Reuters reports: The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world’s computers, according to cyber researchers and former operatives.
That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations.
Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said. (reut.rs/1L5knm0)
The firm declined to publicly name the country behind the spying campaign, but said it was closely linked to Stuxnet, the NSA-led cyberweapon that was used to attack Iran’s uranium enrichment facility. The NSA is the agency responsible for gathering electronic intelligence on behalf of the United States.
A former NSA employee told Reuters that Kaspersky’s analysis was correct, and that people still in the intelligence agency valued these spying programs as highly as Stuxnet. Another former intelligence operative confirmed that the NSA had developed the prized technique of concealing spyware in hard drives, but said he did not know which spy efforts relied on it. [Continue reading…]
If Glenn Greenwald had more interest in investigation and less interest in being a celebrity, he could find no better tutor than Steven Aftergood — someone who most of Greenwald’s followers have most likely never heard of. Even so, Greenwald certainly understand what plays well with a large audience: a simple story.
Aftergood writes: For some of Edward Snowden’s partisans and supporters…, the possibility that his leaks had negative as well as positive consequences involves more complexity than they can tolerate. If Snowden intended to defend constitutional values, as he insists, then how dare anyone suggest that he may have also aided America’s enemies, even indirectly?
This sort of complexity does not arise in Laura Poitras’s award-winning film Citizenfour about Snowden, as its few critical reviewers have noted.
Many of the documents Snowden disclosed “go far beyond exposures of spying on Americans,” wrote Fred Kaplan in a review of the film in Slate. “If Snowden and company wanted to take down an intelligence agency, they should say so. But that has nothing to do with whistleblowing or constitutional rights.”
Likewise, wrote George Packer in The New Yorker, “Among the leaked documents are details of foreign-intelligence gathering that do not fall under the heading of unlawful threats to American democracy–what Snowden described as his only concern. [Former NSA official William] Binney, generally a fervent Snowden supporter, told USA Today that Snowden’s references to ‘hacking into China’ went too far: ‘So he is transitioning from whistle-blower to a traitor’.”
And from Michael Cohen in The Daily Beast: “What is left out of Poitras’s highly sympathetic portrayal of Snowden is so much of what we still don’t know about him. For example, why did he steal so many documents that have nothing to do with domestic surveillance but rather overseas–and legal–intelligence-gathering operations?”
But for a discussion of Citizenfour that presents no such dissonant, skeptical notes or troublesome opposing views, see the late David Carr’s final interview with Snowden, Poitras and Glenn Greenwald.
For me, one of the most memorable moments in that interview came when the participants scoffed at the United State’s poor ranking in the latest Borders Without Borders World Press Freedom Index.
At 46, the U.S. falls below countries such as Botswana — proximity which for Greenwald appeared to insult America’s reputation much more than it complimented Botswana.
While enjoying the freedom to speak from a stage in New York City (Greenwald’s fear of getting arrested in the U.S. seemed to disappear as soon as he got a Pulitzer and published his book), no mention was made of the fact that the country where Snowden resides ranks 148, while Greenwald’s home country of Brazil ranks 111.
No doubt, for as long as the U.S. retains the conceit of being “the leader of the free world,” it has little excuse for failing to rank number one in press freedom. At the same time, those who choose to characterize the U.S. government as the preeminent threat to personal freedom in the world, are either willfully ignoring or simply ignorant of much more egregious threats to freedom that can be seen in China, the Middle East, Russia and elsewhere.
The New York Times reports: A year after President Obama ordered modest changes in how the nation’s intelligence agencies collect and hold data on Americans and foreigners, the administration will announce new rules requiring intelligence analysts to delete private information they may incidentally collect about Americans that has no intelligence purpose, and to delete similar information about foreigners within five years.
The new rules to be announced Tuesday will also institutionalize a regular White House-led review of the National Security Agency’s monitoring of foreign leaders. Until the disclosures in the early summer of 2013 by Edward J. Snowden, the former N.S.A. contractor whose trove of intelligence documents is still leaking into public view, there was no continuing White House assessment of whether the intelligence garnered from listening to scores of leaders around the world was worth the potential embarrassment if the programs became public.
Mr. Obama publicly ordered the end of the monitoring of Chancellor Angela Merkel of Germany, saying he had known nothing about the effort — an admission that revealed the White House was not reviewing N.S.A. activities the way, for example, it annually reviews covert actions around the world by the C.I.A. The timing of the announcement about the new review process comes the week before Ms. Merkel is scheduled to visit the White House, where a long-debated arrangement for greater intelligence sharing between the countries is expected to be discussed.
Mr. Obama has never said whom, beyond Ms. Merkel, he took off the list of foreign leaders whose conversations are monitored, but it appeared that programs in Mexico and Brazil continued, while several dozen leaders have been removed. [Continue reading…]
Mattathias Schwartz writes: Almost every major terrorist attack on Western soil in the past fifteen years has been committed by people who were already known to law enforcement. One of the gunmen in the attack on Charlie Hebdo, in Paris, had been sent to prison for recruiting jihadist fighters. The other had reportedly studied in Yemen with Umar Farouk Abdulmutallab, the underwear bomber, who was arrested and interrogated by the F.B.I. in 2009. The leader of the 7/7 London suicide bombings, in 2005, had been observed by British intelligence meeting with a suspected terrorist, though MI5 later said that the bombers were “not on our radar.” The men who planned the Mumbai attacks, in 2008, were under electronic surveillance by the United States, the United Kingdom, and India, and one had been an informant for the Drug Enforcement Administration. One of the brothers accused of bombing the Boston Marathon was the subject of an F.B.I. threat assessment and a warning from Russian intelligence.
In each of these cases, the authorities were not wanting for data. What they failed to do was appreciate the significance of the data they already had. [Continue reading…]
After cybersleuth Barack Obama saw the evidence pointing at North Korea’s responsibility for the cyberattacks against Sony, “he had no doubt,” the New York Times melodramatically reports.
He had no doubt about what? That his intelligence analysts knew what they were talking about? Or that he too when presented with the same evidence was forced to reach the same conclusion?
I have no doubt that had Obama been told by those same advisers that North Korea was not behind the attacks, he would have accepted that conclusion. In other words, on matters about which he lacks the expertise to reach any conclusion, he relies on the expertise of others.
A journalist who tells us about the president having “no doubt” in such as situation is merely dressing up his narrative with some Hollywood-style commander-in-chief gravitas.
When one of the reporters in this case, David Sanger, is someone whose cozy ties to government extend to being “an old friend of many, many years” of Ashton Carter, whose nomination as the next Secretary of Defense is almost certain to be approved, you have to wonder whose interests he really serves. Those of his readership or those of the government?
Since Obama and the FBI went out on a limb by asserting that they had no doubt about North Korea’s role in the attacks, they have been under considerable pressure to provide some compelling evidence to back up their claim.
That evidence now comes courtesy of anonymous officials briefing the New York Times and another document from the Snowden trove of NSA documents.
Maybe the evidence really is conclusive, but there are still important unanswered questions.
For instance, as Arik Hesseldahl asks:
why, if the NSA had so fully penetrated North Korea’s cyber operations, did it not warn Sony that an attack of this magnitude was underway, one that apparently began as early as September.
Officials with the NSA and the White House did not immediately respond to requests for comment about the report. A Sony spokeswoman had no comment.
On the one hand we’re being told that the U.S. knew exactly who was behind the Sony attacks because the hackers were under close surveillance by the NSA, and yet at the same time we’re being told that although the NSA was watching the hackers it didn’t figure out what they were doing.
If Hollywood everyone decides to create a satire out of this, they’ll need to come up with a modern-day reworking of the kind of scene that would come straight out of Get Smart — the kind where Maxwell Smart, Agent 86, would be eavesdropping on conversation between his North Korean counterparts, the only problem being, that he doesn’t understand Korean.
The Times report refers to the North Korean hackers using an “attack base” in Shenyang, in north east China. This has been widely reported with the somewhat less cyber-sexy name of the Chilbosan Hotel whose use for these purposes has been known since 2004.
If the attackers wanted to avoid detection, it’s hard to understand why they would have operated out of a location that had been known about for that long and that could so easily be linked to North Korea.
It’s also hard to fathom that having developed its cyberattack capabilities over such an extended period, North Korea would want to risk so much just to try and prevent the release of The Interview.
Michael Daly claims that the regime “recognizes that Hollywood and American popular culture in general constitute a dire threat” — a threat that has apparently penetrated the Hermit Kingdom in the “especially popular” form of Desperate Housewives.
Daly goes on to assert:
a glimpse of Wisteria Lane is enough to give lie to the regime’s propaganda that North Koreans live in a worker’s paradise while its enemies suffer in grinding poverty, driven by envy to plot against Dear Leader.
Of course, as every American who has watched the show knows, Wisteria Lane represents anytown America and the cast could blend in unnoticed at any Walmart or shopping mall.
OK. I won’t deny that American propaganda is much more sophisticated than North Korea’s, but when an American journalist implies that Desperate Housewives offers ordinary North Koreans a glimpse into the lives of ordinary Americans, you have to ask: which population has been more perfectly been brainwashed?
In reality, the dire threat to the North Korean regime in terms of social impact comes not from American popular culture but from much closer: South Korean soap operas.
The Washington Post reports: In a crescendo of anger over American espionage, Germany expelled the CIA’s top operative, launched an investigation of the vast U.S. surveillance programs exposed by Edward Snowden and extracted an apology from President Obama for the years that U.S. spies had reportedly spent monitoring German Chancellor Angela Merkel’s cellphone.
In an address to Parliament last year, Merkel warned that U.S.-German cooperation would be curtailed and declared that “trust needs to be rebuilt.”
But the cooperation never really stopped. The public backlash over Snowden often obscured a more complicated reality for Germany and other aggrieved U.S. allies. They may be dismayed by the omnivorous nature of the intelligence apparatus the United States has built since the Sept. 11, 2001, attacks, but they are also deeply dependent on it.
Over the past year, Germany has secretly provided detailed information to U.S. spy services on hundreds of German citizens and legal residents suspected of having joined insurgent groups in Syria and Iraq, U.S. and German officials said.
Germany has done so reluctantly to enlist U.S. help in tracking departed fighters, determining whether they have joined al-Qaeda or the Islamic State and, perhaps most importantly, whether they might seek to bring those groups’ violent agendas back to Germany.
The stream of information includes names, cellphone numbers, e-mail addresses and other sensitive data that German security services — ever mindful of the abuses by the Nazi and Stasi secret police — have been reluctant even to collect, let alone turn over to a suspect ally. [Continue reading…]
McClatchy reports: When Ilana Greenstein blew the whistle on mismanagement at the CIA, she tried to follow all the proper procedures.
First, she told her supervisors that she believed the agency had bungled its spying operations in Baghdad. Then, she wrote a letter to the director of the agency.
But the reaction from the intelligence agency she trusted was to suspend her clearance and order her to turn over her personal computers. The CIA then tried to get the Justice Department to open a criminal investigation of her.
Meanwhile, the agency’s inspector general, which is supposed to investigate whistleblower retaliation, never responded to her complaint about the treatment.
Based on her experience in 2007, Greenstein is not surprised that many CIA employees did little to raise alarms when the nation’s premier spy agency was torturing terrorism suspects and detaining them without legal justification. She and other whistleblowers say the reason is obvious.
“No one can trust the system,” said Greenstein, now a Washington attorney. “I trusted it and I was naive.”
Since 9/11, defense and intelligence whistleblowers such as Greenstein have served as America’s conscience in the war on terrorism. Their assertions go to the heart of government waste, misconduct and overreach: defective military equipment, prisoner abuse at Abu Ghraib, surveillance of Americans.
Yet the legal system that was set up to protect these employees has repeatedly failed those with the highest-profile claims. Many of them say they aren’t thanked but instead are punished for speaking out. [Continue reading…]
Der Spiegel reports: Death is circling above Helmand Province on the morning of Feb. 7, 2011, in the form of a British Apache combat helicopter named “Ugly 50.” Its crew is searching for an Afghan named Mullah Niaz Mohammed. The pilot has orders to kill him.
The Afghan, who has been given the code name “Doody,” is a “mid-level commander” in the Taliban, according to a secret NATO list. The document lists enemy combatants the alliance has approved for targeted killings. “Doody” is number 3,673 on the list and NATO has assigned him a priority level of three on a scale of one to four. In other words, he isn’t particularly important within the Taliban leadership structure.
The operations center identified “Doody” at 10:17 a.m. But visibility is poor and the helicopter is forced to circle another time. Then the gunner fires a “Hellfire” missile. But he has lost sight of the mullah during the maneuver, and the missile strikes a man and his child instead. The boy is killed instantly and the father is severely wounded. When the pilot realizes that the wrong man has been targeted, he fires 100 rounds at “Doody” with his 30-mm gun, critically injuring the mullah.
The child and his father are two of the many victims of the dirty secret operations that NATO conducted for years in Afghanistan. Their fate is described in secret documents to which SPIEGEL was given access. Some of the documents concerning the International Security Assistance Force (ISAF) and the NSA and GCHQ intelligence services are from the archive of whistleblower Edward Snowden. Included is the first known complete list of the Western alliance’s “targeted killings” in Afghanistan. The documents show that the deadly missions were not just viewed as a last resort to prevent attacks, but were in fact part of everyday life in the guerilla war in Afghanistan. [Continue reading…]
Sebastian Rotella, James Glanz and David E. Sanger report: In the fall of 2008, a 30-year-old computer expert named Zarrar Shah roamed from outposts in the northern mountains of Pakistan to safe houses near the Arabian Sea, plotting mayhem in Mumbai, India’s commercial gem.
Mr. Shah, the technology chief of Lashkar-e-Taiba, the Pakistani terror group, and fellow conspirators used Google Earth to show militants the routes to their targets in the city. He set up an Internet phone system to disguise his location by routing his calls through New Jersey. Shortly before an assault that would kill 166 people, including six Americans, Mr. Shah searched online for a Jewish hostel and two luxury hotels, all sites of the eventual carnage.
But he did not know that by September, the British were spying on many of his online activities, tracking his Internet searches and messages, according to former American and Indian officials and classified documents disclosed by Edward J. Snowden, the former National Security Agency contractor.
They were not the only spies watching. Mr. Shah drew similar scrutiny from an Indian intelligence agency, according to a former official who was briefed on the operation. The United States was unaware of the two agencies’ efforts, American officials say, but had picked up signs of a plot through other electronic and human sources, and warned Indian security officials several times in the months before the attack.
What happened next may rank among the most devastating near-misses in the history of spycraft. The intelligence agencies of the three nations did not pull together all the strands gathered by their high-tech surveillance and other tools, which might have allowed them to disrupt a terror strike so scarring that it is often called India’s 9/11.
“No one put together the whole picture,” said Shivshankar Menon, who was India’s foreign secretary at the time of the attacks and later became the national security adviser. “Not the Americans, not the Brits, not the Indians.” [Continue reading…]
Ryan Gallagher reports: In March 2011, two weeks before the Western intervention in Libya, a secret message was delivered to the National Security Agency. An intelligence unit within the U.S. military’s Africa Command needed help to hack into Libya’s cellphone networks and monitor text messages.
For the NSA, the task was easy. The agency had already obtained technical information about the cellphone carriers’ internal systems by spying on documents sent among company employees, and these details would provide the perfect blueprint to help the military break into the networks.
The NSA’s assistance in the Libya operation, however, was not an isolated case. It was part of a much larger surveillance program—global in its scope and ramifications—targeted not just at hostile countries. [Continue reading…]
Peter Koop writes: Documents recently disclosed by Edward Snowden show that the NSA’s fourth-largest cable tapping program, codenamed INCENSER, pulls its data from just one single source: a submarine fiber optic cable linking Asia with Europe.
Until now, it was only known that INCENSER was a sub-program of WINDSTOP and that it collected some 14 billion pieces of internet data a month. The latest revelations now say that these data are collected with the help of the British company Cable & Wireless (codenamed GERONTIC, now part of Vodafone) at a location in Cornwall in the UK, codenamed NIGELLA.
For the first time, this gives us a view on the whole interception chain, from the parent program all the way down to the physical interception facility. Here we will piece together what is known about these different stages and programs from recent and earlier publications. [Continue reading…]
The Guardian reports: Many of the brightest minds from the National Security Agency and GCHQ staff tire themselves out from long years of service, moving out into the comfort of the private sector.
Unsurprisingly, the security industry welcomes them with open arms. After all, who better to hand out advice than alumni of two of the most sophisticated intelligence agencies on the planet?
A young British company called Darktrace, whose technology was spawned in the classrooms and bedrooms of Cambridge University, can now boast a covey of former spies among their executive ranks. Jim Penrose, who spent 17 years at the NSA and was involved in the much-feared Tailored Access Operations group (TAO), is one of Darktrace’s latest hires.
Though he declined to confirm or deny any of the claims made about TAO’s operations, including Edward Snowden leaks that showed it had hacked into between 85,000 and 100,000 machines around the world, Penrose spoke with the Guardian about how people might want to defend themselves from government-sponsored cyber attacks. [Continue reading…]
Wired reports: Lawmakers are considering a bill that would shut off the water spigot to the massive data center operated by the National Security Agency in Bluffdale, Utah.
The legislation, proposed by Utah lawmaker Marc Roberts, is due to go to the floor of the Utah House of Representatives early next year, but it was debated in a Public Utilities and Technology Interim Committee meeting on Wednesday. The bill, H.B. 161, directs municipalities like Bluffdale to “refuse support to any federal agency which collects electronic data within this state.”
The NSA brought its Bluffdale data center online about a year ago, taking advantage Utah’s cheap power and a cut-rate deal for millions of gallons of local water, used to cool the 1-million-square-foot building’s servers. Roberts’ bill, however, would prohibit the NSA from negotiating new water deals when its current Bluffdale agreement runs out in 2021.
The law seems like a long-shot to clear legislative hurdles when Utah’s legislature re-convenes next year, but Wednesday’s committee hearing was remarkable, nonetheless, says Nate Carlisle, a reporter with the Salt Lake Tribune who has waged a fight with the NSA and Bluffdale officials to determine how much water the data center is actually using. “What’s noteworthy is no one on the panel said: ‘Hey, wait a minute, we can’t do this,’” he says. “They had some specific concerns about the language of the bill, but there was no outright opposition.” [Continue reading…]
The New York Times reports: A little-known provision of the Patriot Act, overlooked by lawmakers and administration officials alike, appears to give President Obama a possible way to keep the National Security Agency’s bulk phone records program going indefinitely — even if Congress allows the law on which it is based to expire next year.
Senate Republicans on Tuesday night used a filibuster to block consideration of a bill to end and replace the N.S.A. phone records program. The debate about what may happen next has played out based on a widely held premise: that the legal basis for the program, Section 215 of the Patriot Act, will expire on June 1, so if Congress remains gridlocked, the program will automatically shut down.
“I believe that if we do not pass this bill, the metadata program is at risk because the 215 program sunsets next year,” Senator Dianne Feinstein, Democrat of California, said in Tuesday night’s debate. But that premise may be incorrect. If the summer arrives and the program is facing a shutdown, Mr. Obama could invoke the provision to ask the Foreign Intelligence Surveillance Court to keep it going.
Several executive branch officials said the administration had not been studying that option and expressed doubt that Mr. Obama would take such a step, or that the Surveillance Court would agree to it if he tried. Still, the mere existence of a potential way for the program to keep going without congressional action could recast the debate. [Continue reading…]
The New York Times reports: Senate Republicans on Tuesday blocked a sweeping overhaul of the once-secret National Security Agency program that collects records of Americans’ phone calls in bulk.
Democrats and a handful of Republicans who supported the measure failed to secure the 60 votes they needed to take up the legislation. The vote was 58 to 42 for consideration.
Senator Patrick J. Leahy, the Vermont Democrat who drafted the bill, blamed what he said was fear-mongering by the bill’s opponents for its defeat. “Fomenting fear stifles serious debate and constructive solutions,” he said. “This nation deserves more than that.” [Continue reading…]
Shane Harris writes: In a meeting of senior national security officials with President George W. Bush in the spring of 2007, the commander-in-chief authorized the NSA to begin hacking into the phone and computer networks of Iraqi insurgents.
The Iraqi cell phone network was a potential intelligence gold mine. Cell phone contracts were among the first business deals struck in Iraq after Saddam Hussein was driven from power. Wireless was cheaper than wired communications, and cell phones were proliferating. The NSA had access to foreign telecommunications networks through agreements struck with the United States—based carriers that operated them. These companies were paid handsomely — each receiving tens of millions of dollars annually, according to one former company executive — to give the spy agencies privileged access to their networks and the data coursing through them….
After Bush gave his order, daily strikes in Iraq were being carried about by a hybrid military and intelligence unit that brought together soldiers and spies. Their center of operations was a concrete hangar at the Balad Air Base, north of Baghdad, which had once housed Iraqi fighter jets. Most of the planes here now were unmanned drones. Their pilots worked alongside NSA hackers, FBI cyber forensics investigators, and special operations forces — the military’s elite commando squads. They all broke off into clusters, working with a seamless, almost organic precision. The hackers stole information from the enemy’s electronic devices and passed it to the analysts, who drew up target lists for the troops. As they went off on raids, the drone pilots watched overhead, giving eye-in-the-sky warning to the troops on the ground, thanks to sophisticated cameras and other sensors developed by the CIA. Sometimes the drone pilots themselves made the kill with a missile shot.
When an attack was finished, the troops gathered more intelligence from the site or from the fighters they captured — cell phones, laptop computers, thumb drives, address books, scraps of paper called “pocket litter” that might contain nothing more than a name, a phone number, or a physical or e-mail address. The troops brought the information back to the base and gave it to the analysts, who fed it into their databases and used data-mining software to look for connections to other fighters either in custody or at large. They paid close attention to how the fighters were getting money for their operations, including sources outside Iraq — in Syria, Iran, and Saudi Arabia.
Every day the unit netted between ten and twenty fighters. Whole terrorist networks were illuminated in this way, by U.S. forces who were starting to think and act like their enemy. They structured themselves not in vertical hierarchies but in networks, each member responding to conditions on the ground. They were making it up as they went along, and creating a new kind of warfare. [Continue reading…]
John Naughton writes: A headline caught my eye last Tuesday morning. “Privacy not an absolute right, says GCHQ chief”, it read. Given that GCHQ bosses are normally sensibly taciturn types, it looked puzzling. But it turns out that Sir Iain Lobban has retired from GCHQ to spend more time with his pension, to be followed no doubt, after a discreet interval, with some lucrative non-exec directorships. His successor is a Foreign Office smoothie, name of Robert Hannigan, who obviously decided that the best form of defence against the Snowden revelations is attack, which he mounted via an op-ed piece in the Financial Times, in the course of which he wrote some very puzzling things.
Much of his piece is a rehearsal of how good Isis has become at exploiting social media. Its members “use messaging and social media services such as Twitter, Facebook and WhatsApp, and a language their peers understand. The videos they post of themselves attacking towns, firing weapons or detonating explosives have a self-conscious online gaming quality. Their use of the World Cup and Ebola hashtags to insert the Isis message into a wider news feed, and their ability to send 40,000 tweets a day during the advance on Mosul without triggering spam controls, illustrates their ease with new media. There is no need for today’s would-be jihadis to seek out restricted websites with secret passwords: they can follow other young people posting their adventures in Syria as they would anywhere else.”
All of which is spot-on. From the very beginning, Isis fanatics have been up to speed on this stuff. Which raises an interesting question: how come that GCHQ and the other intelligence agencies failed to notice the rise of the Isis menace until it was upon us? Were they so busy hoovering metadata and tapping submarine cables and “mastering the internet” (as the code name of one of their projects puts it) that they didn’t have time to see what every impressionable Muslim 14-year-old in the world with an internet connection could see? [Continue reading…]