Category: NSA

Jul 01 2015

WikiLeaks: New intelligence briefs show US spied on German leader

On Wednesday, WikiLeaks published two new top-secret National Security Agency briefs that detail American and British espionage conducted against German leaders as they were discussing responses to the Greek economic crisis in 2011.

The organization also published a redacted list of 69 German government telephone numbers that were targeted for snooping. That list includes Oskar Lafontaine, who served as German finance minister from 1998 to 1999, when the German government was still based in Bonn—suggesting that this kind of spying has been going on for over 15 years at least.

As with the recent documents concerning NSA spying against France, WikiLeaks did not explain how it obtained the documents. However, it did share them with Greek, French, and German-language media, which all published them simultaneously on Wednesday evening, Europe time.

Read 9 remaining paragraphs | Comments

Jun 22 2015

US, UK Intel agencies worked to subvert antivirus tools to aid hacking

Documents from the National Security Agency and the United Kingdom's Government Communications Headquarters (GCHQ) obtained by former NSA contractor Edward Snowden reveal that the two agencies—and GCHQ in particular—targeted antivirus software developers in an attempt to subvert their tools to assure success in computer network exploitation attacks on intelligence targets. Chief among their targets was Kaspersky Labs, the Russian antivirus software company, according to a report by The Intercept's Andrew Fishman and First Look Media Director of Security Morgan Marquis-Boire.

Kaspersky has had a high profile in combatting state-sponsored malware and was central in the exposure of a secret NSA-backed hacking group that had been in operation for 14 years. More recently, it was revealed that Kaspersky had come under direct attack recently from an updated version of the Duqu malware—possibly launched by an Israeli-sponsored hacking group. The same malware was found on the networks of locations hosting negotiations over Iran's nuclear program. But the latest Snowden documents show that both the NSA and GCHQ waged a somewhat more subversive battle against Kaspersky—both by attempting to reverse-engineer the company's antivirus software and leveraging its intelligence-collection operations for their own benefit.

Kaspersky was not the only target, but the company was the one most prominently mentioned in the Snowden documents released today by The Intercept. GCQH officials mentioned Kaspersky by name in a warrant extension request "in respect of activities which involve the modification of commercial software" in June 2008, requesting authorization to reverse engineer Kaspersky's and other companies' software products to exploit them for intelligence purposes. (The original warrant had been in place since at least January of 2008.)

Read 6 remaining paragraphs | Comments

Jun 04 2015

New Snowden documents reveal secret memos expanding spying

Without public notice or debate, the Obama administration has expanded the National Security Agency's warrantless surveillance of Americans' international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents.

In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad—including traffic that flows to suspicious Internet addresses or contains malware, the documents show.

The Justice Department allowed the agency to monitor only addresses and "cybersignatures"—patterns associated with computer intrusions—that it could tie to foreign governments. But the documents also note that the NSA sought to target hackers even when it could not establish any links to foreign powers.

Read 26 remaining paragraphs | Comments

Feb 23 2015

Yahoo exec goes mano a mano with NSA director over crypto backdoors

Echoing the concerns of many US-based technology companies have about US-led surveillance programs, Yahoo Chief Information Security Officer Alex Stamos asked the director of the National Security Agency some pointed questions concerning proposed or existing backdoors placed in encryption technologies. The responses from NSA director Adm. Mike Rogers only underscored the growing divide.

The frank exchange occurred Monday at the Cybersecurity for a New America conference in Washington DC. It came 17 months after materials leaked by former NSA subcontractor Edward Snowden documented NSA-engineered backdoors were built into widely used cryptography technologies so that government agents could decrypt communications. Critics have since warned that the policy could backfire on US citizens, since backdoors can be exploited by governments of a variety of counties. Rogers clearly disagreed, but his denials were notable for a lack of technical detail.

What follows is an excerpt of the exchange, as first provided by website Just Security:

Read on Ars Technica | Comments