Category: NSA

Jul 22 2015

Obama administration decides not to blame China publicly for OPM hack

US government officials are nearly certain that the Chinese government was involved in the theft of sensitive personal information about millions of government employees, members of the US military, and employees of government contractors requiring background checks or security clearances from the systems of the Office of Personnel Management. But according to a report by the Washington Post, the Obama administration has decided to not publicly and officially call out China for the attack—in part because it might require the administration to reveal some of the US' hacking of China to make the case, and expose other information intelligence and warfare capabilities of the National Security Agency, Department of Homeland Security, and FBI.

Ellen Nakashima, the Post's national security reporter, citied anonymous conversations with officials involved with the White House's decision-making process surrounding the OPM, and reported that the administration "has not ruled out economic sanctions or other punitive measures" for the theft of data from OPM. But US officials, including Director of National Intelligence James Clapper, have "even expressed grudging admiration for the OPM hack, saying US spy agencies would do the same against other governments," she reported.

Part of the calculus that went into the decision, one official told Nakashima, was that “we don’t see enough benefit in doing the attribution at this point to outweigh whatever loss we might [experience] in terms of intelligence-collection capabilities.” Another official said that the White House might opt to simply put sanctions in place under other justifications, and then privately communicate to the Chinese government that the sanctions were in fact in retaliation for the OPM hack.

Read 2 remaining paragraphs | Comments

Jul 01 2015

WikiLeaks: New intelligence briefs show US spied on German leader

On Wednesday, WikiLeaks published two new top-secret National Security Agency briefs that detail American and British espionage conducted against German leaders as they were discussing responses to the Greek economic crisis in 2011.

The organization also published a redacted list of 69 German government telephone numbers that were targeted for snooping. That list includes Oskar Lafontaine, who served as German finance minister from 1998 to 1999, when the German government was still based in Bonn—suggesting that this kind of spying has been going on for over 15 years at least.

As with the recent documents concerning NSA spying against France, WikiLeaks did not explain how it obtained the documents. However, it did share them with Greek, French, and German-language media, which all published them simultaneously on Wednesday evening, Europe time.

Read 9 remaining paragraphs | Comments

Jun 22 2015

US, UK Intel agencies worked to subvert antivirus tools to aid hacking

Documents from the National Security Agency and the United Kingdom's Government Communications Headquarters (GCHQ) obtained by former NSA contractor Edward Snowden reveal that the two agencies—and GCHQ in particular—targeted antivirus software developers in an attempt to subvert their tools to assure success in computer network exploitation attacks on intelligence targets. Chief among their targets was Kaspersky Labs, the Russian antivirus software company, according to a report by The Intercept's Andrew Fishman and First Look Media Director of Security Morgan Marquis-Boire.

Kaspersky has had a high profile in combatting state-sponsored malware and was central in the exposure of a secret NSA-backed hacking group that had been in operation for 14 years. More recently, it was revealed that Kaspersky had come under direct attack recently from an updated version of the Duqu malware—possibly launched by an Israeli-sponsored hacking group. The same malware was found on the networks of locations hosting negotiations over Iran's nuclear program. But the latest Snowden documents show that both the NSA and GCHQ waged a somewhat more subversive battle against Kaspersky—both by attempting to reverse-engineer the company's antivirus software and leveraging its intelligence-collection operations for their own benefit.

Kaspersky was not the only target, but the company was the one most prominently mentioned in the Snowden documents released today by The Intercept. GCQH officials mentioned Kaspersky by name in a warrant extension request "in respect of activities which involve the modification of commercial software" in June 2008, requesting authorization to reverse engineer Kaspersky's and other companies' software products to exploit them for intelligence purposes. (The original warrant had been in place since at least January of 2008.)

Read 6 remaining paragraphs | Comments

Jun 04 2015

New Snowden documents reveal secret memos expanding spying

Without public notice or debate, the Obama administration has expanded the National Security Agency's warrantless surveillance of Americans' international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents.

In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad—including traffic that flows to suspicious Internet addresses or contains malware, the documents show.

The Justice Department allowed the agency to monitor only addresses and "cybersignatures"—patterns associated with computer intrusions—that it could tie to foreign governments. But the documents also note that the NSA sought to target hackers even when it could not establish any links to foreign powers.

Read 26 remaining paragraphs | Comments