Category Archives: Analysis

Trump’s Mar-a-Lago is heaven — for spies

Politico reports: President Donald Trump relishes the comforts of his Mar-a-Lago estate for repeated weekends away from Washington, but former Secret Service and intelligence officials say the resort is a security nightmare vulnerable to both casual and professional spies.

While Trump’s private club in South Florida has been transformed into a fortress of armed guards, military-grade radar, bomb sniffing dogs and metal-detection checkpoints, there are still notable vulnerabilities, namely the stream of guests who can enter the property without a background check.

And security experts warn that the commander in chief’s frequent visits — four since he took office in January — afford an unprecedented opportunity for eavesdropping and building dossiers on the president’s routines and habits, as well as those of the inner circle around him. They add that with each repeat visit, the security risk escalates.

“The president is the biggest, richest intelligence target in the world, and there is almost no limit to the energy and money an adversary will spend to get at him,” said David Kris, a former Obama-era assistant attorney general for national security.

Former Secret Service agents said the setup at Mar-a-Lago and the president’s other regular clubs presents challenges that their agency wasn’t built to deal with. The Service’s main job is to protect the president from physical threats and monitoring for wiretaps and other listening devices — but not from the kinds of counterespionage challenges presented by the president’s choice to eat, sleep and work at a club accessible to anyone who can get a member to invite them in. [Continue reading…]

Facebooktwittermail

Steve Bannon’s mission to destroy the European Union

Michael Crowley writes: It was the day after Britain voted to leave the European Union in June, and the Western world was still absorbing the shock. With no clear plan for what would come next, the globe’s fifth-biggest economy had abruptly announced a divorce from the neighbors it had been trading with for nearly 45 years. Markets plunged. “A calamity,” declared the New York Times. “Global panic,” proclaimed one London headline.

Steve Bannon had a different reaction. He booked the calamity’s chief architect as a guest on his radio show to celebrate.

This was then still weeks before Bannon emerged into the national spotlight as CEO of Donald Trump’s struggling presidential campaign. Bannon was an executive at Breitbart News, an activist-editor-gadfly known mostly on the far right, and the “Brexit” campaign was something of a pet project. He hitched onto the Tea Party movement early in Barack Obama’s presidency and noticed a similar right-populist wave rising across the Atlantic, where fed-up rural, white Britons were anxious about immigration and resentful of EU bureaucrats. The cause touched on some of Bannon’s deepest beliefs, including nationalism, Judeo-Christian identity and the evils of Big Government. In early 2014, Bannon launched a London outpost of Breitbart, opening what he called a new front “in our current cultural and political war.” The site promptly began pointing its knives at the EU, with headlines like “The EU Is Dead, It Just Refuses to Lie Down”; “The European Union’s Response to Terrorism Is a Massive Privacy Power Grab”; “Pressure on Member States to Embrace Trans Ideology.” One 2014 article invited readers to vote in a poll among “the most annoying European Union rules.”

Bannon’s site quickly became tightly entangled with the United Kingdom Independence Party, a fringe movement with the then-outlandish goal of Britain’s exit from the EU. In October 2014, UKIP’s leader, Nigel Farage, poached a Breitbart London editor to work for him. That September, Bannon hosted a dinner for Farage at his Capitol Hill townhouse. Standing under a large oil painting by the fireplace, Farage delivered a speech that left the dozens of conservative leaders in attendance “blown away,” as Bannon later recalled. [Continue reading…]

Facebooktwittermail

Who are the Sufis and why does ISIS see them as threatening?

By Peter Gottschalk, Wesleyan University

On Feb. 16, 2017, a bomb ripped through a crowd assembled at the tomb of a Sufi saint, Lal Shahbaz Qalandar, in southeastern Pakistan. Soon thereafter, the so-called Islamic State claimed responsibility for the attack. The Conversation

In recent times, such attacks have targeted a variety of cherished sites and individuals in Pakistan. These have ranged from the 2010 bombing of the tomb of another Sufi saint, Data Ganj Bakhsh, to the murder of a popular Sufi singer, Amjad Sabri, in 2016.

As a scholar of Muslim and Hindu traditions, I’ve long appreciated the various and influential roles that Sufis and their tombs play in South Asian communities. From my perspective, the repercussions of such violence go far beyond the scores of bodies strewn around the damaged shrine and the devastated families in one geographical region.

Many Muslims and non-Muslims around the globe celebrate Sufi saints and gather together for worship in their shrines. Such practices, however, do not conform to the Islamic ideologies of intolerant revivalist groups such as the Islamic State.

Here’s why they find them threatening.

Continue reading

Facebooktwittermail

Kim Jong-un knows what he is doing and his policies are working

Andrei Lankov writes: Kim Jong-un’s administration continues to implement economic reforms, even though, unlike missile tests and overseas assassinations, these reforms seldom attract the attention of the world media.

In essence, these reforms are strikingly similar to what China did in the late 1970s. In North Korea, the Soviet-style command economy is gradually dismantled, while market economy and private entrepreneurship is increasingly accepted and encouraged.

For example, the state-run and state-owned farms have been largely disbanded in recent years, and family farms gradually became the country’s major agricultural production units. The results were predictable: a significant increase in food production.

These events demonstrate the three major dimensions of Kim Jong-un’s policy: he is strengthening his ability to deter a foreign attack, he is eliminating possible rivals in the country elite, and he is speeding up market-oriented – and rather successful – economic reforms.

These three policies serve one overriding goal: to keep Kim in power. The hereditary leader of North Korea wants to stay in power indefinitely, and thus he is trying to deal with the three major threats which he thinks might bring him and his regime down. [Continue reading…]

Facebooktwittermail

If Tillerson doesn’t raise his profile, Bannon will control foreign policy

David Ignatius writes: Rex Tillerson is off to an agonizingly slow start as secretary of state. That matters, because if Tillerson doesn’t develop a stronger voice, control of foreign policy is likely to move increasingly toward Stephen K. Bannon, the insurgent populist who is chief White House strategist.

Tillerson’s State Department has been in idle gear these past two months. He doesn’t have a deputy or other top aides. His spokesman can’t give guidance on key issues, because decisions haven’t yet been made. Tillerson didn’t attend important meetings with foreign leaders.

As a former chief executive of ExxonMobil, Tillerson is accustomed to a world where a visible display of power is unnecessary, corporate planning is meticulous and office politics are suppressed. But this is Washington.

“I am an engineer by training. I seek to understand the facts,” Tillerson said at his confirmation hearing. That sounds reassuring, but it doesn’t fit the glitzy, backstabbing capital that spawned the television series “House of Cards.” [Continue reading…]

Facebooktwittermail

Marines have battled misogyny for years. Will it be different this time?

Marine Times reports: Although the Marine Corps was quick to condemn the secretive “Marines United” Facebook group, the Corps’ leadership has known for years about websites that encourage misogyny and cyber bullying of female Marines, veterans and other women.

Four years ago, Rep. Jackie Speier, D-Calif., warned then-Commandant Gen. James Amos that male Marines were harassing their female counterparts on Facebook pages.

“Back in 2013 then-Commandant Gen. Amos wrote to me saying, ‘We share your indignation,’ regarding deplorable images on social media that denigrate women in the United States Marine Corps,” Speier said in a Wednesday speech on the House floor.

“They were words — just words. I fear military leadership will say anything to placate Congress and an outraged public but then do nothing.”

While the Marine Corps is moving rapidly to deal with the fallout from the scandal, it is unclear whether the Corps will have any more success than it has in the past in stopping cyber bullying and online harassment.

The latest revelations have sparked a criminal investigation amid allegations that Marines and others were posting “revenge porn” and encouraging sexual assault, potential violations of the Uniform Code of Military Justice.

The potential crimes were first reported by Marine Corps veteran Thomas Brennan and published by the Center for Investigative Reporting’s Reveal on March 4.

Speier is now calling on Defense Secretary James Mattis, a retired Marine general, to ensure that the Marines involved with “Marines United” face consequences for their actions.

“That means heads should roll,” she said. “Talk is cheap. Action is what is needed for the integrity of the military. Survivors must be supported, and that will only happen if those bad Marines are drummed out of the Corps — with no exceptions.” [Continue reading…]

Facebooktwittermail

With Trump in White House, his golf properties prosper

The New York Times reports: It is a golden age for golf — at least as far as the Trump Organization is concerned.

On Memorial Day weekend, the Senior P.G.A. Championship will be held at the Trump National Golf Club in suburban Washington. In July, the company’s course in Bedminster, N.J., is hosting another major event, the United States Women’s Open. The company is also bidding to host the Scottish Open or a half-dozen other possible professional tournaments at courses it owns in spots around the world from Miami to Dubai.

“The stars have all aligned,” Eric Trump, who as executive vice president of the Trump Organization oversees all its golf properties, said on Thursday morning, while sipping an iced tea at the restaurant inside the Trump International Hotel before appearing at a promotional event for the Memorial Day tournament. “I think our brand is the hottest it has ever been.”

What he did not mention at the news conference, while the cameras were rolling, is the product placement of incalculable value that is helping boost the Trump Organization’s golf courses: his father.

President Trump has given the family’s global inventory of golf courses — 15 that it owns, one that it manages in Dubai and three others under construction — a new level of international attention. He has returned to his home at Mar-a-Lago resort in Palm Beach, Fla., for four out of the last five weekends in office to play golf at two of his nearby courses, including rounds with the prime minister of Japan. Before he was sworn in, Mr. Trump spent days interviewing potential cabinet members at his Bedminster course. In total, Mr. Trump has played golf at least seven times since he was inaugurated — each time at his family’s own courses. [Continue reading…]

Facebooktwittermail

With a show of Stars and Stripes, U.S. forces in Syria try to keep warring allies apart

The Washington Post reports: The U.S. military is getting drawn into a deepening struggle for control over areas liberated from the Islamic State that risks prolonging American involvement in wars in Syria and Iraq long after the militants are defeated.

In their first diversion from the task of fighting the Islamic State since the U.S. military’s involvement began in 2014, U.S. troops dispatched to Syria have headed in recent days to the northern town of Manbij, 85 miles northwest of the extremists’ capital, Raqqa, to protect their Kurdish and Arab allies against a threatened assault by other U.S. allies in a Turkish-backed force.

Russian troops have also shown up in Manbij under a separate deal that was negotiated without the input of the United States, according to U.S. officials. Under the deal, Syrian troops are to be deployed in the area, also in some form of peacekeeping role, setting up what is effectively a scramble by the armies of four nations to carve up a collection of mostly empty villages in a remote corner of Syria. [Continue reading…]

Facebooktwittermail

Arctic sea ice continues its astonishing streak of lows

Climate Central reports: Here’s your monthly reminder: something just isn’t right in the Arctic. February continued a string of record or near-record monthly sea ice lows.

Warm weather ensured Arctic sea ice hit its lowest extent ever recorded for February. Sea ice covered 5.51 million square miles, which is 455,600 square miles below average or a chunk of missing sea ice four times the size of Italy. That just isn’t normal.

Parts of the region averaged up to 9°F above normal, according to new data released by the National Snow and Ice Data Center. In what’s been a recurring theme this winter in the Arctic, incursion after incursion of warm air has kept the region astonishingly mild for this time of year. [Continue reading…]

Facebooktwittermail

The truth about the WikiLeaks CIA cache

Zeynep Tufekci writes: On Tuesday morning, WikiLeaks released an enormous cache of documents that it claimed detailed “C.I.A. hacking tools.” Immediately afterward, it posted two startling tweets asserting that “C.I.A. hacker malware” posed a threat to journalists and others who require secure communication by infecting iPhone and Android devices and “bypassing” encrypted message apps such as Signal and WhatsApp.

This appeared to be a bombshell. Signal is considered the gold standard for secure communication. WhatsApp has a billion users. The C.I.A., it seemed, had the capacity to conduct sweeping surveillance on what we had previously assumed were our safest and most private digital conversations.

In their haste to post articles about the release, almost all the leading news organizations took the WikiLeaks tweets at face value. Their initial accounts mentioned Signal, WhatsApp and other encrypted apps by name, and described them as “bypassed” or otherwise compromised by the C.I.A.’s cyberspying tools.

Yet on closer inspection, this turned out to be misleading. Neither Signal nor WhatsApp, for example, appears by name in any of the alleged C.I.A. files in the cache. (Using automated tools to search the whole database, as security researchers subsequently did, turned up no hits.) More important, the hacking methods described in the documents do not, in fact, include the ability to bypass such encrypted apps — at least not in the sense of “bypass” that had seemed so alarming. Indeed, if anything, the C.I.A. documents in the cache confirm the strength of encryption technologies. [Continue reading…]

Facebooktwittermail

Britain is an immigrant nation

Rachel Shabi writes: The central exhibit of the Museum of Immigration and Diversity is the building itself. Located in London’s East End, it straddles the Docklands to its east, where new arrivals to Britain once hit dry land, and to its west the city, whose shiny office towers stand as the symbols of wealth and opportunity that have attracted so many newcomers.

This unassuming Georgian building on 19 Princelet Street has migration written into its bricks and mortar. Built in 1719, the house was once home to Huguenots fleeing persecution from Catholic France, and then to families forced to leave Ireland during the potato famine of the 1840s. Later in the 19th century, Jewish refugees from pogroms in Russia and Eastern Europe turned the garden into a small synagogue. In the 1930s, the Jewish East Enders used the basement to hold meetings for the movement that faced down the fascist Blackshirts in the famous Battle of Cable Street.

The period that followed bequeathed one of the nation’s most enduringly positive immigration stories. Just before World War II, Britain took in some 10,000 mostly Jewish children through the Kindertransport rescue program. Last year, one of those children, Alf Dubs, a Labour member of the House of Lords, won popular support for his campaign to bring 3,000 unaccompanied child refugees into the country.

In the postwar period, the Princelet Street house and surrounding streets were home to new migrant communities — from Bangladesh, the Caribbean and, most recently, Eastern Europe. Much like New York’s landmark Lower East Side Tenement Museum, the Museum of Immigration and Diversity intertwines all these strands. Each room showcases a different aspect of the immigrant experience, narrating histories through objects, diaries and recordings.

In a larger way, of course, the very story of Britain has always been one of migrants. Poke around behind Britain’s currently rigid surface of chauvinism and a composite picture emerges — of Romans, Vikings, Celts, Normans, Jews, Indians, Chinese, Africans and more. The whole country is a living museum of immigration — if only its people would acknowledge it.

But Brexit Britain, you might suppose, is not a country much inclined to hear migration stories. Whatever else can be read into the referendum vote to leave the European Union, it was characterized by hostility about the flow of people to Britain and campaigning that played heavily on fears of immigration. [Continue reading…]

Facebooktwittermail

Assad is a long way from victory in Syrian conflict

David Gardner writes: The expression “you break it, you own it” became a geopolitical jingle after the US in 2003 used a bull to liberate the china shop of Iraq, where their soldiers still find themselves, hundreds of billions of dollars later, fighting the most virulent jihadis yet. But translated into Russian for Syria, the meaning would appear to be: “we break it, you pay for it, but we and our friends own it”.

No doubt the Kremlin sees signs the US under President Donald Trump has ditched any idea of toppling President Assad. In Europe, moreover, political panic about any further surge of migrants and refugees from the region seems paramount.

Yet the confidence of Moscow — and Tehran — should not hide the fact that they have a real and costly dilemma on their hands in Syria.

First, the extent to which the Assad government controls the roughly 35 per cent of Syrian territory it holds is moot. The manpower shortages of a minority regime have made it dependent on Russia, Iran and powerful paramilitaries such as Lebanon’s Hizbollah. Damascus has had to subcontract local control to a mosaic of warlords and militias, private armies and racketeers — all invested in the lucrative distortions of a war economy characterised by penury for the mass of Syrians, roughly half of whom have been uprooted. There is nothing stable about that.

Second, to what extent are Russia and Iran willing to assist the Assads in breaking out of their mini-state and reconquering the rest of Syria?

The Syrian state almost certainly does not have the numbers to retake and garrison eastern Syria. Look at how Palmyra in central Syria keeps changing hands — the regime has only just recaptured this Graeco-Roman jewel after it fell to Isis for a second time in December while the focus was on Aleppo. Palmyra, moreover, was taken back after US air strikes on Isis there. The Syrian conflict is protean and shape-changing, but President Assad would be unwise to bet the palace on the recurrence of such a weird coalition.

Third, ostensible control of “useful Syria” is false comfort. Aside from the security fact that much of the rest is jihadi-infested, this implies the east is almost all “useless” desert. It is not. The resilience of the almost 50-year-old Assad regime required the energy resources and crops of the east. Raqqa, Hasaka and Deir Ezzor provinces produced 60 per cent of the country’s cereals, 75 per cent of its cotton, and all its oil and gas in 2010, before the rebellion. Far from useless, the east is essential to a regime recovering minimal self-sufficiency. Syria’s power-generating capacity, dependent on gasfields in the east, is about a quarter of what it was before the war. [Continue reading…]

Facebooktwittermail

How the CIA’s hacking hoard makes everyone less secure

Andy Greenberg writes: When Wikileaks yesterday released a trove of documents purporting to show how the CIA hacks everything from smartphones to PCs to smart televisions, the agency’s already shadowy reputation gained a new dimension. But if you’re an average American, rather than Edward Snowden or an ISIS jihadi, the real danger clarified by that leak wasn’t that someone in Langley is watching you through your hotel room’s TV. It’s the rest of the hacker world that the CIA has inadvertently empowered.

As security researchers and policy analysts dig through the latest WikiLeaks documents, the sheer number of hacking tools the CIA has apparently hoarded for exploiting zero-day vulnerabilities—secret inroads that tech firms haven’t patched—stands out most. If the US intelligence community knows about them, that leaves open the possibility that criminal and foreign state hackers do as well.

Its broad zero-day stash, then, strongly suggests that the CIA—along with other intelligence agencies—has long allowed Americans to remain vulnerable to those same attacks. Now that those hacking secrets are public, potentially along with enough details to replicate them, the danger of the feds leaving major security flaws unfixed only escalates.

“If the CIA can use it, so can the Russians, or the Chinese or organized crime,” says Kevin Bankston, the director of the New America Foundation’s Open Technology Institute. “The lesson here, first off, is that stockpiling a bunch of vulnerabilities is bad for cybersecurity. And two, it means they’re likely going to get leaked by someone.”

It’s no surprise, of course, that one of America’s most well-resourced spy agencies can hack its foreign adversaries. The shock, says Johns Hopkins cryptographer Matt Green, comes instead from the sudden spill of those hacking tools onto the web. “In the same way the military would probably have one technique for killing every single tank in an enemy’s arsenal, you would expect the CIA to collect the same thing,” says Green. “What’s different is that we’re seeing them out in public.”

In fact, WikiLeaks wrote in a note accompanying its Tuesday release that “the archive appears to have been circulated among former US government hackers and contractors in an unauthorized manner.” That raises the possibility the full document set, along with actual exploit details or code, may have fallen into the hands of hackers long before it was published in part by WikiLeaks. [Continue reading…]

Facebooktwittermail

Why does Donald Trump repeatedly behave like a cornered rat?

Nicholas Kristof writes: When friends press me about what I think happened, I tell them that my best guess is that there wasn’t a clear-cut quid pro quo between Trump and Putin to cooperate in stealing the election, but rather something more ambiguous and less transactional — partly because Putin intended to wound Clinton and didn’t imagine that Trump could actually win. Yet I wouldn’t be surprised if the Trump team engaged in secret contacts and surreptitious messages, and had advance knowledge of Russia’s efforts to attack the American political process. And that would be a momentous scandal.

One reason I’m increasingly suspicious is Trump’s furious denunciations of the press and of Barack Obama, to the point that he sometimes seems unhinged. Journalists have learned that when a leader goes berserk and unleashes tirades and threats at investigators, that’s when you’re getting close. [Continue reading…]

Facebooktwittermail

The Deep State is a figment of Steve Bannon’s imagination

Loren DeJonge Schulman writes: Here’s a handy rule for assessing the credibility of what you’re reading about national security in the Trump era: If somebody uses the term “Deep State,” you can be pretty sure they have no idea what they’re talking about.

The phrase’s appeal is undeniable. The notion of a shadowy network pulling the strings in Washington is an attractive one to an embattled White House and its political opponents, shorthand-employing commentators and conspiracy theorists alike. But uncritical use of this canard is lazy at best and counterproductive at worst. The term, which political scientists invented to refer to the networks of generals and spymasters that rule many authoritarian states around the world, has migrated from leftist critics of U.S. foreign policy to the alt-right advisers running the White House. As a card-carrying former member of America’s vast national security bureaucracy, I find it offensive. But I also find it offensive as an analyst, because it’s a deeply misleading way to understand how the U.S. government really works.

So what is — or isn’t — the Deep State?

Let’s start with standard insinuations of the phrase. There are more than 2 million civilian executive branch employees (not counting the U.S. military or portions of the intelligence community, which does not fully report employment numbers). At least half of that number work in an agency related to national security, broadly defined. When combined with the million-plus uniformed military and support system of contractors, this is an unwieldy group. A mix of hard-working patriots, clock-punchers, technocrats, veterans and scammers, these folks swear the same oath to defend the Constitution.

Hollywood bears much of the blame in portraying this group as some combination of Rambo, the All-Seeing Eye of Mordor and the cast of Homeland — an omniscient guerilla force unaccountable to any authority. Reality is less made for the big screen; if, say, “Zero Dark Thirty” had been true to life, it likely would have been a single shot of 100 hours of lawyers’ meetings. The national security bureaucracy does wield awe-inspiring capabilities that could be disastrous if abused; months sitting through the Obama administration’s surveillance policy review made that clear. But while civil servants and military personnel do pledge to defend the Constitution, it is not only the goodness of their hearts but a complex web of legal, congressional, bureaucratic and political oversight that guards against such risks. These checks are met with both grumbles and keen awareness of how they set the U.S. rule of law apart from, say, Russia. These systems are not foolproof, and could undoubtedly be improved. The flaws of the administrative state — ranging from redundancy and waste to self-interested bloat to inability to innovate to scandalous incidents of corruption — have been well documented, its day-to-day successes far less so. But find me an alternative to the national security bureaucracy, or find me a functioning state without one. [Continue reading…]

Facebooktwittermail

Wikileaks files show the CIA repurposing hacking code to save time, not to frame Russia

The Intercept reports: Attributing hacking attacks to the correct perpetrators is notoriously difficult. Even the U.S. government, for all its technical resources and expertise, took warranted criticism for trying to pin a high-profile 2014 cyberattack on North Korea, and more recently faced skepticism when it blamed Russia for hacks against top Democrats during the 2016 election.

In those cases, government officials said they based their attribution in part on software tools the hackers employed, which had been used in other cyberattacks linked to North Korea and Russia. But that sort of evidence is not conclusive; hackers have been known to intentionally use or leave behind software and other distinctive material linked to other groups as part of so-called false flag operations intended to falsely implicate other parties. Researchers at Russian digital security firm Kaspersky Lab have documented such cases.

On Tuesday, Wikileaks published a large cache of CIA documents that it said showed the agency had equipped itself to run its own false-flag hacking operations. The documents describe an internal CIA group called UMBRAGE that Wikileaks said was stealing the techniques of other nation-state hackers to trick forensic investigators into falsely attributing CIA attacks to those actors. According to Wikileaks, among those from whom the CIA has stolen techniques is the Russian Federation, suggesting the CIA is conducting attacks to intentionally mislead investigators into attributing them to Vladimir Putin.

“With UMBRAGE and related projects, the CIA can not only increase its total number of attack types, but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from,” Wikileaks writes in a summary of its CIA document dump

It’s a claim that seems intended to shed doubt on the U.S. government’s attribution of Russia in the DNC hack; the Russian Federation was the only nation specifically named by Wikileaks as a potential victim of misdirected attribution. It’s also a claim that some media outlets have accepted and repeated without question.

“WikiLeaks said there’s an entire department within the CIA whose job it is to ‘misdirect attribution by leaving behind the fingerprints’ of others, such as hackers in Russia,” CNN reported without caveats.

It would be possible to leave such fingerprints if the CIA were re-using unique source code written by other actors to intentionally implicate them in CIA hacks, but the published CIA documents don’t say this. Instead they indicate the UMBRAGE group is doing something much less nefarious.

They say UMBRAGE is borrowing hacking “techniques” developed or used by other actors to use in CIA hacking projects. This is intended to save the CIA time and energy by copying methods already proven successful. If the CIA were actually re-using source code unique to a specific hacking group this could lead forensic investigators to mis-attribute CIA attacks to the original creators of the code. But the documents appear to say the UMBRAGE group is writing snippets of code that mimic the functionality of other hacking tools and placing it in a library for CIA developers to draw on when designing custom CIA tools. [Continue reading…]

Facebooktwittermail

Russia turns Wikileaks CIA dump into disinformation

Kevin Poulsen reports: For the second time in a matter of months, U.S. intelligence agencies have suffered a devastating breach of their hacking secrets.

But unlike the last breach in August, an American Central Intelligence Agency worker, not Russian hackers, is the most likely source of a new tranche of documents detailing the methods and tools used by the CIA to steal secrets from foreign governments and terror groups — though some experts have seen signs that Russia is working overtime to take advantage of the disclosure.

Tuesday’s document dump, titled “Vault 7, Year Zero” by WikiLeaks, details the capabilities and culture within the CIA’s secretive Center for Cyber Intelligence in Langley, Virginia. The leak portrays a robust, if not unique, computer-intrusion capability inside the CIA, accented by a few James Bond novelties, like special snooping software intended to be carried into an adversary’s lair on a thumb drive, where a CIA asset plugs it into a USB port. Another program, code-named Weeping Angel, turns a Samsung smart TV into a covert listening device.

The leak follows an incident last August when a mysterious group or individual called the Shadow Brokers began publishing hacking tools stockpiled by the NSA’s elite Tailored Access Operations group, including dozens of backdoor programs and 10 exploits. Experts suspected the Shadow Brokers were a shot across the bow by Russia’s intelligence services.

But the CIA leak could be worse for U.S. intelligence, because it includes code from the agency’s malware development frameworks. Using that code, security experts and counterintelligence agents could sniff out a variety of CIA malware. “For the CIA this is huge loss,” said Jake Williams, founder of Rendition Infosec. “For incident responders like me, this is a treasure trove.” [Continue reading…]

Facebooktwittermail

Wikileaks and the CIA’s hacking arsenal

Julian Sanchez writes: It’s a cliche of political scandals that “the coverup is worse than the crime”: Attempts to conceal misconduct, because they’re easier to prove and provide otherwise elusive evidence of a guilty mind, often end up being more politically damaging than the underlying misconduct would have been. In the case of the latest Wikileaks document dump, the first in a planned series from a cache the site has dubbed “Vault 7,” we have an apparent reversal of the formula: The un-coverup—the fact of the leak itself—is probably more significant than the substance of what has thus far been revealed.

There are, of course, some points of real interest in the archive of documents, mostly concerning an array of hacking tools and software exploits developed or used by the Central Intelligence Agency’s Engineering Development Group — and it’s likely more will emerge as reporters and analysts churn through more than 8,000 files and documents. We’ve confirmed that the CIA has hung onto and exploited at least a handful of undisclosed “zero day” vulnerabilities in widely-used software platforms, including Apple’s iOS and Google’s Android, the operating systems on which nearly all modern smartphones run.

We also learn that — as many of us expected — the obstacles to conventional wiretapping posed by the growing prevalence of encryption have spurred intelligence agencies to hunt for alternative means of collection, which include not only compromising communications endpoints such as smartphones, but also seeking to repurpose networked appliances on the Internet of Things as surveillance devices. The latter goal has even spawned its own research department, the Embedded Development Branch.

Still, in light of what we already knew about the National Security Agency’s own efforts along similar lines, thanks to Edward Snowden’s disclosures about the agency’s Tailored Access Operations division, this is—at least from a policy perspective—not so much revelation as confirmation. Moreover, there’s little here to suggest surveillance that’s either aimed at Americans or indiscriminate, the features that made Snowden’s leaks about NSA surveillance so politically explosive. One of the more widely-reported projects in Vault 7, for instance, has been the Doctor Who — referencingWeeping Angel” implant, which can turn Samsung televisions into surveillance microphones even when they appear to be turned off. Yet, at least at the time the documentation in the Wikileaks release was written, Weeping Angel appeared to require physical access to be installed—which makes it essentially a fancy and less detectable method of bugging a particular room once a CIA agent has managed to get inside. This is all fascinating to surveillance nerds, to be sure, but without evidence that these tools have been deployed either against inappropriate targets or on a mass scale, it’s not intrinsically all that controversial. Finding clever ways to spy on people is what spy agencies are supposed to do. [Continue reading…]

Facebooktwittermail