Category Archives: NSA

Yahoo exec goes mano a mano with NSA director over crypto backdoors

Echoing the concerns of many US-based technology companies have about US-led surveillance programs, Yahoo Chief Information Security Officer Alex Stamos asked the director of the National Security Agency some pointed questions concerning proposed or existing backdoors placed in encryption technologies. The responses from NSA director Adm. Mike Rogers only underscored the growing divide.

The frank exchange occurred Monday at the Cybersecurity for a New America conference in Washington DC. It came 17 months after materials leaked by former NSA subcontractor Edward Snowden documented NSA-engineered backdoors were built into widely used cryptography technologies so that government agents could decrypt communications. Critics have since warned that the policy could backfire on US citizens, since backdoors can be exploited by governments of a variety of counties. Rogers clearly disagreed, but his denials were notable for a lack of technical detail.

What follows is an excerpt of the exchange, as first provided by website Just Security:

Read on Ars Technica | Comments

Password cracking experts decipher elusive Equation Group crypto hash

Unraveling a mystery that eluded the researchers analyzing the highly advanced Equation Group the world learned about Monday, password crackers have deciphered a cryptographic hash buried in one of the hacking crew's exploits. It's Arabic for "unregistered."

Researchers for Moscow-based Kaspersky Lab spent more than two weeks trying to crack the MD5 hash using a computer that tried more than 300 billion plaintext guesses every second. After coming up empty-handed, they enlisted the help of password-cracking experts, both privately and on Twitter in hopes they would do better. Password crackers Jens Steube and Philipp Schmidt spent only a few hours before figuring out the plaintext behind the hash e6d290a03b70cfa5d4451da444bdea39 was غير مسجل, which is Arabic for "unregistered". The hex-encoded string for the same Arabic word is dbedd120e3d3cce1.

"That was a shock when it popped up and said 'cracked,'" Steube told Ars Monday evening. He is the developer behind the free Hashcat password-cracking programs and an expert in password cracking.

Read 6 remaining paragraphs | Comments

How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last

CANCUN, Mexico — In 2009, one or more prestigious researchers received a CD by mail that contained pictures and other materials from a recent scientific conference they attended in Houston. The scientists didn't know it then, but the disc also delivered a malicious payload developed by a highly advanced hacking operation that had been active since at least 2001. The CD, it seems, was tampered with on its way through the mail.

It wasn't the first time the operators—dubbed the "Equation Group" by researchers from Moscow-based Kaspersky Lab—had secretly intercepted a package in transit, booby-trapped its contents, and sent it to its intended destination. In 2002 or 2003, Equation Group members did something similar with an Oracle database installation CD in order to infect a different target with malware from the group's extensive library. (Kaspersky settled on the name Equation Group because of members' strong affinity for encryption algorithms, advanced obfuscation methods, and sophisticated techniques.)

Kaspersky researchers have documented 500 infections by Equation Group in at least 42 countries, with Iran, Russia, Pakistan, Afghanistan, India, Syria, and Mali topping the list. Because of a self-destruct mechanism built into the malware, the researchers suspect that this is just a tiny percentage of the total; the actual number of victims likely reaches into the tens of thousands.

Read 52 remaining paragraphs | Comments

No one knows what happened to NSA staffers who snooped on their lovers

Turns out, not even the head of the Senate Judiciary Committee can figure out what’s happened to the National Security Agency (NSA) staffers who were involved in the LOVEINT spying scandal.

Back in August 2013, the Wall Street Journal introduced the world to an internal term that NSA analysts have come up with to describe the act of spying on one’s ex-partner: LOVEINT. The word is reminiscent of existing spycraft parlance like HUMINT (human intelligence) or SIGINT (signals intelligence). (LOVEINT also spawned endless Twitter jokes.)

In a letter sent Monday to the attorney general, Sen. Chuck Grassley (R-Iowa) described how he initially asked the Department of Justice (DOJ) to explain what it was doing to address the 12 publicly-known instances of this inappropriate use of NSA surveillance capability. However, the DOJ has stayed mum.

Read 4 remaining paragraphs | Comments

NSA secretly hijacked existing malware to spy on N. Korea, others

A new wave of documents from Edward Snowden's cache of National Security Agency data published by Der Spiegel demonstrate how the agency has used its network exploitation capabilities both to defend military networks from attack and to co-opt other organizations' hacks for intelligence collection and other purposes. In one case, the NSA secretly tapped into South Korean network espionage on North Korean networks to gather intelligence.

The documents were published as part of an analysis by Jacob Appelbaum and others working for Der Speigel of how the NSA has developed an offensive cyberwarfare capability over the past decade. According to a report by the New York Times, the access the NSA gained into North Korea's networks—which initially leveraged South Korean "implants" on North Korean systems, but eventually consisted of the NSA's own malware—played a role in attributing the attack on Sony Pictures to North Korean state-sponsored actors.

Included with the documents released by Der Spiegel are details on how the NSA built up its Remote Operations Center to carry out "Tailored Access Operations" on a variety of targets, while also building the capability to do permanent damage to adversaries' information systems, including internal NSA newsletter interviews and training materials. Also included was a malware sample for a keylogger, apparently developed for by NSA and possibly other members of the "Five Eyes" intelligence community, was also included in the dump. The code appears to be from the Five Eyes joint program "Warriorpride," a set of tools shared by the NSA, the United Kingdom's GCHQ, The Australian Signals Directorate, Canada's Communications Security Establishment, and New Zealand's Government Communications Security Bureau.

Read 8 remaining paragraphs | Comments

NSA has VPNs in Vulcan death grip—no, really, that’s what they call it

The National Security Agency’s Office of Target Pursuit (OTP) maintains a team of engineers dedicated to cracking the encrypted traffic of virtual private networks (VPNs) and has developed tools that could potentially uncloak the traffic in the majority of VPNs used to secure traffic passing over the Internet today, according to documents published this week by the German news magazine Der Speigel. A slide deck from a presentation by a member of OTP’s VPN Exploitation Team, dated September 13, 2010, details the process the NSA used at that time to attack VPNs—including tools with names drawn from Star Trek and other bits of popular culture.

OTP’s VPN exploit team had members assigned to branches focused on specific regional teams, as well as a “Cross-Target Support Branch” and a custom development team for building specialized VPN exploits. At the regional level, the VPN team representatives acted as liaisons to analysts, providing information on new VPN attacks and gathering requirements for specific targets to be used in developing new ones.

While some VPN technologies—specifically, those based on the Point-to-Point Protocol (PPTP)—have previously been identified as being vulnerable because of the way they exchange keys at the beginning of a VPN session, others have generally been assumed to be safer from scrutiny. But in 2010, the NSA had already developed tools to attack the most commonly used VPN encryption schemes: Secure Shell (SSH), Internet Protocol Security (IPSec), and Secure Socket Layer (SSL) encryption.

Read 6 remaining paragraphs | Comments

Copyright © 2015. Powered by WordPress & Romangie Theme.