Category Archives: Five Eyes

How Dick Cheney remade our world

f13-iconMark Danner writes: Almost exactly a decade ago, Vice President Dick Cheney greeted President George W. Bush one morning in the Oval Office with the news that his administration was about to implode. Or not quite: Cheney let the president know that something was deeply wrong, though it would take Bush two more days of increasingly surprising revelations, and the near mass resignation of his senior Justice Department and law enforcement officials, to figure out exactly what it was. “On the morning of March 10, 2004,” as the former president recounts the story in his memoirs,

Dick Cheney and Andy Card greeted me with a startling announcement: The Terrorist Surveillance Program would expire at the end of the day.

“How can it possibly end?” I asked. “It’s vital to protecting the country.”

The Terrorist Surveillance Program, then known to the handful who were aware of it only as “the Program” or by its code name, “Stellar Wind,” was a highly secret National Security Agency effort — eventually revealed by The New York Times in December 2005 and then in much greater detail by former NSA contractor Edward Snowden last June. Among other things, Stellar Wind empowered the agency to assemble a vast collection of “metadata,” including on the telephone calls and e-mails of millions of Americans, that its analysts could search and “mine” for information.

Though the program would appear on its face to violate the Fourth Amendment and the Foreign Intelligence Surveillance Act of 1978, President Bush had approved it three weeks after the September 11 attacks, securing the signature of Attorney General John Ashcroft after the fact. To remain in force the program had to be recertified by the president and the attorney general every forty-five days.

And now, two and a half years later, Cheney and White House chief of staff Andrew Card told Bush, Justice Department lawyers “had raised a legal objection to one component of the program.” Unless that “component” — apparently, the sweeping up of Internet metadata — was eliminated or modified, they told the president, the lawyers would refuse to certify that the program was legal. [Continue reading…]

Facebooktwittermail

Obama needs to end of laws of the spies, by the spies and for the spies

o13-iconJameel Jaffer writes: To anyone who criticized the National Security Agency’s phone-records dragnet over the last nine months or so, the American intelligence community had this stock response: all three branches of government signed off on it.

The intelligence community was right, at least in a sense, but what it presented as a defense of the surveillance program was actually an indictment of our oversight system. What it presented as a defense of the program was actually a scandal.

In today’s New York Times, Charlie Savage reports that the administration has come to the belated realization that its intelligence interests can be accommodated without placing hundreds of millions of people under permanent surveillance. This is to the good, of course. But if the administration is right that the dragnet was unnecessary, we should ask how all three branches of government got it so wrong.

The answer, in a word, is secrecy. When intelligence officials proposed the dragnet, there was no one on the other side to explain that the government’s goals could be achieved with less-intrusive means. There was no one there to mention that the law the government was invoking couldn’t lawfully be used to collect call-records. There was no one there to mention that the bulk collection of call records was unconstitutional. [Continue reading…]

Facebooktwittermail

After reports on NSA, China urges end to spying

n13-iconThe New York Times reports: The Chinese government called on the United States on Monday to explain its actions and halt the practice of cyberespionage after news reports said that the National Security Agency had hacked its way into the computer systems of China’s largest telecommunications company.

The reports, based on documents provided by the former security contractor Edward J. Snowden, related how the spy agency penetrated servers owned by the company, Huawei, and monitored communications by its senior executives in an effort to discover whether the executives had links to the Chinese military. The operation also sought to exploit the company’s technology and gain access to the communications of customers who use Huawei cellphones, fiber optic cables and network hubs.

American officials have been working to block Huawei from entering the American telecommunications market because of concerns that its equipment could provide Chinese hackers with a “back door” for stealing American corporate and government secrets.[Continue reading…]

Facebooktwittermail

The House’s NSA bill could allow more spying than ever. You call this reform?

o13-iconTrevor Timm writes: The White House and the House Intelligence Committee leaked dueling proposals last night that are supposedly aimed at ending the mass collection of all Americans’ phone records. But the devil is in the details, and when it comes to the National Security Agency’s unique ability to twist and distort the English language, the devil tends to wrap his horns around every word.

The House proposal, to be unveiled this morning by Reps Mike Rogers and Dutch Ruppersberger, is the more worrying of the two. Rogers has been the NSA’s most ardent defender in Congress and has a long history of distorting the truth and practicing in outright fabrication, whether in touting his committee’s alleged “oversight” or by way of his attempts to impugn the motives of the once again vindicated whistleblower who started this whole reform debate, former NSA contractor Edward Snowden.

As a general rule, whenever Mike Rogers (not to be confused with incoming NSA director Michael Rogers) claims a bill does something particular – like, say, protect your privacy – it’s actually a fairly safe assumption that the opposite will end up true. His new bill seems to have the goal of trading government bulk collection for even more NSA power to search Americans’ data while it sits in the hands of the phone companies. [Continue reading…]

Facebooktwittermail

Obama just opened the door for Snowden’s immunity

o13-iconMichael Maiello writes: Today, Charlie Savage at The New York Times reports that the Obama administration will propose the end of the NSA’s bulk data collection program, replacing it with a more targeted, more thoroughly court supervised alternative. It is an imperfect solution for those who suspect that the FISA court is too eager to grant such requests but Marc Rotenberg, executive director of the Electronic Privacy Information Center, told the paper that this was “a sensible outcome.”

As we are a good way through Obama’s second term as president, I think it’s more than fair to say that we would not be here, at the cusp of sensibility, without the actions of Edward J. Snowden, the former NSA contractor who now lives in Russia under the protection of Vladimir Putin. Snowden took and released an uncounted number of sensitive documents from his employers and is responsible for disclosing the breadth and scope of the NSA’s global telecommunications surveillance program. Had the details of this program remained rumor and whisper as they were for the bulk of Obama’s tenure, it’s a fair bet that nothing would be changing now. [Continue reading…]

Facebooktwittermail

Washington surprised by Russia’s ability to evade U.S. eavesdropping

n13-iconThe Wall Street Journal reports: U.S. military satellites spied Russian troops amassing within striking distance of Crimea last month. But intelligence analysts were surprised because they hadn’t intercepted any telltale communications where Russian leaders, military commanders or soldiers discussed plans to invade.

America’s vaunted global surveillance is a vital tool for U.S. intelligence services, especially as an early-warning system and as a way to corroborate other evidence. In Crimea, though, U.S. intelligence officials are concluding that Russian planners might have gotten a jump on the West by evading U.S. eavesdropping.

“Even though there was a warning, we didn’t have the information to be able to say exactly what was going to happen,” a senior U.S. official says.

To close the information gap, U.S. spy agencies and the military are rushing to expand satellite coverage and communications-interception efforts across Russia, Ukraine and the Baltic states. U.S. officials hope the “surge” in assets and analysts will improve tracking of the Russian military and tip off the U.S. to any possible intentions of Russian President Vladimir Putin before he acts on them.

The U.S. moves will happen quickly. “We have gone into crisis-response mode,” a senior official says.

Still, as Russia brings additional forces to areas near the border with eastern Ukraine, America’s spy chiefs are worried that Russian leaders might be able to cloak their next move by shielding more communications from the U.S., according to officials familiar with the matter. “That is the question we’re all asking ourselves,” one top U.S. official says.

The Obama administration is “very nervous,” says a person close to the discussions. “This is uncharted territory.” [Continue reading…]

Facebooktwittermail

Industrial espionage: NSA hacked servers of China telecom giant Huawei

n13-iconThe New York Times reports: American officials have long considered Huawei, the Chinese telecommunications giant, a security threat, blocking it from business deals in the United States for fear that the company would create “back doors” in its equipment that could allow the Chinese military or Beijing-backed hackers to steal corporate and government secrets.

But even as the United States made a public case about the dangers of buying from Huawei, classified documents show that the National Security Agency was creating its own back doors — directly into Huawei’s networks.

The agency pried its way into the servers in Huawei’s sealed headquarters in Shenzhen, China’s industrial heart, according to N.S.A. documents provided by the former contractor Edward J. Snowden. It obtained information about the workings of the giant routers and complex digital switches that Huawei boasts connect a third of the world’s population, and monitored communications of the company’s top executives.

One of the goals of the operation, code-named “Shotgiant,” was to find any links between Huawai and the People’s Liberation Army, one 2010 document made clear. But the plans went further: to exploit Huawai’s technology so that when the company sold equipment to other countries — including both allies and nations that avoid buying American products — the N.S.A. could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyberoperations. [Continue reading…]

MIT Technology Review: How’s this for a tough sales job? The American sales reps of Huawei offer top-notch telecom gear at a 35 percent discount. But anytime they get near to closing a sale, their customers get a visit from the FBI or the U.S. Department of Commerce.

The message from the feds isn’t subtle: buy something else.

Huawei, based in Shenzhen, China, is the world’s largest seller of telecom equipment, commanding 20 percent of the market. Yet it is barely a factor in North America. Here its market share in optical equipment is just 1.4 percent, and in switches and routers it’s just 0.1 percent.

Just as Huawei has been shut out of the American market, leaks about the pervasiveness of spying by the NSA and other U.S. intelligence agencies might now hurt American companies abroad. Businesses are starting to talk of a “Snowden effect” of lost sales, dimmed prospects, and growing uncertainty, as they too come under a cloud of mistrust.

Huawei (pronounced wah-way) was founded in 1987 by Ren Zhengfei, a former military officer who splits the CEO job with executives who rotate every six months. As Huawei expanded overseas, suspicions began to swirl around the company, particularly in the United States. Its effort to buy 3Com, a networking company, was blocked by a trade panel that assesses national security risks. In 2011, Cisco Systems, a competitor, developed talking-point slides that laid out reasons for “Fear of Huawei.”

In 2012, partly at the Chinese company’s request, the U.S. House Intelligence Committee investigated and released a report. It offered no real proof of spying, yet it still concluded that the United States must “view with suspicion” progress by Chinese companies in the North America telecommunications market.

The concern was that somehow, with Huawei’s knowledge or without it, the Chinese government could use equipment sold by the company to eavesdrop or even to gain an advantage in a cyberwar. Huawei loudly denied the charges; it cried “discrimination.”

The irony now is that leaked National Security Agency documents suggest the U.S. was doing everything it suspected China of. The documents indicate that the U.S. may have compromised routers from Cisco, Juniper, and Huawei. It’s also believed to have weakened encryption products so the ciphers used by commercial software could be broken. [Continue reading…]

Facebooktwittermail

Revelations of NSA spying cost U.S. tech companies

a13-iconThe New York Times reports: Microsoft has lost customers, including the government of Brazil.

IBM is spending more than a billion dollars to build data centers overseas to reassure foreign customers that their information is safe from prying eyes in the United States government.

And tech companies abroad, from Europe to South America, say they are gaining customers that are shunning United States providers, suspicious because of the revelations by Edward J. Snowden that tied these providers to the National Security Agency’s vast surveillance program.

Even as Washington grapples with the diplomatic and political fallout of Mr. Snowden’s leaks, the more urgent issue, companies and analysts say, is economic. Technology executives, including Mark Zuckerberg of Facebook, raised the issue when they went to the White House on Friday for a meeting with President Obama.

It is impossible to see now the full economic ramifications of the spying disclosures — in part because most companies are locked in multiyear contracts — but the pieces are beginning to add up as businesses question the trustworthiness of American technology products. [Continue reading…]

Facebooktwittermail

Inside the NSA’s secret efforts to hunt and hack system administrators

n13-iconRyan Gallagher and Peter Maass report: Across the world, people who work as system administrators keep computer networks in order – and this has turned them into unwitting targets of the National Security Agency for simply doing their jobs. According to a secret document provided by NSA whistleblower Edward Snowden, the agency tracks down the private email and Facebook accounts of system administrators (or sys admins, as they are often called), before hacking their computers to gain access to the networks they control.

The document consists of several posts – one of them is titled “I hunt sys admins” – that were published in 2012 on an internal discussion board hosted on the agency’s classified servers. They were written by an NSA official involved in the agency’s effort to break into foreign network routers, the devices that connect computer networks and transport data across the Internet. By infiltrating the computers of system administrators who work for foreign phone and Internet companies, the NSA can gain access to the calls and emails that flow over their networks.

The classified posts reveal how the NSA official aspired to create a database that would function as an international hit list of sys admins to potentially target. Yet the document makes clear that the admins are not suspected of any criminal activity – they are targeted only because they control access to networks the agency wants to infiltrate. “Who better to target than the person that already has the ‘keys to the kingdom’?” one of the posts says. [Continue reading…]

Facebooktwittermail

Intelligence Community rethinking its approach to transparency and secrecy

a13-iconSteven Aftergood writes: By leaking classified intelligence documents, Edward Snowden transformed public awareness of the scale and scope of U.S. intelligence surveillance programs. But his actions are proving to be no less consequential for national security secrecy policy.

“These leaks have forced the Intelligence Community to rethink our approach to transparency and secrecy,” said Robert S. Litt, General Counsel at the Office of the Director of National Intelligence. He spoke at a March 18 Freedom of Information Day program sponsored by the Collaboration on Government Secrecy at American University Washington College of Law.

Mr. Litt made it clear that he did not approve of the Snowden leaks, which he said were unlawful and had “seriously damaged our national security.” Yet he stressed that the leaks have also prompted a reconsideration of previously accepted patterns of secrecy.

“We have had to reassess how we strike the balance between the need to keep secret the sensitive sources, methods and targets of our intelligence activities, and the goal of transparency with the American people about the rules and policies governing those activities.” [Continue reading…]

Facebooktwittermail

Sen. Ron Wyden scorches senior CIA and NSA officials and their ‘pattern of deception’

n13-iconThe Oregonian reports: U.S. Sen. Ron Wyden scorched senior CIA and NSA officials, the secret doings inside the Foreign Intelligence Surveillance Court, and a controversial section of the USA Patriot ACT on Tuesday night during a lecture in downtown Portland.

The senior senator from Oregon performed perhaps the most skillful dodge yet – by any politician – of a question nagging many Americans: is former National Security Agency contractor Edward Snowden a hero, a traitor, or something in between?

Wyden declined to comment about a case now before a criminal court (Snowden faces spy charges). But he said senior intelligence officials should have told the public that the National Security Agency had collected the phone records of millions of ordinary Americans, rather than having them learn about it through Snowden’s leaks of classified files to journalists.

“This is a debate that shouldn’t have been started this way,” said Wyden, a member of the Senate Intelligence Committee who sits in on classified briefings of national security operations.

Wyden called for more vigorous oversight of U.S. spy agencies. He called on senior intelligence officials to end what he described variously as their “pattern of deception,” “incredibly misleading statements,” and “culture of misinformation.” [Continue reading…]

Facebooktwittermail

U.S. listed as enemy of the internet

a13-iconReporters Without Borders: Natalia Radzina of Charter97, a Belarusian news website whose criticism of the government is often censored, was attending an OSCE-organized conference in Vienna on the Internet and media freedom in February 2013 when she ran into someone she would rather not have seen: a member of the Operations and Analysis Centre, a Belarusian government unit that coordinates Internet surveillance and censorship. It is entities like this, little known but often at the heart of surveillance and censorship systems in many countries, that Reporters Without Borders is spotlighting in this year’s Enemies of the Internet report, which it is releasing, as usual, on World Day Against Cyber-Censorship (12 March).

Identifying government units or agencies rather than entire governments as Enemies of the Internet allows us to draw attention to the schizophrenic attitude towards online freedoms that prevails in in some countries. Three of the government bodies designated by Reporters Without Borders as Enemies of the Internet are located in democracies that have traditionally claimed to respect fundamental freedoms: the Centre for Development of Telematics in India, the Government Communications Headquarters (GCHQ) in the United Kingdom, and the National Security Agency (NSA) in the United States.

The NSA and GCHQ have spied on the communications of millions of citizens including many journalists. They have knowingly introduced security flaws into devices and software used to transmit requests on the Internet. And they have hacked into the very heart of the Internet using programmes such as the NSA’s Quantam Insert and GCHQ’s Tempora. The Internet was a collective resource that the NSA and GCHQ turned into a weapon in the service of special interests, in the process flouting freedom of information, freedom of expression and the right to privacy.

The mass surveillance methods employed in these three countries, many of them exposed by NSA whistleblower Edward Snowden, are all the more intolerable because they will be used and indeed are already being used by authoritarians countries such as Iran, China, Turkmenistan, Saudi Arabia and Bahrain to justify their own violations of freedom of information. How will so-called democratic countries will able to press for the protection of journalists if they adopt the very practices they are criticizing authoritarian regimes for? [Continue reading…]

Facebooktwittermail

NSA surveillance program reaches ‘into the past’ to retrieve, replay phone calls

n13-iconThe Washington Post reports: The National Security Agency has built a surveillance system capable of recording “100 percent” of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden.

A senior manager for the program compares it to a time machine — one that can replay the voices from any call without requiring that a person be identified in advance for surveillance.

The voice interception program, called MYSTIC, began in 2009. Its RETRO tool, short for “retrospective retrieval,” and related projects reached full capacity against the first target nation in 2011. Planning documents two years later anticipated similar operations elsewhere.

In the initial deployment, collection systems are recording “every single” conversation nationwide, storing billions of them in a 30-day rolling buffer that clears the oldest calls as new ones arrive, according to a classified summary. [Continue reading…]

Facebooktwittermail

Former Church Committee members see need for new group to investigate NSA

n13-iconThreatpost: In a letter sent to President Obama and members of Congress, former members and staff of the Church Committee on intelligence said that the revelations of the NSA activities have caused “a crisis of public confidence” and encouraged the formation of a new committee to undertake “significant and public reexamination of intelligence community practices”.

Although it may seem like the NSA’s activities have only recently come under public scrutiny, the agency first was dragged into the light in 1975 when reports surfaced that for decades it had had secret agreements with telegram companies to get copies of Americans’ international communications. The Church committee, formally known as the Senate Select Committee to Study Governmental Operations with Respect to Intelligence Activities, was formed to investigate the NSA’s methods and produced a report that took the agency to task for overstepping its bounds and expanding programs well beyond their initial scope.

“We have seen a consistent pattern in which programs initiated with limited goals, such as preventing criminal violence or identifying foreign spies, were expanded to what witnesses characterized as ‘vacuum cleaners,’ sweeping in information about lawful activities of American citizens. The tendency of intelligence activities to expand beyond their initial scope is a theme, which runs through every aspect of our investigative findings,” the committee’s final report said.

In the letter sent Monday to Obama and Congress, several former advisers to and members of the Church committee, including the former chief counsel, said that the current situation involving the NSA bears striking resemblances to the one in 1975 and that the scope of what the NSA is doing today is orders of magnitude larger than what was happening nearly 40 years ago.

“The need for another thorough, independent, and public congressional investigation of intelligence activity practices that affect the rights of Americans is apparent. There is a crisis of public confidence. Misleading statements by agency officials to Congress, the courts, and the public have undermined public trust in the intelligence community and in the capacity for the branches of government to provide meaningful oversight,” the letter says.

Facebooktwittermail

Compare the NSA’s Facebook malware denial to its own secret documents

f13-iconRyan Gallagher writes: On Wednesday, Glenn Greenwald and I revealed new details about the National Security Agency’s efforts to radically expand its ability to hack into computers and networks across the world. The story has received a lot of attention, and one detail in particular has sparked controversy: specifically, that the NSA secretly pretended to be a fake Facebook server in order to covertly infect targets with malware “implants” used for surveillance.

This revelation apparently infuriated Facebook founder Mark Zuckerberg so much that he got on the phone to President Barack Obama to complain about it. “I’ve been so confused and frustrated by the repeated reports of the behavior of the US government,” Zuckerberg wrote in a blog post Thursday. “When our engineers work tirelessly to improve security, we imagine we’re protecting you against criminals, not our own government.”

That wasn’t all. Wired ran a piece saying that the NSA’s widespread use of its malware tools “acts as implicit permission to others, both nation-state and criminal.” Slate noted that the NSA’s hacking platform appears to be “becoming a bit more like the un-targeted dragnets everyone has been so upset about.” Meanwhile, Ars Technica wrote that the surveillance technology we exposed “poses a risk to the entire Internet.”

In response, the NSA has attempted to quell the backlash by putting out a public statement dismissing what it called “inaccurate” media reports. The agency denied that it was “impersonating U.S. social media or other websites” and said that it had not “infected millions of computers around the world with malware.” The statement follows a trend that has repeatedly been seen in the aftermath of major disclosures from documents turned over by NSA whistleblower Edward Snowden, in which the NSA or one of its implicated allies issues a carefully worded non-denial denial that on the face of it seems to refute an allegation but on closer inspection does not refute it at all. [Continue reading…]

Facebooktwittermail

How the NSA plans to infect ‘millions’ of computers with malware

f13-iconRyan Gallagher and Glenn Greenwald report: Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.

The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.

The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.

In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.” [Continue reading…]

Facebooktwittermail

How a shift in the FISA court secretly facilitated mass surveillance

n13-iconThe New York Times reports: Ten months after the Sept. 11 attacks, the nation’s surveillance court delivered a ruling that intelligence officials consider a milestone in the secret history of American spying and privacy law. Called the “Raw Take” order — classified docket No. 02-431 — it weakened restrictions on sharing private information about Americans, according to documents and interviews.

The administration of President George W. Bush, intent on not overlooking clues about Al Qaeda, had sought the July 22, 2002, order. It is one of several still-classified rulings by the Foreign Intelligence Surveillance Court described in documents provided by Edward J. Snowden, the former National Security Agency contractor.

Previously, with narrow exceptions, an intelligence agency was permitted to disseminate information gathered from court-approved wiretaps only after deleting irrelevant private details and masking the names of innocent Americans who came into contact with a terrorism suspect. The Raw Take order significantly changed that system, documents show, allowing counterterrorism analysts at the N.S.A., the F.B.I. and the C.I.A. to share unfiltered personal information.

The leaked documents that refer to the rulings, including one called the “Large Content FISA” order and several more recent expansions of powers on sharing information, add new details to the emerging public understanding of a secret body of law that the court has developed since 2001. The files help explain how the court evolved from its original task — approving wiretap requests — to engaging in complex analysis of the law to justify activities like the bulk collection of data about Americans’ emails and phone calls.

“These latest disclosures are important,” said Steven Aftergood, the director of the Project on Government Secrecy at the Federation of American Scientists. “They indicate how the contours of the law secretly changed, and they represent the transformation of the Foreign Intelligence Surveillance Court into an interpreter of law and not simply an adjudicator of surveillance applications.” [Continue reading…]

Facebooktwittermail