlights on the roof. The guy with a gun walking outside and smoking a cigarette in a black windbreaker with POLICE written on the back.

Over the years Homan Square has formed a backdrop for high-profile drug seizures, where Chicago officials or cops display cocaine, marijuana and guns taken off the street. The rock group Portugal.The Man reportedly sent Homan Square detectives three dozen doughnuts – plus croissants and danishes – in gratitude for helping the band recover stolen music equipment.

But its interrogations function is less well known, even to close observers of Chicago police. Anthony Hill, an attorney, said he once made it into Homan Square, to the surprise of police, and said he saw “four, five cells,” describing it as a “bare-bones police station.

“When I got in, they were so shocked I was there they didn’t know what to do with me,” he said.

The Hill takes a profitable spin through the revolving spooky door:

NSA staffers rake in Silicon Valley cash

Former employees of the National Security Agency are becoming a hot commodity in Silicon Valley amid the tech industry’s battle against government surveillance.

Investors looking to ride the boom in cybersecurity are dangling big paydays in front of former NSA staffers, seeking to secure access to the insider knowledge they gained while working for the world’s most elite surveillance agency.
With companies desperate to protect their networks against hackers, many tech executives say the best way to develop security products is to enlist the talents of people who have years of experience cracking through them.

“The stories he could tell,” venture capitalist Ray Rothrock recalled about his meetings with a former NSA employee who founded the start-up Area 1 Security. “They come with a perspective that nobody in Silicon Valley has.”

From the Verge, from their resumes:

The NSA’s SIM heist could have given it the power to plant spyware on any phone

Last week, The Intercept published shocking new documents detailing a campaign by US and UK spies to hack into the SIM manufacturer Gemalto, stealing crucial encryption keys that protect and authenticate cellphone signals. But while it was clearly a major attack, I had a hard time seeing the operational benefits for the world’s spy agencies. SIM encryption only protects calls between your phone and the cell tower, which means any would-be surveillers would need to stay within a mile of the target. It’s also puzzling because carriers are often happy to hand over all their data with a blanket court order. Why would the GCHQ go to so much trouble for access to data they mostly already have?

But in the days since the report published, there’s been concern over an even more frightening line of attack. The stolen SIM keys don’t just give the NSA the power to listen in on calls, but potentially to plant spyware on any phone at any time. Once the stolen keys have bypassed the usual protections, the spyware would live on the SIM card itself, undetectable through conventional tools, able to pull data and install malicious software. If the NSA and GCHQ are pursuing that capability, it could be one of the biggest threats unearthed by Snowden so far.

Our earlier report focused on the Ki keys, used to encrypt traffic between the phone and the tower — but this new attack uses a different set of keys known as OTA keys, short for “over-the-air.” Each SIM card gets its own OTA key, typically used to remotely install updates. Manufacturers can send a binary text message directly to the SIM card, and as long as it’s signed with the proper OTA key, the card will install the attached software without question. If those keys were compromised, it would give an attacker carte blanche to install all manner of spyware. Researcher Claudio Guarnieri, who’s researched the Snowden documents extensively, says the OTA keys could make the Gemalto heist the most important news to come out of the documents so far. “It’s scary,” Guarnieri says. “If the NSA and GCHQ have obtained a large quantity of OTA keys, we’re facing the biggest threat to mobile security ever.”

From the Guardian, real class-y AT&T:

AT&T is putting a price on privacy. That is outrageous

  • Poor customers should not have to choose between being spied on and forking over money

Imagine if the postal service started offering discount shipping in exchange for permission to scan every letter you receive and then target you with junk mail based on the contents of your personal mail.

One of the largest telecommunications companies in America, AT&T, is doing just that for customers of its super-fast gigabit broadband service, which is rolling out in select cities. Though a few months ago, it dropped the use of an undeletable “supercookie” that tracked subscribers’ web browsing activity, AT&T reportedly plans to track and monetize its broadband customers’ internet activity – “webpages you visit, the time you spend on each, the links or ads you see and follow, and the search terms you enter” – to deliver targeted “ads online, via email or through direct mail”.

The tracking and ad targeting associated with the gigabit service cannot be avoided using browser privacy settings: as AT&T explained, the program “works independently of your browser’s privacy settings regarding cookies, do-not-track and private browsing.” In other words, AT&T is performing deep packet inspection, a controversial practice through which internet service providers, by virtue of their privileged position, monitor all the internet traffic of their subscribers and collect data on the content of those communications.

What if customers do not want to be spied on by their internet service providers? AT&T allows gigabit service subscribers to opt out – for a $29 fee per month.

After the jump, ghoulish corporate vultures follow our health concerns online, a Dutch university occupation evicted, Germans lose faith in democracy, the Anthem health data breach scope widens, widespread ongoing hack points persist in many aps, denial of service attacks target Google in Vietnam, on to the Mideast and an Assyrian Christian army mobilizing to fight ISIS, a Saudi apostasy death sentence, a Pakistani cell phone fingerprint requirement, pushing for a North Korean nuclear surrender, China raises NATO hackles with a missile sale to Turkey, Hong Kong delegates to the Beijing legislature call for a crackdown, Shinzo Abe aims for more power for military commanders, more Okinawan anger over an American military base move, and a Japanese human rights downgrade. . . Continue reading