Washington surprised by Russia’s ability to evade U.S. eavesdropping

n13-iconThe Wall Street Journal reports: U.S. military satellites spied Russian troops amassing within striking distance of Crimea last month. But intelligence analysts were surprised because they hadn’t intercepted any telltale communications where Russian leaders, military commanders or soldiers discussed plans to invade.

America’s vaunted global surveillance is a vital tool for U.S. intelligence services, especially as an early-warning system and as a way to corroborate other evidence. In Crimea, though, U.S. intelligence officials are concluding that Russian planners might have gotten a jump on the West by evading U.S. eavesdropping.

“Even though there was a warning, we didn’t have the information to be able to say exactly what was going to happen,” a senior U.S. official says.

To close the information gap, U.S. spy agencies and the military are rushing to expand satellite coverage and communications-interception efforts across Russia, Ukraine and the Baltic states. U.S. officials hope the “surge” in assets and analysts will improve tracking of the Russian military and tip off the U.S. to any possible intentions of Russian President Vladimir Putin before he acts on them.

The U.S. moves will happen quickly. “We have gone into crisis-response mode,” a senior official says.

Still, as Russia brings additional forces to areas near the border with eastern Ukraine, America’s spy chiefs are worried that Russian leaders might be able to cloak their next move by shielding more communications from the U.S., according to officials familiar with the matter. “That is the question we’re all asking ourselves,” one top U.S. official says.

The Obama administration is “very nervous,” says a person close to the discussions. “This is uncharted territory.” [Continue reading...]

facebooktwittermail

Industrial espionage: NSA hacked servers of China telecom giant Huawei

n13-iconThe New York Times reports: American officials have long considered Huawei, the Chinese telecommunications giant, a security threat, blocking it from business deals in the United States for fear that the company would create “back doors” in its equipment that could allow the Chinese military or Beijing-backed hackers to steal corporate and government secrets.

But even as the United States made a public case about the dangers of buying from Huawei, classified documents show that the National Security Agency was creating its own back doors — directly into Huawei’s networks.

The agency pried its way into the servers in Huawei’s sealed headquarters in Shenzhen, China’s industrial heart, according to N.S.A. documents provided by the former contractor Edward J. Snowden. It obtained information about the workings of the giant routers and complex digital switches that Huawei boasts connect a third of the world’s population, and monitored communications of the company’s top executives.

One of the goals of the operation, code-named “Shotgiant,” was to find any links between Huawai and the People’s Liberation Army, one 2010 document made clear. But the plans went further: to exploit Huawai’s technology so that when the company sold equipment to other countries — including both allies and nations that avoid buying American products — the N.S.A. could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyberoperations. [Continue reading...]

MIT Technology Review: How’s this for a tough sales job? The American sales reps of Huawei offer top-notch telecom gear at a 35 percent discount. But anytime they get near to closing a sale, their customers get a visit from the FBI or the U.S. Department of Commerce.

The message from the feds isn’t subtle: buy something else.

Huawei, based in Shenzhen, China, is the world’s largest seller of telecom equipment, commanding 20 percent of the market. Yet it is barely a factor in North America. Here its market share in optical equipment is just 1.4 percent, and in switches and routers it’s just 0.1 percent.

Just as Huawei has been shut out of the American market, leaks about the pervasiveness of spying by the NSA and other U.S. intelligence agencies might now hurt American companies abroad. Businesses are starting to talk of a “Snowden effect” of lost sales, dimmed prospects, and growing uncertainty, as they too come under a cloud of mistrust.

Huawei (pronounced wah-way) was founded in 1987 by Ren Zhengfei, a former military officer who splits the CEO job with executives who rotate every six months. As Huawei expanded overseas, suspicions began to swirl around the company, particularly in the United States. Its effort to buy 3Com, a networking company, was blocked by a trade panel that assesses national security risks. In 2011, Cisco Systems, a competitor, developed talking-point slides that laid out reasons for “Fear of Huawei.”

In 2012, partly at the Chinese company’s request, the U.S. House Intelligence Committee investigated and released a report. It offered no real proof of spying, yet it still concluded that the United States must “view with suspicion” progress by Chinese companies in the North America telecommunications market.

The concern was that somehow, with Huawei’s knowledge or without it, the Chinese government could use equipment sold by the company to eavesdrop or even to gain an advantage in a cyberwar. Huawei loudly denied the charges; it cried “discrimination.”

The irony now is that leaked National Security Agency documents suggest the U.S. was doing everything it suspected China of. The documents indicate that the U.S. may have compromised routers from Cisco, Juniper, and Huawei. It’s also believed to have weakened encryption products so the ciphers used by commercial software could be broken. [Continue reading...]

facebooktwittermail

Revelations of NSA spying cost U.S. tech companies

a13-iconThe New York Times reports: Microsoft has lost customers, including the government of Brazil.

IBM is spending more than a billion dollars to build data centers overseas to reassure foreign customers that their information is safe from prying eyes in the United States government.

And tech companies abroad, from Europe to South America, say they are gaining customers that are shunning United States providers, suspicious because of the revelations by Edward J. Snowden that tied these providers to the National Security Agency’s vast surveillance program.

Even as Washington grapples with the diplomatic and political fallout of Mr. Snowden’s leaks, the more urgent issue, companies and analysts say, is economic. Technology executives, including Mark Zuckerberg of Facebook, raised the issue when they went to the White House on Friday for a meeting with President Obama.

It is impossible to see now the full economic ramifications of the spying disclosures — in part because most companies are locked in multiyear contracts — but the pieces are beginning to add up as businesses question the trustworthiness of American technology products. [Continue reading...]

facebooktwittermail

Inside the NSA’s secret efforts to hunt and hack system administrators

n13-iconRyan Gallagher and Peter Maass report: Across the world, people who work as system administrators keep computer networks in order – and this has turned them into unwitting targets of the National Security Agency for simply doing their jobs. According to a secret document provided by NSA whistleblower Edward Snowden, the agency tracks down the private email and Facebook accounts of system administrators (or sys admins, as they are often called), before hacking their computers to gain access to the networks they control.

The document consists of several posts – one of them is titled “I hunt sys admins” – that were published in 2012 on an internal discussion board hosted on the agency’s classified servers. They were written by an NSA official involved in the agency’s effort to break into foreign network routers, the devices that connect computer networks and transport data across the Internet. By infiltrating the computers of system administrators who work for foreign phone and Internet companies, the NSA can gain access to the calls and emails that flow over their networks.

The classified posts reveal how the NSA official aspired to create a database that would function as an international hit list of sys admins to potentially target. Yet the document makes clear that the admins are not suspected of any criminal activity – they are targeted only because they control access to networks the agency wants to infiltrate. “Who better to target than the person that already has the ‘keys to the kingdom’?” one of the posts says. [Continue reading...]

facebooktwittermail

Video: NSA Deputy Director — ‘We need to be more transparent’

n13-icon

facebooktwittermail

Intelligence Community rethinking its approach to transparency and secrecy

a13-iconSteven Aftergood writes: By leaking classified intelligence documents, Edward Snowden transformed public awareness of the scale and scope of U.S. intelligence surveillance programs. But his actions are proving to be no less consequential for national security secrecy policy.

“These leaks have forced the Intelligence Community to rethink our approach to transparency and secrecy,” said Robert S. Litt, General Counsel at the Office of the Director of National Intelligence. He spoke at a March 18 Freedom of Information Day program sponsored by the Collaboration on Government Secrecy at American University Washington College of Law.

Mr. Litt made it clear that he did not approve of the Snowden leaks, which he said were unlawful and had “seriously damaged our national security.” Yet he stressed that the leaks have also prompted a reconsideration of previously accepted patterns of secrecy.

“We have had to reassess how we strike the balance between the need to keep secret the sensitive sources, methods and targets of our intelligence activities, and the goal of transparency with the American people about the rules and policies governing those activities.” [Continue reading...]

facebooktwittermail

Sen. Ron Wyden scorches senior CIA and NSA officials and their ‘pattern of deception’

n13-iconThe Oregonian reports: U.S. Sen. Ron Wyden scorched senior CIA and NSA officials, the secret doings inside the Foreign Intelligence Surveillance Court, and a controversial section of the USA Patriot ACT on Tuesday night during a lecture in downtown Portland.

The senior senator from Oregon performed perhaps the most skillful dodge yet – by any politician – of a question nagging many Americans: is former National Security Agency contractor Edward Snowden a hero, a traitor, or something in between?

Wyden declined to comment about a case now before a criminal court (Snowden faces spy charges). But he said senior intelligence officials should have told the public that the National Security Agency had collected the phone records of millions of ordinary Americans, rather than having them learn about it through Snowden’s leaks of classified files to journalists.

“This is a debate that shouldn’t have been started this way,” said Wyden, a member of the Senate Intelligence Committee who sits in on classified briefings of national security operations.

Wyden called for more vigorous oversight of U.S. spy agencies. He called on senior intelligence officials to end what he described variously as their “pattern of deception,” “incredibly misleading statements,” and “culture of misinformation.” [Continue reading...]

facebooktwittermail

U.S. listed as enemy of the internet

a13-iconReporters Without Borders: Natalia Radzina of Charter97, a Belarusian news website whose criticism of the government is often censored, was attending an OSCE-organized conference in Vienna on the Internet and media freedom in February 2013 when she ran into someone she would rather not have seen: a member of the Operations and Analysis Centre, a Belarusian government unit that coordinates Internet surveillance and censorship. It is entities like this, little known but often at the heart of surveillance and censorship systems in many countries, that Reporters Without Borders is spotlighting in this year’s Enemies of the Internet report, which it is releasing, as usual, on World Day Against Cyber-Censorship (12 March).

Identifying government units or agencies rather than entire governments as Enemies of the Internet allows us to draw attention to the schizophrenic attitude towards online freedoms that prevails in in some countries. Three of the government bodies designated by Reporters Without Borders as Enemies of the Internet are located in democracies that have traditionally claimed to respect fundamental freedoms: the Centre for Development of Telematics in India, the Government Communications Headquarters (GCHQ) in the United Kingdom, and the National Security Agency (NSA) in the United States.

The NSA and GCHQ have spied on the communications of millions of citizens including many journalists. They have knowingly introduced security flaws into devices and software used to transmit requests on the Internet. And they have hacked into the very heart of the Internet using programmes such as the NSA’s Quantam Insert and GCHQ’s Tempora. The Internet was a collective resource that the NSA and GCHQ turned into a weapon in the service of special interests, in the process flouting freedom of information, freedom of expression and the right to privacy.

The mass surveillance methods employed in these three countries, many of them exposed by NSA whistleblower Edward Snowden, are all the more intolerable because they will be used and indeed are already being used by authoritarians countries such as Iran, China, Turkmenistan, Saudi Arabia and Bahrain to justify their own violations of freedom of information. How will so-called democratic countries will able to press for the protection of journalists if they adopt the very practices they are criticizing authoritarian regimes for? [Continue reading...]

facebooktwittermail

NSA surveillance program reaches ‘into the past’ to retrieve, replay phone calls

n13-iconThe Washington Post reports: The National Security Agency has built a surveillance system capable of recording “100 percent” of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden.

A senior manager for the program compares it to a time machine — one that can replay the voices from any call without requiring that a person be identified in advance for surveillance.

The voice interception program, called MYSTIC, began in 2009. Its RETRO tool, short for “retrospective retrieval,” and related projects reached full capacity against the first target nation in 2011. Planning documents two years later anticipated similar operations elsewhere.

In the initial deployment, collection systems are recording “every single” conversation nationwide, storing billions of them in a 30-day rolling buffer that clears the oldest calls as new ones arrive, according to a classified summary. [Continue reading...]

facebooktwittermail

Former Church Committee members see need for new group to investigate NSA

n13-iconThreatpost: In a letter sent to President Obama and members of Congress, former members and staff of the Church Committee on intelligence said that the revelations of the NSA activities have caused “a crisis of public confidence” and encouraged the formation of a new committee to undertake “significant and public reexamination of intelligence community practices”.

Although it may seem like the NSA’s activities have only recently come under public scrutiny, the agency first was dragged into the light in 1975 when reports surfaced that for decades it had had secret agreements with telegram companies to get copies of Americans’ international communications. The Church committee, formally known as the Senate Select Committee to Study Governmental Operations with Respect to Intelligence Activities, was formed to investigate the NSA’s methods and produced a report that took the agency to task for overstepping its bounds and expanding programs well beyond their initial scope.

“We have seen a consistent pattern in which programs initiated with limited goals, such as preventing criminal violence or identifying foreign spies, were expanded to what witnesses characterized as ‘vacuum cleaners,’ sweeping in information about lawful activities of American citizens. The tendency of intelligence activities to expand beyond their initial scope is a theme, which runs through every aspect of our investigative findings,” the committee’s final report said.

In the letter sent Monday to Obama and Congress, several former advisers to and members of the Church committee, including the former chief counsel, said that the current situation involving the NSA bears striking resemblances to the one in 1975 and that the scope of what the NSA is doing today is orders of magnitude larger than what was happening nearly 40 years ago.

“The need for another thorough, independent, and public congressional investigation of intelligence activity practices that affect the rights of Americans is apparent. There is a crisis of public confidence. Misleading statements by agency officials to Congress, the courts, and the public have undermined public trust in the intelligence community and in the capacity for the branches of government to provide meaningful oversight,” the letter says.

facebooktwittermail

Compare the NSA’s Facebook malware denial to its own secret documents

f13-iconRyan Gallagher writes: On Wednesday, Glenn Greenwald and I revealed new details about the National Security Agency’s efforts to radically expand its ability to hack into computers and networks across the world. The story has received a lot of attention, and one detail in particular has sparked controversy: specifically, that the NSA secretly pretended to be a fake Facebook server in order to covertly infect targets with malware “implants” used for surveillance.

This revelation apparently infuriated Facebook founder Mark Zuckerberg so much that he got on the phone to President Barack Obama to complain about it. “I’ve been so confused and frustrated by the repeated reports of the behavior of the US government,” Zuckerberg wrote in a blog post Thursday. “When our engineers work tirelessly to improve security, we imagine we’re protecting you against criminals, not our own government.”

That wasn’t all. Wired ran a piece saying that the NSA’s widespread use of its malware tools “acts as implicit permission to others, both nation-state and criminal.” Slate noted that the NSA’s hacking platform appears to be “becoming a bit more like the un-targeted dragnets everyone has been so upset about.” Meanwhile, Ars Technica wrote that the surveillance technology we exposed “poses a risk to the entire Internet.”

In response, the NSA has attempted to quell the backlash by putting out a public statement dismissing what it called “inaccurate” media reports. The agency denied that it was “impersonating U.S. social media or other websites” and said that it had not “infected millions of computers around the world with malware.” The statement follows a trend that has repeatedly been seen in the aftermath of major disclosures from documents turned over by NSA whistleblower Edward Snowden, in which the NSA or one of its implicated allies issues a carefully worded non-denial denial that on the face of it seems to refute an allegation but on closer inspection does not refute it at all. [Continue reading...]

facebooktwittermail

How the NSA plans to infect ‘millions’ of computers with malware

f13-iconRyan Gallagher and Glenn Greenwald report: Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.

The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.

The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.

In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.” [Continue reading...]

facebooktwittermail

How a shift in the FISA court secretly facilitated mass surveillance

n13-iconThe New York Times reports: Ten months after the Sept. 11 attacks, the nation’s surveillance court delivered a ruling that intelligence officials consider a milestone in the secret history of American spying and privacy law. Called the “Raw Take” order — classified docket No. 02-431 — it weakened restrictions on sharing private information about Americans, according to documents and interviews.

The administration of President George W. Bush, intent on not overlooking clues about Al Qaeda, had sought the July 22, 2002, order. It is one of several still-classified rulings by the Foreign Intelligence Surveillance Court described in documents provided by Edward J. Snowden, the former National Security Agency contractor.

Previously, with narrow exceptions, an intelligence agency was permitted to disseminate information gathered from court-approved wiretaps only after deleting irrelevant private details and masking the names of innocent Americans who came into contact with a terrorism suspect. The Raw Take order significantly changed that system, documents show, allowing counterterrorism analysts at the N.S.A., the F.B.I. and the C.I.A. to share unfiltered personal information.

The leaked documents that refer to the rulings, including one called the “Large Content FISA” order and several more recent expansions of powers on sharing information, add new details to the emerging public understanding of a secret body of law that the court has developed since 2001. The files help explain how the court evolved from its original task — approving wiretap requests — to engaging in complex analysis of the law to justify activities like the bulk collection of data about Americans’ emails and phone calls.

“These latest disclosures are important,” said Steven Aftergood, the director of the Project on Government Secrecy at the Federation of American Scientists. “They indicate how the contours of the law secretly changed, and they represent the transformation of the Foreign Intelligence Surveillance Court into an interpreter of law and not simply an adjudicator of surveillance applications.” [Continue reading...]

facebooktwittermail

Snowden told me the NSA set fire to the web. Silicon Valley needs to put it out

o13-iconChristopher Soghoian writes: “You are the firefighters,” National Security Agency whistleblower Edward Snowden told a tech savvy audience here yesterday, during my conversation with him at the SXSW festival. “The people in Austin are the ones who can protect our rights through technical standards.”

Ed’s comments were a call to arms for the tech community to protect its users from indiscriminate mass surveillance by the NSA and the insecurity it creates. Despite the talk from Washington DC regarding cybersecurity threats – and you’ll hear more of it today during a confirmation hearing for the would-be next head of the NSA – it is now clear that the NSA’s mass surveillance efforts are not meant for good. Whether it’s systematically undermining global encryption standards, hacking communications companies’ servers and data links or exploiting so-called zero-day vulnerabilities, the nation’s cyberspies are focused on attacking online privacy and weakening the security of systems that we all trust.

Forget all the government rhetoric on cybersecurity: the NSA simply isn’t here to make the Internet more secure. But that doesn’t mean the agency has to win. The global tech community can fight back, if developers ramp up efforts to build privacy and security into their products. By zeroing in on practical steps Ed and I discussed in our conversation here, we can build a more open, free and secure Internet. [Continue reading...]

facebooktwittermail

Watch: Edward Snowden at SXSW (via planet Mars)

n13-iconThe Guardian reports: Encryptions tools must be simplified and made accessible for the mainstream, Pulitzer-winning journalist Barton Gellman said on Monday, calling on the tech industry to have the courage and ingenuity to help address the disparity of power between the people and their government.

Addressing the SXSW festival shortly before Edward Snowden’s live speech by video, Gellman said we are a long way off simple, transparent encryption tools. He cited Pew research which found that 88% of Americans say they have taken steps to protect their privacy in some form.

“With all the user interface brains out there we could get easier tools,” he said. “But it’s not just the ability to encrypt, it’s a frame of mind, a workflow and a discipline that is alien to most people, and that is the opposite to the open nature of the consumer internet. You could use Tor to access a site a hundred times, but the 101st time you forget, you may as well not have used Tor.”

“There are people at this conference who have taken very considerable risk to protect the privacy of their customers and have put themselves at the edge of the door to jail and it will take courage as well as ingenuity to change the way things work.” [Continue reading...]

Note: The audio quality of Snowden’s feed renders him virtually unintelligible, but Christopher Soghoian, the American Civil Liberties Union’s principal technologist, comes through loud and clear.

facebooktwittermail

Chomsky: In times of government surveillance, whose ‘security’ is at stake?

f13-iconNoam Chomsky: A leading principle of international relations theory is that the state’s highest priority is to ensure security. As Cold War strategist George F. Kennan formulated the standard view, government is created “to assure order and justice internally and to provide for the common defense.”

The proposition seems plausible, almost self-evident, until we look more closely and ask: Security for whom? For the general population? For state power itself? For dominant domestic constituencies?

Depending on what we mean, the credibility of the proposition ranges from negligible to very high.

Security for state power is at the high extreme, as illustrated by the efforts that states exert to protect themselves from the scrutiny of their own populations.

In an interview on German TV, Edward J. Snowden said that his “breaking point” was “seeing Director of National Intelligence, James Clapper, directly lie under oath to Congress” by denying the existence of a domestic spying program conducted by the National Security Agency.

Snowden elaborated that “The public had a right to know about these programs. The public had a right to know that which the government is doing in its name, and that which the government is doing against the public.”

The same could be justly said by Daniel Ellsberg, Chelsea Manning and other courageous figures who acted on the same democratic principle.

The government stance is quite different: The public doesn’t have the right to know because security thus is undermined—severely so, as officials assert. [Continue reading...]

facebooktwittermail