Year 2013 will be year of cyber security. CNN expects more cyber wars this year. Cybercrime is on the rise, and last year we saw more and more computer virus attacks. Security company Kaspersky Lab warns of more new cyber-threats against enterprises and mobile devices. Cyber security also relates to mobile.
Security becomes an increasingly important issue. Year 2013 is the year of cyber security. Security company Stonesoft predicts we will face a more targeted launch cyber-attacks, cyber espionage and hactivism. Cyber security is the fastest growing trend in information security and its importance will increase in the future. According to Stonesoft the current security systems are unable to provide adequate protection against targeted attacks: we require proactive cyber protection and willingness to face the unknown threats.
Hacktivism will continue. According to article Anonymous: ‘Expect us 2013′ the hacking group boasted its cyberattacks against the U.S., Syrian, and Israeli governments in 2012. They are also warning people to continue to expect this type of activity.
SCADA security was hit hard in 2012. Some of the big manufacturers hit hard have learned their lessons and test their devices more now. But how are some smaller manufacturers security testing? Metasploit has special category for SCADA
devices. Good idea to test your devices against it.
There is still work to do on Cyber security standards and SCADA standards. For example in very widely used automation security standard IEC 61508 security is addresses only in informative way (NOT MANDATORY. IEC 62443-2-4: A Baseline Security Standard for Industrial Automation Control Systems is a good starting point when thinking on SCADA systems security.
Nowadays you need to think about SCADA system security more then some years ago. Previously, it was thought that it is sufficient to isolate factory process automation system from the office networks and the Internet. This is no longer enough. Nowadays you need to think about information security of production of automation systems. You can’t keep the automation systems isolated from Internet. Accidental connections to Internet from isolated networks happen. Malware can spread through USB memory sticks (Stuxnet did that). And nowadays there are more and more business reasons to connect process automation systems to other networks. So automations system do not anymore live in complete isolation from rest of the world.
Systems with SCADA vulnerabilities have become easier to find. Hackers tap SCADA vuln search engine article tells a search engine that indexes servers and other internet devices is helping hackers to find industrial control systems that are vulnerable to tampering. Search engine Shodan easily pinpoints shoddy industrial controls. Shodan makes it easy to locate internet-facing SCADA, or supervisory control and data acquisition, systems used to control equipment at gasoline refineries, power plants and other industrial facilities. The search engine can also be used to identify systems with known vulnerabilities. Shodan makes networks more vulnerable to brute-force attacks on passwords, many of which may still use factory defaults.
Thousands of SCADA Devices Discovered On the Open Internet article tells that there are all the time news of the continuing poor state of security for industrial control systems. The pair of researchers with found found not only devices used for critical infrastructure such as energy, water and other utilities, but also SCADA devices for HVAC systems, building automation control systems, large mining trucks, traffic control systems, red-light cameras and even crematoriums. Never underestimate what you can do with a healthy list of advanced operator search terms and a beer budget.
Researchers have also found crippling flaws in GPS receivers. Global Positioning System infrastructure critical to the navigation of a host of military and civilian technologies including planes, ships and unmanned drones. GPS system is also used to generate accurate clocks in SCADA system and smart grid devices. Researchers showed that they could permanently de-synchronise the date of Phasor Measurement Units used in smart grid and cause UNIX epoch rollover in a few minutes. The overall landscape of GPS vulnerabilities is startling.
Happy now? Mobiles, cloud, big data now ‘a growing security risk’ article tells that innovations in mobile and cloud computing, social technology and the use of “big data” present an emerging risk to organisations’ IT security, experts have warned. The European Network and Information Security Agency (ENISA), which is an EU advisory body, said that those technologies would increasingly provide the platform for “most of the innovation expected in the area of IT” and warned that with their emergence would come an associated increased cyber threat. ENISA warned that the threat stemming from mobile computing comes from the fact that mobile communications take place over “poorly secured … or unsecured channels”. The most significant threat stems from hackers inserting malicious software in website browser and other software available on mobile devices. Cyber criminals could also use the capabilities of cloud computing for their own gains, such as by storing malware in those systems and using the technology as a platform to launch attacks.
Drive-by downloads attacks against web browsers have become the top web threat. More specifically, attackers are moving into targeting browser plugins such as Java (Java exploits are the major cross-platform threat), Adobe Reader and Adobe Flash. The drive-by download attacks are almost exclusively launched through compromised legitimate websites which are used by attackers to host malicious links and actual malicious code. Exploits are sold for considerable amount of money and quickly included into exploit kits.
Africa’s Coming Cyber-Crime Epidemic article tells that last decade may have just been the first step in a looming African cyber-crime wave. Africa has the world’s fastest-growing middle class, whose members are increasingly tech-savvy and Internet connected and lax law enforcement is a perfect petri dish for increased cybercrime.
European wide cyber police started. EU’s new European Cybercrime Centre (EC3) was just opened few days ago. The facility will act as the “focal point” in the EU’s fight against cybercrime, against both businesses and private citizens. EC3 will act as a hub where crime-fighters can pool expertise and information, support criminal investigations and help develop and spread best practice. It will work with industry to develop threat assessments. It will work closely with the FBI and the US Secret service, in addition to other foreign agencies.
1,930 Comments
Air Con Contractor Singapore says:
You have simple fact a new good web site owner. The website filling pace is definitely wonderful. It kind of thinks that you’re performing virtually any exclusive tip. Furthermore, The particular items are masterpiece. you could have completed an excellent task about this subject matter!
Tomi Engdahl says:
Report: Verizon providing all call records to U.S. under court order
http://www.washingtonpost.com/world/national-security/verizon-providing-all-call-records-to-us-under-court-order/2013/06/05/98656606-ce47-11e2-8845-d970ccb04497_story.html
The National Security Agency appears to be collecting the telephone records of tens of millions of American customers of Verizon, one of the nation’s largest phone companies, under a top-secret court order issued in April.
The order appears to require a Verizon subsidiary to provide the NSA with daily information on all telephone calls by its customers within the United States and from foreign locations into the United States.
Tomi Engdahl says:
Verizon court order: NSA collecting phone records of millions of Americans daily
http://www.guardian.co.uk/world/2013/jun/06/nsa-phone-records-verizon-court-order
Exclusive: Top secret court order requiring Verizon to hand over all call data shows scale of domestic surveillance under Obama
The order, a copy of which has been obtained by the Guardian, requires Verizon on an “ongoing, daily basis” to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.
The secret Foreign Intelligence Surveillance Court (Fisa) granted the order to the FBI on April 25, giving the government unlimited authority to obtain the data for a specified three-month period ending on July 19.
Under the terms of the blanket order, the numbers of both parties on a call are handed over, as is location data, call duration, unique identifiers, and the time and duration of all calls. The contents of the conversation itself are not covered.
Tomi Engdahl says:
Building a People-Centric Datacenter
http://www.zdnet.com/building-a-people-centric-datacenter-7000016428/
Summary: When redesigning your datacenter, people-centric IT must be a priority.
If you’re ever looking for a way to frustrate your users, making it difficult to log on is a great way to start. Unfortunately, the pressure to adopt a wide variety of cloud-based services is forcing many companies in exactly that direction.
We saw some of the benefits of a hybrid cloud in Keeping Your Options Open with a Hybrid Cloud. Flexible sourcing of IT allows organizations to optimize each service for cost, functionality and usability, so it is a great opportunity. However, left unchecked, this approach has the potential to lead to an authentication nightmare. Duplicate credentials to remember, re-authentication with each service…what a way to alienate the business.
Of course, that’s not the only downside. Poor identity management also makes the systems less secure. Users find their own ways to cope: for example, re-using passwords across many systems, choosing weak credentials, or writing passwords down in an accessible location.
A much more attractive option is to make people-centric IT a priority as you redesign your datacenter. You will need a central identity store if you want to manage your users across multiple datacenters and cloud providers. The store itself may be on-premises (e.g. Windows Server Active Directory) or it could be hosted in the cloud (e.g. Windows Azure Active Directory).
Tomi Engdahl says:
New Chinese hacker group targets governments and nuclear facilities
http://money.cnn.com/2013/06/04/technology/security/cyber-hacker-group/index.html
There’s another Chinese spy hacker group on the scene targeting governments and research firms, according to a new report by a cybersecurity firm.
Kaspersky Lab released a new report Tuesday newly identifying a cyber-espionage group called “NetTraveler.” The group has attacked more than 350 victims, mostly governments, embassies, oil and gas companies and research firms in 40 countries, said Costin G. Raiu, Kaspersky Lab director of global research.
The China-based group has been around since 2004, but has been most active during the past three years, Raiu said.
More recently, the group appears to be stealing data on space exploration, nanotechnology, energy production, nuclear power, lasers and radio wave weapons.
Raiu said the group is comprised of about 50 people, most likely in mainland China, working in the same timezone as Beijing. He said most of the group of hackers are young, straight out of college or the army.
Tomi Engdahl says:
Keyless Remote Entry For Cars May Have Been Cracked
http://tech.slashdot.org/story/13/06/05/1921221/keyless-remote-entry-for-cars-may-have-been-cracked
“The Today Show had a piece this morning showing video of thieves apparently using a small device to open and enter cars equipped with keyless entry. Electronic key fobs, which are supposed to be secure, are replacing keys in more and more new cars, but the evidence suggests that a device has been developed which effortlessly bypasses this security (at least on certain makes and models)”
Police admit they’re ‘stumped’ by mystery car thefts
http://www.today.com/news/police-admit-theyre-stumped-mystery-car-thefts-6C10169993
This is a real mystery. You think when you lock your car and set the alarm, your car is pretty safe. But criminals have designed a new high-tech gadget giving them full access to your car. It’s so easy, it’s like the criminals have your actual door remote.
A Long Beach, Calif., surveillance video shows a thief approaching a locked SUV in a driveway. Police say he’s carrying a small device in the palm of his hand. You can barely see it, but he aims it at the car and pops the locks electronically. He’s in, with access to everything. No commotion at all.
Then his accomplice shows up and hits another car, using that same handheld device.
“We are stumped and we don’t know what this technology is.”
This is so new, police don’t know how widespread it is. But no question, they’re desperate to track down one of these devices so they can see how it works.
Tomi Engdahl says:
Smart TVs riddled with DUMB security holes
Fake content, snooping, LAN attacks and more
http://www.theregister.co.uk/2013/06/06/smart_tvs_riddled_with_dumb_security_holes/
It’s been known for some time that “smart TVs” are dumb about security, but a German researcher has demonstrated that the stupidity goes so far as to enable remote snooping or even a takeover of the in-set computer.
Nruns researcher Martin Herfurt has taken work begun at the Darmstadt University of Technology to demonstrate a range of remote attacks on Samsung Hybrid Broadcast Broadband TVs – HbbTVs – that include WiFi eavesdropping, fake analytics, content redirection, fake news tickers, Bitcoin mining and more.
More entertaining, however, is the number of ways an attacker could redirect the viewing of a victim, because the smart TVs use an embedded Web browser – in the case of Samsung, complete with Javascript support and WebKit 1.1 compatibility – which among other things reads HTML embedded in DVB streams.
This, Herfurt writes, makes it trivial for an attacker to inject their own URLs into the stream, or use DNS attacks to redirect the TVs to their own content. He also noted that none of the broadcasters using HbbTV capabilities are doing so over SSL, allowing content spoofing.
All of these attacks suggest other, even more malicious, possibilities: “Once attackers managed to redirect the HTTP requests of the TV to controlled sources, many different HTML-/Javascript-based attacks become possible,” he writes.
Finally, Herfurt notes, the presence of the Javascript XmlHttpRequest object in the TVs provides a vector for a number of attacks on the LAN the device is attached to.
Tomi Engdahl says:
Cyber threats present in all the media on a daily basis and on revitellään eye-catching headlines. Just as with great enthusiasm the market is full of gadgets that allow security concerns should be wiped off and the nights sleep in as well. The threat is real, it can not be denied, but at the same time so complex that its detection and Combating this requires much more than just a gadget.
The ability to detect and respond to an attack on the key. In the United States published a report that 94 percent of the cases the organization received from a third party information that the information was broken into. Only six per cent of cases the organization itself discovered the intrusion. Companies and various authorities are, therefore, have the ability to detect attacks.
Source: http://www.tietoviikko.fi/viisaat/cgi/kaviko+kyberrosvo+kylassa/a907261?s=r&wtm=tietoviikko/-06062013&
Tomi Engdahl says:
FEBRUARY 2013
Active Cyber Defense
A Framework for Policymakers
http://www.cnas.org/files/documents/publications/CNAS_ActiveCyberDefense_Lachow_0.pdf
Advanced cyber attacks pose a serious risk
to U.S. economic and national security.
Passive cyber defenses that rely on perimeter
sensors to prevent intrusions cannot adequately
protect against increasingly sophisticated cyber
attacks. Active cyber defense (ACD), a term that
describes a range of proactive actions that engage
the adversary before and during a cyber incident,
can dramatically improve efforts to prevent, detect
and respond to these sophisticated attacks.
Tomi says:
Hacking high school exams and foiling them with statistics
http://hackaday.com/2013/06/05/hacking-high-school-exams-and-foiling-them-with-statistics/
ISC national examination, taken by 65,000 12th graders in India.
asked if it was possible to hack into the board of education’s servers to see the grades before they were posted.
Getting the grades off the CISCE board of education’s servers was very simple
There was absolutely no security here, an impressive oversight indeed.
After writing a small script and running it on a few machines, [Debraghya] had the exam results, names, and national IDs of 65,000 students.
[Debraghya] is convinced he’s discovered evidence of grade tampering.
Tomi Engdahl says:
Documents: U.S. mining data from 9 leading Internet firms; companies deny knowledge
http://www.washingtonpost.com/investigations/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program/2013/06/06/3a0c0da8-cebf-11e2-8845-d970ccb04497_story.html
The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track foreign targets, according to a top-secret document obtained by The Washington Post.
The program, code-named PRISM, has not been made public until now.
there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.
Equally unusual is the way the NSA extracts what it wants, according to the document: “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”
PRISM was launched from the ashes of President George W. Bush’s secret program of warrantless domestic surveillance in 2007, after news media disclosures, lawsuits and the Foreign Intelligence Surveillance Court forced the president to look for new authority.
The court-approved program is focused on foreign communications traffic, which often flows through U.S. servers even when sent from one overseas location to another.
Several companies contacted by The Post said they had no knowledge of the program, did not allow direct government access to their servers and asserted that they responded only to targeted requests for information.
“We do not provide any government organization with direct access to Facebook servers,” said Joe Sullivan, chief security officer for Facebook.
“We have never heard of PRISM,” said Steve Dowling, a spokesman for Apple.
An internal presentation of 41 briefing slides on PRISM, dated April 2013 and intended for senior analysts in the NSA’s Signals Intelligence Directorate, described the new tool as the most prolific contributor to the President’s Daily Brief, which cited PRISM data in 1,477 items last year. According to the slides and other supporting materials obtained by The Post, “NSA reporting increasingly relies on PRISM” as its leading source of raw material, accounting for nearly 1 in 7 intelligence reports.
The technology companies, whose cooperation is essential to PRISM operations, include most of the dominant global players of Silicon Valley, according to the document. They are listed on a roster that bears their logos in order of entry into the program: “Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”
“As it is written, there is nothing to prohibit the intelligence community from searching through a pile of communications, which may have been incidentally or accidentally been collected without a warrant, to deliberately search for the phone calls or e-mails of specific Americans,” Udall said.
Even when the system works just as advertised, with no American singled out for targeting, the NSA routinely collects a great deal of American content. That is described as “incidental,” and it is inherent in contact chaining, one of the basic tools of the trade.
In exchange for immunity from lawsuits, companies such as Yahoo and AOL are obliged to accept a “directive” from the attorney general and the director of national intelligence to open their servers to the FBI’s Data Intercept Technology Unit, which handles liaison to U.S. companies from the NSA. In 2008, Congress gave the Justice Department authority for a secret order from the Foreign Surveillance Intelligence Court to compel a reluctant company “to comply.”
There has been “continued exponential growth in tasking to Facebook and Skype,” according to the PRISM slides.
According to a separate “User’s Guide for PRISM Skype Collection,” that service can be monitored for audio when one end of the call is a conventional telephone and for any combination of “audio, video, chat, and file transfers” when Skype users connect by computer alone. Google’s offerings include Gmail, voice and video chat, Google Drive files, photo libraries, and live surveillance of search terms.
Tomi Engdahl says:
NSA slides explain the PRISM data-collection program
Published: June 6, 2013
http://www.washingtonpost.com/wp-srv/special/politics/prism-collection-documents/
Through a top-secret program authorized by federal judges working under the Foreign Intelligence Surveillance Act (FISA), the U.S. intelligence community can gain access to the servers of nine Internet companies for a wide range of digital data.
Tomi Engdahl says:
The NSA surveillance story reinforces why an entity like WikiLeaks is so important
http://gigaom.com/2013/06/06/the-nsa-surveillance-story-reinforces-why-an-entity-like-wikileaks-is-so-important/
It may not have been involved in the latest revelations about the NSA’s spying program, but the existence of a stateless repository for leaks would make it easier for similar information to be made public.
And neither WikiLeaks nor its supporters had much to do with the latest blockbuster leak of government intelligence, which confirmed that the National Security Agency has been collecting phone-call data from Verizon customers thanks to a secret court order. But despite all that, the NSA story helps to highlight why having an independent repository for high-level leaks is a valuable thing.
Tomi Engdahl says:
Hackers to Be Kept From U.S. in House Cybersecurity Bill
http://www.bloomberg.com/news/2013-06-06/hackers-to-be-kept-from-u-s-in-house-cybersecurity-bill.html
Computer hackers who target U.S. agencies and companies on behalf of countries such as China and Russia would be denied entry into the U.S. and have their bank accounts frozen under legislation to be unveiled today.
The measure, sponsored by U.S. Representative Mike Rogers, calls for deporting foreign nationals who are suspected of being cyberspies for other countries
“This is putting a face to the criminals,” Knight said in an interview. “If you’re a foreign agent working on behest of a nation and participating in cybercrime, you will not be allowed a visa into the country, nor will your family.”
Tomi Engdahl says:
Microsoft works with financial services industry leaders, law enforcement and others to disrupt massive financial cybercrime ring
http://blogs.technet.com/b/microsoft_blog/archive/2013/06/05/microsoft-works-with-financial-services-industry-leaders-law-enforcement-and-others-to-disrupt-massive-financial-cybercrime-ring.aspx
With a court ordered civil seizure warrant from the U.S. District Court for the Western District of North Carolina, Microsoft executed a simultaneous operation to disrupt more than 1,400 Citadel botnets which are responsible for over half a billion dollars in losses to people and businesses worldwide.
Meanwhile, the FBI took coordinated separate steps related to the operation. This collaborative action – codenamed Operation b54 – is Microsoft’s seventh botnet operation to date and part of a growing proactive effort by both the public and private sector to fight cybercrime
Tomi Engdahl says:
ZeuS/ZBOT Malware Shapes Up in 2013
http://blog.trendmicro.com/trendlabs-security-intelligence/zeuszbot-malware-shapes-up-in-2013/
The notorious info-stealing ZeuS/ZBOT variants are reemerging with a vengeance, with increased activity and a different version of the malware seen this year
As seen in this chart, ZBOT variants surged in the beginning of February and continued to be active up to this month. It even peaked during the middle of May 2013. These malware are designed to steal online credentials from users, which can be banking credentials/information or other personally identifiable information (PII).
ZBOT malware of this generation are found to be mostly either Citadel or GameOver variants. Unlike earlier version, the mutex name is randomly generated.
In our 2013 Security Predictions, we predicted that cybercrime will be characterized by old threats resurfacing, but with certain refinements and new features in tow. The 1Q of the year proved this thesis, as seen in threats like CARBERP and Andromeda botnet.
Conclusion
What we can learn from ZeuS/ZBOT’s spike in recent months is simple: old threats like ZBOT can always make a comeback because cybercriminals profit from these. Peddling stolen banking and other personal information from users is a lucrative business in the underground market. Plus, these crooks can use your login credentials to initiate transactions in your account without your consent.
Tomi Engdahl says:
Malware That Drains Your Bank Account Thriving on Facebook
http://bits.blogs.nytimes.com/2013/06/03/malware-that-drains-your-bank-account-thriving-on-facebook/
In case you needed further evidence that the White Hats are losing the war on cybercrime, a six-year-old so-called Trojan horse program that drains bank accounts is alive and well on Facebook.
Zeus is a particularly nasty Trojan horse that has infected millions of computers, most of them in the United States. Once Zeus has compromised a computer, it stays dormant until a victim logs into a bank site, and then it steals the victim’s passwords and drains the victim’s accounts
The Trojan, which was first detected in 2007, is only getting more active. According to researchers at the security firm Trend Micro, incidents of Zeus have risen steadily this year and peaked in May.
Mr. Feinberg said he had noticed an increase in such pages and malicious links in recent weeks.
The malware was being hosted from computers known to be controlled by a Russian criminal gang known as the Russian Business Network, which has been linked to various online criminal activities, ranging from malware and identity theft to child pornography.
Tomi Engdahl says:
“NetTraveler is Running!” – Red Star APT Attacks Compromise High-Profile Victims
http://www.securelist.com/en/blog/8105/NetTraveler_is_Running_Red_Star_APT_Attacks_Compromise_High_Profile_Victims
Over the last few years, we have been monitoring a cyber-espionage campaign that has successfully compromised more than 350 high profile victims in 40 countries. The main tool used by the threat actors during these attacks is NetTraveler, a malicious program used for covert computer surveillance.
This malware is used by APT actors for basic surveillance of their victims. Earliest known samples have a timestamp of 2005, although references exist indicating activity as early as 2004. The largest number of samples we observed were created between 2010 and 2013.
Tomi Engdahl says:
EU countries must be able to sentence hackers to two years, draft law says
http://www.computerworld.com.au/article/463966/eu_countries_must_able_sentence_hackers_two_years_draft_law_says/
A proposed new law would require EU countries to jail hackers for a minimum of two years
Hackers would face up to two years or more in prison no matter where they live in the European Union under a new draft law approved by the European Parliament’s civil liberties committee on Thursday.
The proposed rule would prevent E.U. countries from capping sentences for any type of hacking at less than two years. Meanwhile the maximum sentence possible for cyberattacks against “critical infrastructure,” such as power plants, transport networks and government networks would be at least five years in jail.
The draft directive, which updates rules that have been in place since 2005, would also introduce a maximum penalty of at least three years’ imprisonment for creating botnets.
The new laws would impose certain requirements on police and judicial authorities as well. Authorities would be required to respond to urgent requests for help within eight hours.
“The blunt new rules on criminalizing cyber attacks take a totally flawed approach to Internet security. The broad strokes approach to all information system breaches, which would apply criminal penalties for minor or non-malicious attacks, risks undermining Internet security,” said Green Party spokesman Jan Philipp Albrecht.
He said that the crimes of illegally accessing or interfering with information systems, illegally interfering with data, illegally intercepting communications or intentionally producing and selling tools used to commit these offences takes no account of “the important role played by white hat hackers.” White hat hackers infiltrate systems to test their security, rather than for any malicious purpose.
Albrecht also questioned whether the new laws would have any real effect in reducing malicious cyber attacks.
Tomi Engdahl says:
US intelligence chief admits spying on foreigners through Google
http://www.telegraph.co.uk/news/worldnews/northamerica/usa/10105097/US-intelligence-chief-admits-spying-on-foreigners-through-Google.html
James Clapper said the leak of details of the country’s domestic phone monitoring programme could cause “long-lasting and irreversible harm” to counter-terrorism efforts and admitted the US had targeted foreigners overseas through Facebook and Google.
Mr Clapper, the Director of National Intelligence, released an unusual late-night statement in response to the leak of a secret court order which shows the US is storing information on millions of calls made by Americans each day.
Mr Clapper accused The Guardian of giving a “misleading impression” of how the programme worked and said he had ordered parts of it to be declassified so Americans would understand “the limits of this targeted counterterrorism programme and the principles that govern its use”.
He insisted the programme was authorised under the Foreign Intelligence Surveillance Act, and targeted only “non-US persons” outside the United States, admitting the US had accessed the servers of internet companies such as Google, Facebook and Apple to spy on foreigners.
The statement came in response to the release of an order from the secret Foreign Intelligence Surveillance Court (FISC), which showed the government compelling a subsidiary of the phone company Verizon to hand over records all calls made on its network.
The records show the time, duration and location of each call but do not record what was actually said. It is not know whether the government has similar orders for all US phone companies.
Tomi Engdahl says:
Pirate Bay Warg accused of hacking international police database
Danish cops and taxmen also raided
http://www.theregister.co.uk/2013/06/07/pirate_bay_founder_named_as_suspect_in_paneuropean_police_database_hack/
Pirate Bay co-founder Gottfrid Svartholm Warg has been named as a suspect in the hacking of a European database containing data about wanted criminal suspects and missing people.
According to Denmark’s justice minister, two hackers are alleged to have accessed “some information” from the Schengen Information System, a controversial database which allows cops from 26 countries to share information. They are also accused of hacking into Denmark’s police driving register, which contains personal identity numbers, and databases held by the Tax Authority and the Modernisation Agency.
“I can fully understand people who are worried about a security failure involving police registers, and I can fully understand those who want an answer as to whether the failure has any influence on their affairs,” he added.
Before appearing in a Danish court Warg will first face trial in Sweden, where police have claimed a group of hackers accessed the personal data of thousands of people held by IT firm Logica, by hacking into the firm’s IBM mainframe
water and pollution says:
I just could not depart your site before suggesting that I extremely loved the usual info an individual supply in your guests? Is gonna be again regularly in order to check up on new posts
Tomi Engdahl says:
Boundless Informant: the NSA’s secret tool to track global surveillance data
http://www.guardian.co.uk/world/2013/jun/08/nsa-boundless-informant-global-datamining
Revealed: The NSA’s powerful tool for cataloguing global surveillance data – including figures on US collection
The National Security Agency has developed a powerful tool for recording and analysing where its intelligence comes from, raising questions about its repeated assurances to Congress that it cannot keep track of all the surveillance it performs on American communications.
The Guardian has acquired top-secret documents about the NSA datamining tool, called Boundless Informant, that details and even maps by country the voluminous amount of information it collects from computer and telephone networks.
The focus of the internal NSA tool is on counting and categorizing the records of communications, known as metadata, rather than the content of an email or instant message.
The Boundless Informant documents show the agency collecting almost 3 billion pieces of intelligence from US computer networks over a 30-day period ending in March 2013.
An NSA factsheet about the program, acquired by the Guardian, says: “The tool allows users to select a country on a map and view the metadata volume and select details about the collections against that country.”
Iran was the country where the largest amount of intelligence was gathered
The disclosure of the internal Boundless Informant system comes amid a struggle between the NSA and its overseers in the Senate over whether it can track the intelligence it collects on American communications. The NSA’s position is that it is not technologically feasible to do so.
“Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?”
“No sir,” replied Clapper.
Other documents seen by the Guardian further demonstrate that the NSA does in fact break down its surveillance intercepts which could allow the agency to determine how many of them are from the US. The level of detail includes individual IP addresses.
Tomi Engdahl says:
Edward Snowden: the whistleblower behind the NSA surveillance revelations
http://www.guardian.co.uk/world/2013/jun/09/edward-snowden-nsa-whistleblower-surveillance
The 29-year-old source behind the biggest intelligence leak in the NSA’s history explains his motives, his uncertain future and why he never intended on hiding in the shadows
The individual responsible for one of the most significant leaks in US political history is Edward Snowden, a 29-year-old former technical assistant for the CIA and current employee of the defence contractor Booz Allen Hamilton. Snowden has been working at the National Security Agency for the last four years as an employee of various outside contractors, including Booz Allen and Dell.
The Guardian, after several days of interviews, is revealing his identity at his request. From the moment he decided to disclose numerous top-secret documents to the public, he was determined not to opt for the protection of anonymity. “I have no intention of hiding who I am because I know I have done nothing wrong,” he said.
Snowden will go down in history as one of America’s most consequential whistleblowers, alongside Daniel Ellsberg and Bradley Manning. He is responsible for handing over material from one of the world’s most secretive organisations – the NSA.
He has had “a very comfortable life” that included a salary of roughly $200,000, a girlfriend with whom he shared a home in Hawaii, a stable career, and a family he loves. “I’m willing to sacrifice all of that because I can’t in good conscience allow the US government to destroy privacy, internet freedom and basic liberties for people around the world with this massive surveillance machine they’re secretly building.”
At the NSA office in Hawaii where he was working, he copied the last set of documents he intended to disclose.
He then advised his NSA supervisor that he needed to be away from work for “a couple of weeks” in order to receive treatment for epilepsy, a condition he learned he suffers from after a series of seizures last year.
Tomi Engdahl says:
Politicians require clarification the U.S. alleged NSA surveillance
In a press release, MPs Mikko Alatalo, Ari Tower digit and Mirja Vehkaperä believe that human safety is ensured, but in Western society is the safety of all in the name of not trample on fundamental rights.
- Finnish Constitution, the confidential messages is inviolable. Foreign online services may also be applied to the laws of the land. The United States under the laws of the security services have free access to foreign topics, as it happens in the U.S. through, the MPs point out.
Source: http://www.iltalehti.fi/uutiset/2013060817129225_uu.shtml
Tomi Engdahl says:
Code name ‘Verax’: Snowden, in exchanges with Post reporter, made clear he knew risks
http://www.washingtonpost.com/world/national-security/code-name-verax-snowden-in-exchanges-with-post-reporter-made-clear-he-knew-risks/2013/06/09/c9a25b54-d14c-11e2-9f1a-1a7cdee20287_story.html
Verax was the name he chose for himself, “truth teller” in Latin. I asked him early on, without reply, whether he intended to hint at the alternative fates that lay before him.
Edward Joseph Snowden, 29, knew full well the risks he had undertaken and the awesome powers that would soon be arrayed to hunt for him. Pseudonyms were the least of his precautions as we corresponded from afar. Snowden was spilling some of the most sensitive secrets of a surveillance apparatus he had grown to detest. By late last month, he believed he was already “on the X” — exposure imminent.
“I understand that I will be made to suffer for my actions, and that the return of this information to the public marks my end,” he wrote in early May
The U.S. intelligence community, he wrote, “will most certainly kill you if they think you are the single point of failure that could stop this disclosure and make them the sole owner of this information.”
I did not believe that literally, but I knew he had reason to fear.
To effect his plan, Snowden asked for a guarantee that The Washington Post would publish — within 72 hours — the full text of a PowerPoint presentation describing PRISM, a top-secret surveillance program that gathered intelligence from Microsoft, Facebook, Google and other Silicon Valley giants. He also asked that The Post publish online a cryptographic key that he could use to prove to a foreign embassy that he was the document’s source.
I told him we would not make any guarantee about what we published or when. (The Post broke the story two weeks later
Snowden replied succinctly, “I regret that we weren’t able to keep this project unilateral.” Shortly afterward he made contact with Glenn Greenwald of the British newspaper the Guardian.
Tomi Engdahl says:
29-Year Old NSA Whistleblower Makes Mindblowing Claims About What Kind Of Power He Had
http://www.businessinsider.com/edward-snowden-nsa-2013-6?op=1
The 12.5 minute video interview with Snowden is well worth your time, as there are many facets worth breaking down, including why he decided to risk his entire life in order to be a whistleblower.
Most shocking, perhaps, is the power that he claims to have had.
At one point he says: “I had full access to the full rosters of everyone working at the NSA, the entire intelligence community, and undercover assets all around the world.”
Earlier he claims: “Any analyst at any time can target anyone … I, sitting at my desk, certainly have the authorities to wiretap anyone — from you or your accountant, to a federal judge, to even the President.”
Tomi Engdahl says:
Spy Whistleblower Comes Forward, Says “NSA Routinely Lies”
http://techcrunch.com/2013/06/09/spy-whistleblower-comes-forward-says-nsa-routinely-lies/
The NSA whistleblower who exposed America’s massive spying operation has come out and taken an interview with the leak reporter, The Guardian‘s Glenn Greenwald. “The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your emails or your wife’s phone, all I have to do is use intercepts. I can get your emails, passwords, phone records, credit cards,” he said, in an interview taped in Hong Kong.
In response to officials downplaying the NSA’s targeting capability, “the NSA routinely lies in response to congressional inquiries about the scope of surveillance in America.”
Tomi Engdahl says:
Uproar over PRISM government surveillance
http://news.cnet.com/8301-33692_3-57588268-305/uproar-over-prism-government-surveillance/
The NSA’s PRISM program gathers data from Facebook and other online services, Xbox One will make it complicated to share games with friends, and Apple signs Sony for its iRadio music service.
Tomi Engdahl says:
The real story in the NSA scandal is the collapse of journalism
http://www.zdnet.com/the-real-story-in-the-nsa-scandal-is-the-collapse-of-journalism-7000016570/
Summary: A bombshell story published in the Washington Post this week alleged that the NSA had enlisted nine tech giants, including Microsoft, Google, Facebook, and Apple, in a massive program of online spying. Now the story is unraveling, and the Post has quietly changed key details. What went wrong?
Tomi Engdahl says:
Director of National Intelligence James Clapper condemns ‘rush to publish’
Read more: http://www.politico.com/story/2013/06/dni-james-clapper-guardian-washington-post-leaks-prism-92446.html#ixzz2VnvGJKIR
Tomi Engdahl says:
U.S. spy information: When the second worst was realized
On Friday, revealed the U.S. National Security Agency NSA direct access to the telephone records of American and Microsoft, Yahoo, Google, Facebook, Paltalk, Youtube, Skype, AOL, and Apple’s servers on the information or message traffic is big news.
On the other hand, it does not have it. This theory has been known for a long time. Since September 2001, provided for the Patriot Act gave the U.S. security authorities broad powers to unimaginable.
In 2008, the Foreign Intelligence Act adjusted
The war against terrorism is a reason that can justify many things. It legitimized the Patriot Act.
- The government has given itself the power to which it has no legitimacy. Public scrutiny is not. As a result, people like me can not go beyond what would be allowed, said the information leaked to the public and their own desire to become Edward Snowden The Guardian .
Your e-mail and the Internet cloud files on the server can be read. But what about other information, such as personal and corporate secrets?
Finland has a strong knowledge of information security, but the current will take abroad.
- Intelligence Organizations can create their own invisible Certificates to the spyware software is an effective way to disseminate the target machines, said the security company, SSH Communications Security , Tatu Ylönen It-week last week .
But what about the worst-case scenario?
It is a fact that the spy equipment extends to e-mails and internet servers, the data further – always up to your computer and your phone.
Source: http://www.iltasanomat.fi/digi/art-1288572719130.html
Tomi Engdahl says:
The sad wake up call: Americans access to the rest of the world data for four years
Europe is starting to wake up four years ago, the American Constitution provided for until now. U.S. authorities have had access to the rest of the world to save the file to the network for a long time. Checking out from being exposed enough to disagree with the U.S. being.
Privacy security researcher familiar with Caspar Bowden warns of European Americans saving files cloud storage services.
Many data stored in the cloud services without even realizing it. For example, many smartphones on the images are automatically stored copies of the network. In addition, ordinary consumers are using cloud storage to the music storage and back up your data files.
American consumers prefer cloud storage services including Dropbox, SkyDrive, iCloud, Google Drive and Amazon Cloud Drive.
Bowden According to the U.S. Foreign Intelligence Surveillance Act Amendment Act (which freely Foreign Intelligence Act amendments) to give the authorities the rights to view American foreign servers stored information without the right permission.
The original law was in 1978, and its cloud storage and the electronic monitoring of additions for the year 2008.
Bowden was drawn up by the European Parliament submitted a report outlining U.S. law permitting purely political reasons relating to non-resident non-Americans against the inquiry.
Source: http://www.iltasanomat.fi/digi/art-1288536977009.html
Tomi Engdahl says:
Fighting cyber crime and protecting privacy in the cloud -raport
http://www.europarl.europa.eu/committees/en/studiesdownload.html?languageDocument=EN&file=79050
Tomi Engdahl says:
Comment at http://www.theregister.co.uk/2013/06/10/palantir_denies_powering_prism_spy_system/
Anonymous Coward
I got down voted seriously when I said this sort of snooping was going on last year. Now who’s laughing.
I also said SSL and AES was insecure as the NSA wrote them. More downvotes on that. hahahahaha
Now here we are. Enjoy your US datacenters. We moved our ops to off shore centers five years ago and use 4096 bit encryption on all of our DB’s and comms. Little less efficient, but a damn sight more secure.
Google’s new motto: Ein Volk, Ein Reich, Ein Fuhrer.
Tomi Engdahl says:
Government Says Secret Court Opinion on Law Underlying PRISM Program Needs to Stay Secret
https://www.eff.org/deeplinks/2013/06/government-says-secret-court-opinion-law-underlying-prism-program-needs-stay
In a rare public filing in the secret Foreign Intelligence Surveillance Court (FISC), the Justice Department today urged continued secrecy for a 2011 FISC opinion that found the National Security Agency’s surveillance under the FISA Amendments Act to be unconstitutional. Significantly, the surveillance at issue was carried out under the same controversial legal authority that underlies the NSA’s recently-revealed PRISM program.
EFF filed a suit under the Freedom of Information Act in August 2012, seeking disclosure of the FISC ruling.
The government sought to block EFF’s FOIA suit by arguing that only the FISC, itself, can release the opinion.
Frankly, it’s difficult to understand what DOJ is saying. The Government seems to have a knee-jerk inclination towards secrecy, one that often – as in this case – simply defies logic. The government’s bottom line is this: their rules trump the public’s statutory rights.
The events of the past week have demonstrated that the public is angry about the NSA’s domestic surveillance program.
Tomi Engdahl says:
culture Hacking July 2013
Silent War
http://www.vanityfair.com/culture/2013/07/new-cyberwar-victims-american-business
On the hidden battlefields of history’s first known cyber-war, the casualties are piling up. In the U.S., many banks have been hit, and the telecommunications industry seriously damaged, likely in retaliation for several major attacks on Iran. Washington and Tehran are ramping up their cyber-arsenals, built on a black-market digital arms bazaar, enmeshing such high-tech giants as Microsoft, Google, and Apple. With the help of highly placed government and private-sector sources, Michael Joseph Gross describes the outbreak of the conflict, its escalation, and its startling paradox: that America’s bid to stop nuclear proliferation may have unleashed a greater threat.
Tomi Engdahl says:
Why didn’t tech company leaders blow the whistle?
https://mailman.stanford.edu/pipermail/liberationtech/2013-June/008815.html
We know what happened in the case of QWest before 9/11. They
contacted the CEO/Chairman asking to wiretap all the customers. After
he consulted with Legal, he refused. As a result, NSA canceled a
bunch of unrelated billion dollar contracts that QWest was the top
bidder for.
This CEO’s name is Joseph P. Nacchio and TODAY he’s still serving a
trumped-up 6-year federal prison sentence today for quietly refusing
an NSA demand to massively wiretap his customers.
Tomi says:
Evaluating Android Anti-malware against
Transformation Attacks
http://list.cs.northwestern.edu/mobile/droidchameleon_nu_eecs_13_01.pdf
Mobile malware threats (e.g., on Android) have recently become a real concern. In this paper, we evaluate the state-of-the-art commercial mobile anti-malware products for Android and test how resistant they are against various common obfuscation techniques (even with known malware).
Our results on ten popular commercial anti-malware applications for Android are worrisome: none of these tools is resistant against common malware transformation techniques. Moreover, a majority of them can be trivially defeated by applying slight transformation over known malware with little effort for malware authors.
Tomi Engdahl says:
Edward Snowden: saving us from the United Stasi of America
http://www.guardian.co.uk/commentisfree/2013/jun/10/edward-snowden-united-stasi-america
Snowden’s whistleblowing gives us a chance to roll back what is tantamount to an ‘executive coup’ against the US constitution
In my estimation, there has not been in American history a more important leak than Edward Snowden’s release of NSA material – and that definitely includes the Pentagon Papers 40 years ago. Snowden’s whistleblowing gives us the possibility to roll back a key part of what has amounted to an “executive coup” against the US constitution.
Since 9/11, there has been, at first secretly but increasingly openly, a revocation of the bill of rights for which this country fought over 200 years ago.
The government claims it has a court warrant under Fisa – but that unconstitutionally sweeping warrant is from a secret court, shielded from effective oversight, almost totally deferential to executive requests. As Russell Tice, a former National Security Agency analyst, put it: “It is a kangaroo court with a rubber stamp.”
Tomi Engdahl says:
A New Kind of Leaker for an Internet Age
http://www.nytimes.com/2013/06/11/business/media/nsa-leaker-is-a-new-kind-for-an-internet-age.html?pagewanted=all&_r=0
Edward Snowden, the 29-year-old man behind the recent revelations about the National Security Agency’s pursuit of phone and computer data, upended that history. He is a new kind of leaker of the wired age: an immediately visible one with a voice and the means to go direct with the public. In a era of friction-free Web communication, he disdained the shadows and stepped into view with a lengthy video interview he gave to The Guardian, which broke the story based on information he provided. He stated his motivation plainly, saying, “The public needs to decide whether these programs and policies are right or wrong.”
Tomi Engdahl says:
How we broke the NSA story
http://www.salon.com/2013/06/10/qa_with_laura_poitras_the_woman_behind_the_nsa_scoops/
Exclusive: Laura Poitras tells Salon about getting contacted by Edward Snowden, and reveals more footage is coming
Tomi Engdahl says:
Investigators looking into how Snowden gained access at NSA
http://www.washingtonpost.com/world/national-security/investigators-looking-at-how-snowden-gained-access-at-nsa/2013/06/10/83b4841a-d209-11e2-8cbe-1bcbee06f8f8_story.html
Counterintelligence investigators are scrutinizing how a 29-year-old contractor who said he leaked top-secret National Security Agency documents was able to gain access to what should be highly compartmentalized information, according to current and former administration and intelligence officials.
Edward J. Snowden worked as a systems administrator at an NSA Threat Operations Center in Hawaii, one of several such facilities that are tasked with detecting threats to government computer systems. He has previously worked for the CIA, U.S. officials said.
Among the questions is how a contract employee at a distant NSA satellite office was able to obtain a copy of an order from the Foreign Intelligence Surveillance Court, a highly classified document that would presumably be sealed from most employees and of little use to someone in his position.
Snowden, who said he leaked top-secret documents to expose abuse and not to cause damage to the United States, told the Guardian that he had “full access to the rosters of everyone working at the NSA, the entire intelligence community, and undercover assets all around the world, the locations of every station we have, what their missions are and so forth.”
One former NSA official said the NSA employs layers of security to scrutinize employees, including keystroke-monitoring systems to identify potential breaches or unwarranted searches of NSA databases.
“The spy you want in an organization may not be the executive assistant to the secretary of state; it may be the guy in the bowels of the IT department because he has system-administrator privileges and because that person is also in a position to insert malware into your system to facilitate remote access,” Brenner said.
Snowden said he left the CIA in 2009 to work for the NSA through two private contractors, first at a Dell computers operation in Columbia, Md., and then at Booz Allen Hamilton.
Tomi Engdahl says:
US lawmakers call for review of Patriot Act after NSA surveillance revelations
http://www.guardian.co.uk/world/2013/jun/10/patriot-act-nsa-surveillance-review
White House insists it welcomes ‘appropriate debate’ after Republican leadership questions implementation of security act
The White House has said it would consider congressional calls to review the Patriot Act after conceding that revelations over the scale of US surveillance activity had sparked “an appropriate debate”.
The legislation, which was introduced after the 9/11 attacks, has been cited as the legal basis for the National Security Agency scouring billions of ordinary US telephone records in an effort to combat terrorism.
But even one it authors, Republican Jim Sensenbrenner, has questioned whether the act has been misapplied in the cases revealed to the Guardian by former CIA whistleblower Edward Snowden.
Senior Republicans tave also spoken out against the “unprecedented and intrusive surveillance” revealed by Snowden, joining a growing alliance of politicians from left and right voicing concern.
“We have an administration today that is taking alarming steps to infringe upon our rights in the name of consolidating their power,” he told a group of grassroots activists in San Antonio.
“If the seizure and surveillance of Americans’ phone records – across the board and with little to no discrimination – is now considered a legitimate security precaution, there is literally no protection of any kind guaranteed anymore to American citizens,”
Tomi Engdahl says:
Connecting The PRISM Dots: My New Theory
http://uncrunched.com/2013/06/11/connecting-the-prism-dots-my-new-theory/
Tomi Engdahl says:
1-in-10 e-tomes ‘are self-published’… most are ‘rubbish’ says book ed
Publishing man scoffs at go-it-alone writers, ursines still fouling in forests
http://www.theregister.co.uk/2013/06/11/ebook_self_published_market_share/
Self-published ebooks now account for 12 per cent of the entire digital book market, according to new research, and also have up to a fifth of the genre fiction market.
A full 20 per cent of crime, romance, sci-fi, fantasy and humour ebooks sold are self-published, although authors who go it alone in graphic novels, food and drink and children’s non-fiction ebooks are only nabbing five per cent of the sales, Bowker Market Research found.
Tomi Engdahl says:
IT security: Lost in the cloud? 7 warnings for enterprises
http://www.cablinginstall.com/articles/2013/06/cloud-security-tips.html
To ensure data security, Gonzalez recommends that enterprises start by asking these 7 baseline questions of their cloud providers:
1. Who has access to your confidential corporate information?
2. Where does the data reside?
3. How will the cloud impact E-Discovery?
4. What happens if you need to migrate your data to a new provider?
5. How would a security breach be handled?
6. What about liability, intellectual property and data jurisdiction?
7. Does the cloud provider meet all regulatory compliance standards?
Tomi Engdahl says:
Google’s Real Secret Spy Program? Secure FTP
http://www.wired.com/threatlevel/2013/06/google-uses-secure-ftp-to-feds/
Google does not participate in any government program involving a lockbox or other equipment installed at its facilities to transfer court-ordered data to the government, a company spokesman says, refuting with some finality one of the lingering theories about the NSA’s PRISM program.
Instead the company transmits FISA information the old fashioned way: by hand, or over secure FTP.
“When required to comply with these requests, we deliver that information to the US government — generally through secure FTP transfers and in person,” Google spokesman Chris Gaither told Wired. “The US government does not have the ability to pull that data directly from our servers or network.”
Secure FTP is a standard utility on Unix and Linux system for transferring files over an encrypted channel.
Tomi Engdahl says:
Google Seeks OK From Feds to Disclose Stats on Secret Court Orders
http://www.wired.com/threatlevel/2013/06/google-fisa-requests/
Tomi Engdahl says:
Justice Dept. weighs Google’s request to lift NSA gag order
http://news.cnet.com/8301-13578_3-57588845-38/justice-dept-weighs-googles-request-to-lift-nsa-gag-order/?part=rss&subj=news&tag=title
Microsoft, Google, and Facebook are asking the Obama administration for permission to clear their names by disclosing surveillance details. The Justice Department has not yet responded.