Edward Snowden and wife share photos of newborn son amid push for Trump to pardon NSA leaker – Washington Times

Edward J. Snowden and his wife, Lindsay Mills, announced the birth of their first child Friday amid a push for President Trump to pardon the fugitive leaker of crimes keeping him from returning to the U.S.

The couple, who have resided in Russia for the last several years, shared photos on social media showing them holding their newborn child.

Happy Holidays from our newly expanded family, Ms. Mills said on Instagram where she posted the photos. The greatest gift is the love we share, Mr. Snowden added on Twitter where he shared one of them.

Mr. Snowden, a former CIA employee and National Security Agency contractor, admittedly leaked a trove of classified documents to the media in 2013 exposing the NSAs vast operations and capabilities.

The Department of Justice under former President Barack Obama accordingly charged Mr. Snowden with stealing and violating the U.S. Espionage Act, putting him at risk of serving up to 30 years in prison.

However, Mr. Snowden has successfully avoided the long arm of the law during the last 7.5 years as a result of residing in Russia, which does not have an extradition agreement with the U.S. government.

Mr. Snowden said while his wife was expecting that they were both applying for dual citizenship to avoid the possibility of being legally separated from their son, a Russian citizen by birth.

After years of separation from our parents, my wife and I have no desire to be separated from our son. Thats why, in this era of pandemics and closed borders, were applying for dual US-Russian citizenship, Mr. Snowden said last month on Twitter.

Anatoly Kucherena, a lawyer for Mr. Snowden, said on Saturday that both Ms. Mills and her newborn son are in excellent health, Russias Interfax news agency reported over the weekend.

Mr. Snowden, 37, has previously said he will return to the U.S. if given a trial he deems fair, although some of his defenders are now pushing the president to have the case against him dropped entirely.

Sen. Rand Paul of Kentucky and Rep. Matt Gaetz of Florida, both Republicans closely allied with Mr. Trump, each advocated recently for Mr. Trump to pardon Mr. Snowden before his presidency ends.

Mr. Trump, who called Mr. Snowden a traitor prior to becoming president, said in August that he was considering granting him a pardon. He has since pardoned dozens of others.

Read the original post:

Edward Snowden and wife share photos of newborn son amid push for Trump to pardon NSA leaker - Washington Times

Posted in NSA

NSA Year in Review: Election Security, Cybersecurity, and More – HSToday

The pandemic affected everyone this year, but our mission didnt slow down. As our Director, GEN Paul Nakasone said, we are one team, and each of us contributes our unique expertise to a mission that is all the more critical in times of crisis.

Throughout 2020, our workforce contributed our expertise in many ways:

NSA worked to secure our elections

The security of the2020 Presidential electionwas NSAs top priority in 2020. We were part of the Whole-of-Government effort to identify and counter foreign interference and malign influence threats to the 2020 U.S. elections. NSA generated vital insights and shared them with partner agencies like U.S. Cyber Command, the Department of Homeland Security and the Federal Bureau of Investigation.Our efforts strived to assure all audiences, and most importantly, the American public, that NSA, USCYBERCOM, and other U.S. government partners together protected the U.S. elections from foreign interference and influence campaigns.

NSA shared cybersecurity guidance and advisories

MarylandGovernor Hoganrecognized our cybersecurity expertise to keepCOVID-19 research protectedas part of the U.S. Government-wide Operation Warp Speed (OWS). In addition to our support to OWS, as the pandemic shifted the workplace to home, NSA helped teleworkerswork from home safely,secure their home office, and evenlimit their mobile device exposurethanks to guidance developed by our Cybersecurity mission.

NSA continued our steady provision ofcybersecurity advicefor the Department of Defense, National Security Systems and the Defense Industrial Base. These specificadvisories and guidancealso helped system administrators and other cyber specialists across the cybersecurity field by providing information that was timely, relevant, and actionable throughout the year.

NSA drove innovative solutions

While the world faced new challenges this year, we didnt stop creating solutions. We contributed to the evolution of5G, were involved in how to keep theInternet of Thingssecure, planned for the future of national security when applyingquantumcomputing, we developed aQuBIT Collaboratory, and stood up theCenter for Cybersecurity Standards.

NSA invested in our nations future

We look forward to starting the New Year and the future looks bright, thanks to our investments in the future. TheOnRamp II programprovides the scholarships for students who will be developing the newest solutions to keep our nation safe. NSA worked in partnership with the DoD Office of Small Business Programs and created theCybersecurity Education Diversity Initiativeto assist minority serving institutions. This allows Historically Black Colleges and Universities with no existing cybersecurity program to obtain access to and educational resources from designated National Centers of Academic Excellence in Cybersecurity Institutions. We were pleased to announce that theU.S. Naval Academyreceived its designation as an NSA Center of Academic Excellence in Cyber Operations to develop new cyber warriors.

NSA personnel recognized for excellence

While many NSA personnel serve in silence, several of our staff and former personnel were publicly recognized this year for their dedication to our nations security. Former NSA Executive DirectorHarry Cokerwas recognized by the Intelligence Community for his commitment to improving diversity, equality, and inclusion.MSgt Frances Dupris,Dr. Ahmad Ridley,LaNaia JonesandJanelle Romanowere recognized for showing the importance of STEM education and career development. OurTech Transfer Teamwas recognized by the DoD for creating an efficient process for releasing NSA-developed capabilities to the open-source software community.

For more details on our efforts to protect our nation and secure our future, check out our Twitter,@NSAGov, throughout the month.

Read more at NSA

(Visited 97 times, 7 visits today)

Visit link:

NSA Year in Review: Election Security, Cybersecurity, and More - HSToday

Posted in NSA

No, the United States Does Not Spend Too Much on Cyber Offense – Council on Foreign Relations

In the wake of the SolarWinds incident, critics have pointed to budget and personnel imbalances between offensive and defensive missions. As Alex Stamos pointed out in the Washington Post, the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security has only 2,200 employees for a mission that includes protecting all sixteen critical infrastructure sectors and all federal agencies while the National Security Agency (NSA) alone has more than 40,000 employees. The Department of Defenses (DOD) Cyber Command has over 12,000 personnel, including 6,000 military members.

While total spending on cyber missions at NSA is classified, what is known about federal spending suggests priorities skewed toward offense. As Jason Healey pointed out last spring, the DODs cybersecurity budget is significantly larger than the cybersecurity budgets of all civilian components combined. The federal government spends more than half a billion dollars per year on the headquarters elements of Cyber Command alone and only $400 million on cyber diplomacy at the State department. All of CISAs budget adds up to about half of what DOD spends on just offensive cyber operations.

More on:

Cybersecurity

U.S. Department of Defense

Homeland Security

Defense and Security

The SolarWinds disaster clearly indicates that CISA and federal agencies will need more money in order to develop the capabilities necessary to detect and contain adversaries as capable as Russias Foreign Intelligence Service. Additional funds are also badly needed to scale out efforts to coordinate with the private sector, fund research that the market will not support, and bolster the security of critical infrastructure. That funding, however, should not come out of the current budgets or future budget growth on the offensive side of the equation.

Net Politics

CFR experts investigate the impact of information and communication technologies on security, privacy, and international affairs.2-4 times weekly.

Since cybersecurity first became an issue of national import, cyber policy has been predicated on the idea of a public-private partnership, a term that is now nauseating to much of the community. Yet the phrase captures the reality that the federal government, unlike in other domains, does not assume ultimate responsibility for the security of systems it does not own or operate, including critical infrastructure. In terms of dollars and cents, what this means is that total spending on U.S. cybersecurity is actually heavily skewed toward defense not offense because all the cybersecurity spending in the private sector goes in the defense column.

Alongside DHSs 2,200 employees at CISA, the 6,000 cyber warriors in the Defense Department suggest an imbalance towards offense over defense until you recognize that only about 2,000 of these 6,000 are in units that carry out offensive cyber missions and these 2,000 people are the only people in the United States that are authorized to carry out offensive cyber operations. Even the NSAs 40,000 employees, only a fraction of which are focused on intelligence collection against adversary cyber operators, pale alongside the total cybersecurity workforce estimated at 750,000.

While estimates of total private sector spending in the United States range from $40 billion to $120 billion, even the lower end of that range is more than ten times the Pentagons budget for cyber operations and four times what data leaked from the Snowden disclosures suggested was the NSA's budget. Microsoft alone says that it spends $1 billion a year on cybersecurity, and JP Morgan also spends close to that amount.

No doubt CISA needs to grow several times over to carry out its mission, and other civilian agencies will need a large influx of funds to secure themselves, but relative percentages between defense and offense in the federal budget could look largely the same.

More on:

Cybersecurity

U.S. Department of Defense

Homeland Security

Defense and Security

Digital and Cyberspace Update

Digital and Cyberspace Policy program updates on cybersecurity, digital trade, internet governance, and online privacy.Bimonthly.

While the defense clearly failed, it is becoming increasingly clear that the intelligence community either failed to detect this campaign or lacked the ability to understand and communicate what they saw. Its also possible that the NSA supplied indications and warnings of the campaign to Cyber Command but offensive operators were spread too thin to engage and disrupt the activity. Either way, more spending, not less on offense, could be in the cards.

Here is the original post:

No, the United States Does Not Spend Too Much on Cyber Offense - Council on Foreign Relations

Posted in NSA

The US has suffered a massive cyberbreach. It’s hard to overstate how bad it is – The Guardian

Recent news articles have all been talking about the massive Russian cyber-attack against the United States, but thats wrong on two accounts. It wasnt a cyber-attack in international relations terms, it was espionage. And the victim wasnt just the US, it was the entire world. But it was massive, and it is dangerous.

Espionage is internationally allowed in peacetime. The problem is that both espionage and cyber-attacks require the same computer and network intrusions, and the difference is only a few keystrokes. And since this Russian operation isnt at all targeted, the entire world is at risk and not just from Russia. Many countries carry out these sorts of operations, none more extensively than the US. The solution is to prioritize security and defense over espionage and attack.

Heres what we know: Orion is a network management product from a company named SolarWinds, with over 300,000 customers worldwide. Sometime before March, hackers working for the Russian SVR previously known as the KGB hacked into SolarWinds and slipped a backdoor into an Orion software update. (We dont know how, but last year the companys update server was protected by the password solarwinds123 something that speaks to a lack of security culture.) Users who downloaded and installed that corrupted update between March and June unwittingly gave SVR hackers access to their networks.

This is called a supply-chain attack, because it targets a supplier to an organization rather than an organization itself and can affect all of a suppliers customers. Its an increasingly common way to attack networks. Other examples of this sort of attack include fake apps in the Google Play store, and hacked replacement screens for your smartphone.

SolarWinds has removed its customers list from its website, but the Internet Archive saved it: all five branches of the US military, the state department, the White House, the NSA, 425 of the Fortune 500 companies, all five of the top five accounting firms, and hundreds of universities and colleges. In an SEC filing, SolarWinds said that it believes fewer than 18,000 of those customers installed this malicious update, another way of saying that more than 17,000 did.

Thats a lot of vulnerable networks, and its inconceivable that the SVR penetrated them all. Instead, it chose carefully from its cornucopia of targets. Microsofts analysis identified 40 customers who were infiltrated using this vulnerability. The great majority of those were in the US, but networks in Canada, Mexico, Belgium, Spain, the UK, Israel and the UAE were also targeted. This list includes governments, government contractors, IT companies, thinktanks, and NGOs and it will certainly grow.

Once inside a network, SVR hackers followed a standard playbook: establish persistent access that will remain even if the initial vulnerability is fixed; move laterally around the network by compromising additional systems and accounts; and then exfiltrate data. Not being a SolarWinds customer is no guarantee of security; this SVR operation used other initial infection vectors and techniques as well. These are sophisticated and patient hackers, and were only just learning some of the techniques involved here.

Recovering from this attack isnt easy. Because any SVR hackers would establish persistent access, the only way to ensure that your network isnt compromised is to burn it to the ground and rebuild it, similar to reinstalling your computers operating system to recover from a bad hack. This is how a lot of sysadmins are going to spend their Christmas holiday, and even then they cant be sure. There are many ways to establish persistent access that survive rebuilding individual computers and networks. We know, for example, of an NSA exploit that remains on a hard drive even after it is reformatted. Code for that exploit was part of the Equation Group tools that the Shadow Brokers again believed to be Russia stole from the NSA and published in 2016. The SVR probably has the same kinds of tools.

Even without that caveat, many network administrators wont go through the long, painful, and potentially expensive rebuilding process. Theyll just hope for the best.

Its hard to overstate how bad this is. We are still learning about US government organizations breached: the state department, the treasury department, homeland security, the Los Alamos and Sandia National Laboratories (where nuclear weapons are developed), the National Nuclear Security Administration, the National Institutes of Health, and many more. At this point, theres no indication that any classified networks were penetrated, although that could change easily. It will take years to learn which networks the SVR has penetrated, and where it still has access. Much of that will probably be classified, which means that we, the public, will never know.

And now that the Orion vulnerability is public, other governments and cybercriminals will use it to penetrate vulnerable networks. I can guarantee you that the NSA is using the SVRs hack to infiltrate other networks; why would they not? (Do any Russian organizations use Orion? Probably.)

While this is a security failure of enormous proportions, it is not, as Senator Richard Durban said, virtually a declaration of war by Russia on the United States While President-elect Biden said he will make this a top priority, its unlikely that he will do much to retaliate.

The reason is that, by international norms, Russia did nothing wrong. This is the normal state of affairs. Countries spy on each other all the time. There are no rules or even norms, and its basically buyer beware. The US regularly fails to retaliate against espionage operations such as Chinas hack of the Office of Personal Management (OPM) and previous Russian hacks because we do it, too. Speaking of the OPM hack, the then director of national intelligence, James Clapper, said: You have to kind of salute the Chinese for what they did. If we had the opportunity to do that, I dont think wed hesitate for a minute.

We dont, and Im sure NSA employees are grudgingly impressed with the SVR. The US has by far the most extensive and aggressive intelligence operation in the world. The NSAs budget is the largest of any intelligence agency. It aggressively leverages the USs position controlling most of the internet backbone and most of the major internet companies. Edward Snowden disclosed many targets of its efforts around 2014, which then included 193 countries, the World Bank, the IMF and the International Atomic Energy Agency. We are undoubtedly running an offensive operation on the scale of this SVR operation right now, and itll probably never be made public. In 2016, President Obama boasted that we have more capacity than anybody both offensively and defensively.

He may have been too optimistic about our defensive capability. The US prioritizes and spends many times more on offense than on defensive cybersecurity. In recent years, the NSA has adopted a strategy of persistent engagement, sometimes called defending forward. The idea is that instead of passively waiting for the enemy to attack our networks and infrastructure, we go on the offensive and disrupt attacks before they get to us. This strategy was credited with foiling a plot by the Russian Internet Research Agency to disrupt the 2018 elections.

But if persistent engagement is so effective, how could it have missed this massive SVR operation? It seems that pretty much the entire US government was unknowingly sending information back to Moscow. If we had been watching everything the Russians were doing, we would have seen some evidence of this. The Russians success under the watchful eye of the NSA and US Cyber Command shows that this is a failed approach.

And how did US defensive capability miss this? The only reason we know about this breach is because, earlier this month, the security company FireEye discovered that it had been hacked. During its own audit of its network, it uncovered the Orion vulnerability and alerted the US government. Why dont organizations like the departments of state, treasury and homeland security regularly conduct that level of audit on their own systems? The governments intrusion detection system, Einstein 3, failed here because it doesnt detect new sophisticated attacks a deficiency pointed out in 2018 but never fixed. We shouldnt have to rely on a private cybersecurity company to alert us of a major nation-state attack.

If anything, the USs prioritization of offense over defense makes us less safe. In the interests of surveillance, the NSA has pushed for an insecure cellphone encryption standard and a backdoor in random number generators (important for secure encryption). The DoJ has never relented in its insistence that the worlds popular encryption systems be made insecure through back doors another hot point where attack and defense are in conflict. In other words, we allow for insecure standards and systems, because we can use them to spy on others.

We need to adopt a defense-dominant strategy. As computers and the internet become increasingly essential to society, cyber-attacks are likely to be the precursor to actual war. We are simply too vulnerable when we prioritize offense, even if we have to give up the advantage of using those insecurities to spy on others.

Our vulnerability is magnified as eavesdropping may bleed into a direct attack. The SVRs access allows them not only to eavesdrop, but also to modify data, degrade network performance, or erase entire networks. The first might be normal spying, but the second certainly could be considered an act of war. Russia is almost certainly laying the groundwork for future attack.

This preparation would not be unprecedented. Theres a lot of attack going on in the world. In 2010, the US and Israel attacked the Iranian nuclear program. In 2012, Iran attacked the Saudi national oil company. North Korea attacked Sony in 2014. Russia attacked the Ukrainian power grid in 2015 and 2016. Russia is hacking the US power grid, and the US is hacking Russias power grid just in case the capability is needed someday. All of these attacks began as a spying operation. Security vulnerabilities have real-world consequences.

Were not going to be able to secure our networks and systems in this no-rules, free-for-all every-network-for-itself world. The US needs to willingly give up part of its offensive advantage in cyberspace in exchange for a vastly more secure global cyberspace. We need to invest in securing the worlds supply chains from this type of attack, and to press for international norms and agreements prioritizing cybersecurity, like the 2018 Paris Call for Trust and Security in Cyberspace or the Global Commission on the Stability of Cyberspace. Hardening widely used software like Orion (or the core internet protocols) helps everyone. We need to dampen this offensive arms race rather than exacerbate it, and work towards cyber peace. Otherwise, hypocritically criticizing the Russians for doing the same thing we do every day wont help create the safer world in which we all want to live.

Read the original here:

The US has suffered a massive cyberbreach. It's hard to overstate how bad it is - The Guardian

Posted in NSA

How A Cybersecurity Firm Uncovered The Massive Computer Hack – NPR

Kevin Mandia, CEO of the cybersecurity firm FireEye, testifies before the Senate Intelligence Committee in 2017. Mandia's company was the first to sound the alarm about the massive hack of government agencies and private companies on Dec. 8. Susan Walsh/AP hide caption

Kevin Mandia, CEO of the cybersecurity firm FireEye, testifies before the Senate Intelligence Committee in 2017. Mandia's company was the first to sound the alarm about the massive hack of government agencies and private companies on Dec. 8.

The first word that hackers had carried out a highly sophisticated intrusion into U.S. computer networks came on Dec. 8, when the cybersecurity firm FireEye announced it had been breached and some of its most valuable tools had been stolen.

"We escalated very quickly from the moment I got the first briefing that, 'Hey, we have a security incident of some magnitude,' " FireEye CEO Kevin Mandia told All Things Considered co-host Mary Louise Kelly. "My gut was telling me it was something we needed to put people on right away."

Mandia was right. Within days, the scope of the hack began to emerge.

Multiple U.S. agencies were successfully targeted, including the departments of State, Treasury, Commerce, Energy and Homeland Security as well as the National Institutes of Health.

The hackers attached their malware to a software update from Austin, Texas-based company SolarWinds, which makes software used by many federal agencies and thousands of private companies to monitor their computer networks.

The SVR, Russia's foreign intelligence agency, is considered the most likely culprit, according to Secretary of State Mike Pompeo and some members of Congress who have been briefed by the U.S. intelligence community. But the Trump administration has not formally attributed blame.

"What I've seen is 2020 has been about the hardest year, period, to be an information security officer," Mandia said. "It's time this nation comes up with some doctrine on what we expect nations' rules of engagement to be, and what will our policy, or proportional response, be to folks who violate that doctrine. Because right now there's absolutely an escalation in cyberspace."

Here are excerpts from Mandia's interview:

What was that moment like when you're figuring out it's your cybersecurity company that has been hacked?

If you wrote down the reasons why another nation might want to compromise FireEye, you can come up with some reasons. What we do is we track attackers and quite frankly, we out them. We try to figure out here's their fingerprints, let's share those fingerprints with everybody so they can't get away with what they're doing.

[Early on] there was enough operational security by the attacker that I knew it was professional. This wasn't the first rodeo for these attackers. In fact, they followed a tradecraft that the more I learned, the more this was a unit that's been operational for a decade or more. They knew what they were doing, they had novel techniques. So we knew we would have to do the full-court press on our investigation. And we did.

Who is behind this attack?

For me, it's definitely a nation. In regards to the supply chain compromise at SolarWinds, they did an innocuous addition of code in October 2019 inside the supply chain, saw that it was provisioned and deployed so they knew that their techniques on offense to hack the supply chain were efficient and effective. They went live with actual malicious code inside of the SolarWinds in March through June of this year.

So this is somebody who is patient, professional, and what made this interesting to me is I felt they were more interested in staying surreptitious and clandestine than they were about accomplishing their mission.

What nations have this kind of capability?

Not a lot. It's very consistent with what Russia could do. There might be a group out of China that might be able to do it. And that's probably it.

Is there any signature to this attack that would be consistent with other hacks you've seen?

There's probably about six to eight technical details that made me realize this is a nation, and most likely a foreign intelligence service doing this breach. One of them is this: They used an infrastructure to attack FireEye. The IP addresses or systems they use to attack FireEye were not used in any other incident we're aware of.

In other words, the attackers set up an infrastructure to attack FireEye that was wholly unique to attacking FireEye. That takes a lot of maintenance. That takes a lot of coordination. That's an operation not just a hack. Most threat groups, when they attack, will use shared infrastructure to attack many companies. This group does not do that. That in and of itself made me realize it was an operation.

What should we take from the fact that it was FireEye, a private cybersecurity firm, that alerted the U.S. government and not the other way around?

We're all in this together, period. And there's different visibility at different places. When the attacks were happening against FireEye, all the IP addresses used to attack us [were] all inside the United States. And I'm pretty aware that the [National Security Agency] does not do collections within the United States. So we were the ones, kind of on our own, to be able to see this and detect it.

So you're saying you were able to see things that the NSA, despite all of its vast resources, have firewalls against being able to see, domestically?

Well, I wouldn't call it firewalls necessarily. It's just legal remit. You know, when you look at what these attackers do, they're attacking U.S. companies from the United States. That doesn't necessarily mean the attackers are sitting in the United States but the infrastructure they're setting up to attack companies like FireEye are all in the United States. So the malicious intent may not be visible outside the United States and may only be visible inside.

We have thousands and thousands of computers that we inspected for evidence that they were compromised, and we couldn't get anything earlier in the time frame than a SolarWinds system. We sat there looking at the SolarWinds system saying, "We can't find anything bad on it right now, but it's our earliest evidence of compromise. Something's wrong."

So we then had to turn it over to our reverse engineers. This is something most companies can't do. We went through 14 gig of information, over 18,000 files in the update that we got from SolarWinds, over 4,000 executable files. We decompiled them into millions of lines. And then with real malware analysts, we found the needle in the haystack.

Do we know whether the NSA itself was hacked?

I don't have any idea.

So what now? There's a statement from the FBI and the director of national intelligence and the cybersecurity arm of Homeland Security that says this breach is ongoing.

I think as folks are being notified or learning that they're compromised, they're going to have a lot of work to do. All these organizations are both going to have to investigate what happened and figure out the scale and scope of it, and then they're going to have to eradicate the attackers from their network if they're still active.

Even if they're not active, you're going to flex your muscle a little bit to do a lot of remediation. That's going to take months.

But one thing that's definitely clear to me: The attackers have no idea what is the envelope of behavior, what are the rules of engagement.

We're a nation losing billions of dollars to ransomware. And we are a nation that just had potentially one of the most successful cyberespionage campaigns ever done on it.

Read the original post:

How A Cybersecurity Firm Uncovered The Massive Computer Hack - NPR

Posted in NSA

Satoshi Nakamoto from NSA, AntiChrist and Other Bitcoin Conspiracy Theories – Cryptonews

Source: Adobe/afxhome

The most popular cryptocurrency, Bitcoin (BTC), is filled with conspiracy theories, ranging from the plausible to the downright absurd.

Lets take a quick look at the most common Bitcoin conspiracy theories for a good laugh or - if you choose to believe them - a peek down the rabbit hole.

On Wednesday, June 20, 2018, a new block was mined on the Bitcoin blockchain. It was a typical block, except that its hash was 00000000000000000021e800c1e8df51b22c1588e5a624bea17e9faa34b2dc4a.

It caused a massive uproar among the community, with Twitter and Reddit awash with speculations concerning the origins and meaning of the number.

The reason for the excitement around this particular block hash, something many within the community are already familiar with, is a number. First, upon a cursory glance, the number of zeros at the beginning of the block hash was similar to the ones in the block hash of the Genesis Block, or the first block of Bitcoin ever mined.

Given the lengths supposedly undertaken by the pseudonymous creator of BTC, Satoshi Nakamoto, to achieve that hash in the Genesis Block, some believe it to be meaningful. Additionally, it was pointed out that it is highly improbable for the June 2018 hash to be generated at random.

Secondly, the number that came after the first zeros was 21e8. This number is an important one in physics because it refers to the E8 Theory, which is an attempt to describe all known fundamental interactions in physics and to stand as a possible theory of everything.

Possible explanations for the event ranged from a simple chance to AI or Nakamotos resurgence and even time travel.

Possibly, the biggest mystery (together with when moon?) in the Bitcoin world is its creator Satoshi Nakamoto. It is assumed this was either a person or a group of people working in concert to create the worlds first decentralized digital currency. The people listed as possible Nakamoto candidates reads like the whos who of the cypherpunk movement, such as Hal Finney, Adam Back, and Nick Szabo, computer scientist, legal scholar, and cryptographer known for his research in cryptocurrency.

Meanwhile, Finey, who died in 2014, was the first-ever recipient of a BTC transaction sent from Satoshi. Also, he was identified as a possible Nakamoto ghostwriter by Newsweek and the New Yorker. In fact, shortly before his death, Forbes wrote about the fact that Finney, a cryptography pioneer, had a neighbor named Nakamoto.

Also, Adam Back, CEO of major blockchain technology firm Blockstream, was one of the first two people to receive an email from Satoshi, and he was also cited in the Bitcoin white paper.

Another computer scientist, Craig S. Wright has infamously claimed to be Nakamoto but has never been able to prove it.

Given the complexity of Bitcoin and the deep understanding of economics showcased by Nakamoto, many are of the opinion that Nakamoto was actually a group of people. Many contend that it is improbable that one person could be so well versed in many different areas of scholarship to create a technological tool so robust that it continues to stand the test of time today.

The etymology of Satoshi Nakamoto corresponds to knowledge or enlightenment and the middle or center. The vague nature of the words can mean one of two things, either awoken by being at the source or central intelligence. The latter is a much-speculated theory, that the US National Security Agency (NSA) (or some other government intelligence operation) created the cryptocurrency.

The most quoted evidence backing this theory is the fact that Bitcoin employs a common cryptography tool to create its public and private keys. The theory is that this in itself could provide the NSA with a back door to the Bitcoin blockchain.

Another reason cited by pundits of this theory is the fact that social media threads, on sites like Reddit, which question the NSA/Bitcoin connection are deleted. Finally, even Ethereum (ETH) co-founder Vitalik Buterin (before his ETH career even started) reportedly said that he wouldnt be surprised if [Nakamoto] is actually an American working for the NSA specializing in cryptography. Then he got sick of the governments monetary policies and decided to create Bitcoin. He also added: Or the NSA itself decided to create Bitcoin.

However, several years later, Buterin clarified that his opinions have changed a lot since his NSA-related statements in 2011.

Blockstream is a blockchain technology company staffed by well-known and well-regarded developers. It is led by aforementioned Adam Back, a cryptographer aligned with the cypherpunk movement. It is through these endeavors where he interacted with Satoshi Nakamoto, corresponding with him, which led to him being cited in the Bitcoin whitepaper.

Blockstream describes itself as the global leader in Bitcoin and blockchain technology. Founded in 2014, the company aims to create a range of products and services which should ease the use and adoption of bitcoin and other blockchain-based digital currencies. Blockstream has raised large amounts in its funding rounds since its inception.

To the onlooker, Blockstream should be a well-regarded institution within the space. Meanwhile, for a number within the space, Blockstream seems to be hell-bent on destroying the original intent of Bitcoin with its driving motivations being profit.

However, these accusations can be heard from the Bitcoin Cash (BCH), which is a hard fork of Bitcoin, camp mostly. They claim that Blockstream is against any changes that may scale Bitcoin because they want users to use their proprietary sidechains, such as the Liquid Network.

Given that many of the Bitcoin Core developers also work at Blockstream, this is an "interesting" accusation, to say the least. While it is an old conspiracy theory, it keeps morphing with time.

In 2018, a Danish firm called BiChip (which, ironically, seems to be spreading vaccines-related conspiracy theories by itself) released an update to their subdermal chip, allowing people to store the XRP token inside themselves. By writing the chip, users could transact with their XRP holdings. The chip has since expanded its abilities and can now be used by BTC users too.

Conservative and religious circles were quick to point out the similarities between the emerging tech and the mark of the beast.

The mark of the beast references a theme in the Book of Revelations where people in the end times will be unable to trade without having the mark of the beast, either in their hand or on their forehead. Given the subdermal nature of the chip, speculation was rife and the theory took hold quickly.

That speculation inspired even more end-time related theories, with people claiming that Bitcoin was intended to usher in the New World Order where artificial intelligence would be lord to all. The theory is that AI created Bitcoin, using the prospect of profit as a lure to trap humanity into worshipping it.

___

In either case, despite all these conspiracists, Bitcoin is about to turn 12 on January 3, the anniversary of the first block in the Bitcoin blockchain mined, and it looks ready to ignore even more and even crazier conspiracy theories going forward.

___

Learn more: Bitcoin Wheel Cannot Be StoppedCrypto in 2021: Bitcoin To Ride The Same Wave Of Macroeconomic ProblemsCrypto Adoption in 2021: Bitcoin Rules, Ethereum Grows & Faces RivalsCrypto in 2021: Institutions Prefer Bitcoin, Retail Open to Altcoins

Continued here:

Satoshi Nakamoto from NSA, AntiChrist and Other Bitcoin Conspiracy Theories - Cryptonews

Posted in NSA

Snowden and Assange Deserve Pardons. So Do the Whistleblowers Trump Imprisoned. – The Intercept

In 2007, the Bush administrations Justice Department sent me a letter saying it was conducting a criminal investigation into the unauthorized disclosure of classified information in my 2006 book, State of War.

When my lawyers called the Justice Department about the letter, the prosecutors refused to say I was not a subject of their leak investigation. That was ominous. If I were considered a subject, rather than simply a witness, it meant the government hadnt ruled out prosecuting me for publishing classified information.

From left to right: Julian Assange, Edward Snowden, and Reality Winner.

Photo: Getty Images

Eventually after the Obama administration took over the case the Justice Department decided to treat me only as a witness and did not try to prosecute me.

But in the future, the outcome of a similar case for a journalist might be very different if Julian Assange is successfully prosecuted on the charges brought against him by President Donald Trumps Justice Department.

The Trump administration has charged Assange under the Espionage Act for conspiring to leak classified documents. The indictment focuses on his alleged efforts to encourage former Army intelligence analyst Chelsea Manning to leak classified documents to him and WikiLeaks. If the Assange prosecution is successful, it will set a dangerous precedent: that journalists can be prosecuted based on their interactions with sources who provide them with government secrets.

Such a precedent could make it extremely difficult for journalists to cover military, intelligence, and related national security matters, and thus leave the public in the dark about what the government is really doing around the world.

That is why the U.S. indictment of Julian Assange is so dangerous to liberty in America, and why the case against Assange should be dropped and he should be pardoned.

While Trump has still not publicly accepted his defeat in the 2020 presidential election, he has begun to issue a spate of pardons. On Tuesday, he issued pardons to a group that included two convicted of crimes in connection with the Trump-Russia investigation, and four former Blackwater contractors convicted of killing Iraqi civilians.

Despite the stench surrounding Trumps latest pardons, supporters of several whistleblowers have launched public campaigns to lobby for pardons; the supporters of Assange and Edward Snowden have been the most vocal.

Like Assange, Snowden clearly deserves a pardon. Snowdens massive 2013 leak documented the full extent of the National Security Agencys domestic spying on Americans. But rather than recognize that Snowden has performed a public service, the U.S. government has forced him into exile in Russia. Meanwhile, Assange now sits in prison in Britain, awaiting extradition to face prosecution in the United States.

Supporters of WikiLeaks founder Julian Assange demonstrate outside the Central Criminal Court after Assange appeared in court for a full extradition hearing on the last day of the trials in London on Oct. 01, 2020.

Photo: Hasan Esen/Anadolu Agency/Getty Images

Public support for the pardon of whistleblower Reality Winner has also begun to build. Winner was arrested in 2017 and accused of anonymously leaking an NSA document disclosing that Russian intelligence was seeking to hack into U.S. election voting systems. That document was allegedly leaked to The Intercept, which had no knowledge of the identity of its source. (The Intercepts parent company supported Winners legal defense through the First Look Medias Press Freedom Defense Fund, which I direct.) She pleaded guilty in the case in 2018 and was sentenced to more than five years in prison, the longest sentence ever imposed in a case involving a leak to the press.

Earlier this month, a federal appeals court denied Winners request for compassionate early release after she contracted Covid-19 in prison. She remains in federal prison today.

Former Pentagon official J. William Leonard wrote an op-ed in the Washington Post earlier this week calling for Winners pardon, arguing in part that her prosecution constituted overreach by the government.

But there are other whistleblowers who deserve pardons as well.

During Trumps four years in office, his administration has arrested and charged eight government officials in leak cases. That is almost equal to the record nine (or 10, depending on how you count) leak prosecutions conducted by the Obama administration over eight years.

Four of the leak cases during the Trump administration were connected to disclosures related to Trump, the circle of people around him, and the Trump-Russia inquiry. The Justice Department was clearly under intense pressure from Trump to go after people who leaked stories that Trump didnt like.

Winners case was the first of those four. In addition, James Wolfe, the director of security for the Senate Select Committee on Intelligence, was charged in 2018 with making false statements to the FBI in connection with a leak investigation into a Washington Post story revealing that the government had obtained a Foreign Intelligence Surveillance Act warrant to monitor Carter Page, a former foreign policy adviser to the Trump campaign.

Wolfe pleaded guilty in 2018 to lying to federal investigators about his contacts with reporters and was sentenced to two months in prison.

Also in 2018, Natalie Mayflower Sours Edwards, who was a senior adviser at the Treasurys Financial Crimes Enforcement Network, was charged with disclosing reports about financial transactions related to people under scrutiny in the Trump-Russia inquiry, including former Trump campaign chair Paul Manafort. She allegedly leaked the information to BuzzFeed News. In 2020, she pleaded guilty, and her sentencing is now scheduled for January 2021.

In 2019, John Fry, an IRS employee, was charged with leaking suspicious activity reports involving the financial transactions of Trumps former lawyer, Michael Cohen, including information about how a company owned by Cohen received $500,000 from a company with ties to a Russian oligarch. The Trump Justice Department recommended prison time for Fry, but in 2020, a federal judge instead gave Fry probation and ordered him to pay a $5,000 fine.

Other whistleblowers have also been caught up in Trumps crackdown, including FBI agent Terry Albury, who was arrested in 2018 and charged with leaking information about the systemic racial biases at the bureau, which were reported by The Intercept. And former intelligence analyst Daniel Hale was also arrested in 2019, charged with leaking information about the U.S. militarys use of drones to conduct targeted assassinations, also allegedly to The Intercept.

Former Minneapolis FBI agent Terry Albury, front, followed by his attorney, walks out of the federal courthouse in St. Paul after Albury was sentenced to four years in prison for leaking classified defense documents to a reporter on Oct. 18, 2018.

Photo: Shari L. Gross/Star Tribune/AP

While most of the public lobbying for pardons for whistleblowers has focused on Assange and Snowden, and to a lesser extent Winner, the other whistleblowers prosecuted by Trump have largely been forgotten.

For the most part, the small press freedom community has made the case for Assange and Snowden on the grounds of the First Amendment, press freedom, and government transparency. Yet the campaign to convince Trump to pardon Snowden and Assange has also attracted a strange group of extreme Trump supporters. They argue that pardoning the two men offers Trump the opportunity to stick it to the so-called deep state.

The deep state is, of course, the mythical beast at the heart of so many of Trumps conspiracy theories. Trump believes that a secret cabal of intelligence and national security officials has been trying to destroy him personally since at least the 2016 campaign.

It is important for press freedom advocates to steer clear of these deep state conspiracy theories and instead continue to argue for the pardons on the merits of press freedom. Indulging in Trumps fantasies in order to win the pardons will only taint the cause of press freedom in the future.

Its important for press freedom advocates to steer clear of deep state conspiracy theories and instead continue to argue for the pardons on the merits of press freedom.

As a journalist, I have spent much of my career covering, exposing, and criticizing the American national security establishment. Let there be no mistake: There is, in fact, a massive U.S. military-industrial complex, and a newer post-9/11 homeland security-industrial complex. Those two complexes overlap, comprising career military, intelligence, and federal law enforcement officials, executives at giant defense companies, and legions of smaller defense and intelligence contractors, as well as career political figures who take top positions in the defense and intelligence agencies when their party is in power, and become consultants or think-tank pundits when their party is out of power.

The military-industrial complex and the newer homeland security-industrial complex tend to support expansionist American national security and foreign policies, and since 9/11 have pushed for a continuation of American military involvement in the Middle East, particularly in Iraq and Afghanistan.

They are driven by greed and power, and they believe that endless war is good for business. As I wrote in Pay Any Price, my 2014 book, America has become accustomed to a permanent state of war. Only a small slice of society including many poor and rural teenagers fight and die, while a permanent national security elite rotates among senior government posts, contracting companies, think tanks and television commentary, opportunities that would disappear if America was suddenly at peace. To most of America, war has become not only tolerable but profitable, and so there is no longer any great incentive to end it.

Whats more, the national security establishments power stems in part from its ability to suppress the truth about its activities at home and abroad, and thus it seeks to punish whistleblowers and journalists who try to disclose the truth. The CIA, the NSA, and other elements of the national security apparatus frequently apply pressure on the Justice Department and the White House to prosecute whistleblowers who disclose their abuses.

I have had firsthand experience with this ugly phenomenon.

But acknowledging the gravitational pull of a militaristic national security establishment toward war and imperialism doesnt mean that you believe in the existence of a deep state, as imagined by Trump and his allies.

Demagogues like Trump are dangerously effective at taking bits of truth and weaving conspiracy theories out of them. Trump has taken the truth about the existence of a military-industrial complex and twisted it into a conspiracy theory that claims that the military-industrial complex is actually a deep state out to destroy him personally. It is conspiracy theory victimology taken to its most extreme.

Rudy Giuliani appears before the Michigan House Oversight Committee for suspicion of voter fraud in Lansing, Mich., on Dec. 2, 2020.

Photo: Jeff Kowalsky/AFP/Getty Images

Among Trumps ardent supporters, talk of a deep state often quickly descends into the madness of vile, rambling QAnon conspiracy theories.

Right-wing pundits and pro-Trump political figures, many of whom were longtime supporters of the governments draconian counterterrorism measures instituted after 9/11, including the NSAs illegal domestic spying program, suddenly became skeptics of the national security establishment when Trump began to complain about the investigation, conducted first by the FBI and later by special counsel Robert Mueller, into Russian meddling in the 2016 presidential election and possible collaboration by the Trump campaign. Trumps claims that he has been the victim of a witch hunt, a hoax investigation perpetrated against him by the deep state, have been the central theme of his conspiracy theory-laden presidency. And so ardent Trump supporters who accepted Trumps deep state conspiracy theories now view pardons for Assange and Snowden through the Russia hoax narrative.

Newsmax, the pro-Trump website, recently published a column calling for pardons for Assange and Snowden. If there is any way to thoroughly get back at the left over the next month, President Trump should make it a priority to pardon those individuals whose clemency would get the attention of the deep state, wrote Kenny Cody at Newsmax. For the deep state has worked against this president and his administration unlike any other previously. Marjorie Taylor Greene, a newly elected Republicanrepresentative from Georgia who has been criticized for being a QAnon supporter, also tweeted her support for pardons for Assange and Snowden.

A smattering of Assange supporters are echoing the line of these pro-Trump pundits and right-wing politicians.

For example, Assanges partner, Stella Morris, said on Fox News recently that she wants Trump to pardon Assange to protect him from the deep state. George Christensen, a member of Australias parliament, sent a message to Trump on a website devoted to a pardon for Assange, who is also an Australian.Christensen wrote, The same people who are trying to take the election from you are the ones trying to prosecute Julian Assange.

Rep.Tulsi Gabbard, a Hawaii Democrat and one-time Democratic presidential candidate, tweeted that Trump should pardon Snowden and Assange because they exposed the deception and criminality of those in the deep state.

What makes any endorsement of the deep state trope by advocates of Assange and Snowden particularly dangerous now is that it comes at the same time that Trump is employing his persecution fantasies to claim that the 2020 election was stolen from him by a pro-Biden deep state.

The danger of enabling Trumps deep state rhetoric was highlighted by a frightening story on Saturday, when the New York Times reported that Trump met on Friday with conspiracy theorist Sidney Powell and discussed making her some sort of special counsel to investigate baseless claims of voter fraud that Trump believes cost him the election. The same story revealed that Trump lawyer Rudy Giuliani has talked about trying to seize voting machines from around the country to try to prove the fiction that they were rigged against Trump.

As the pro-Trump supporters pushing for pardons for Assange and Snowden remain silent on so many of the other leak cases brought during the Trump administration, they have also said nothing to counter Trumps dangerous and hateful anti-press rhetoric, which has created a toxic climate for reporters working in the United States. Trumps constant attacks on the press have convinced his supporters as well as local, conservative politicians and law enforcement officials to intensify their rhetorical, legal, and physical attacks on journalists around the nation.

The U.S. Press Freedom Tracker, managed by the Freedom of the Press Foundation, shows that there have been 120 cases of a journalist arrested or detained on the job in the United States in 2020. The tracker found that during one week at the height of the racial justice protests in late May and early June, more reporters were arrested in the U.S. than in the previous three years combined. The tracker also found that more than a third of those journalists arrested were also beaten, hit with rubber bullets, or chemical agents.

The bottom line: Advocates of press freedom must remain disciplined as they campaign for the pardons for whistleblowers and make their arguments on the merits of press freedom. They must be careful not to indulge Trumps conspiracy theories while they lobby for the pardons.

Accepting Trumps insane conspiracy theories in order to get him to do the right thing has been the downfall of many prominent figures during Trumps presidency. Enabling Trumps worst instincts never works and only shreds the reputations of those who have sought to appease him.

Go here to see the original:

Snowden and Assange Deserve Pardons. So Do the Whistleblowers Trump Imprisoned. - The Intercept

Posted in NSA

National Security Agency – Wikipedia

U.S. signals intelligence organization

Seal of the National Security Agency

Flag of the National Security Agency

The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence. The NSA is responsible for global monitoring, collection, and processing of information and data for foreign and domestic intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT). The NSA is also tasked with the protection of U.S. communications networks and information systems.[8][9] The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine.[10]

Originating as a unit to decipher coded communications in World War II, it was officially formed as the NSA by President Harry S. Truman in 1952. Since then, it has become the largest of the U.S. intelligence organizations in terms of personnel and budget.[6][11] The NSA currently conducts worldwide mass data collection and has been known to physically bug electronic systems as one method to this end.[12] The NSA is also alleged to have been behind such attack software as Stuxnet, which severely damaged Iran's nuclear program.[13][14] The NSA, alongside the Central Intelligence Agency (CIA), maintains a physical presence in many countries across the globe; the CIA/NSA joint Special Collection Service (a highly classified intelligence team) inserts eavesdropping devices in high value targets (such as presidential palaces or embassies). SCS collection tactics allegedly encompass "close surveillance, burglary, wiretapping, [and] breaking and entering".[15][16]

Unlike the CIA and the Defense Intelligence Agency (DIA), both of which specialize primarily in foreign human espionage, the NSA does not publicly conduct human-source intelligence gathering. The NSA is entrusted with providing assistance to, and the coordination of, SIGINT elements for other government organizations which are prevented by law from engaging in such activities on their own.[17] As part of these responsibilities, the agency has a co-located organization called the Central Security Service (CSS), which facilitates cooperation between the NSA and other U.S. defense cryptanalysis components. To further ensure streamlined communication between the signals intelligence community divisions, the NSA Director simultaneously serves as the Commander of the United States Cyber Command and as Chief of the Central Security Service.

The NSA's actions have been a matter of political controversy on several occasions, including its spying on antiVietnam War leaders and the agency's participation in economic espionage. In 2013, the NSA had many of its secret surveillance programs revealed to the public by Edward Snowden, a former NSA contractor. According to the leaked documents, the NSA intercepts and stores the communications of over a billion people worldwide, including United States citizens. The documents also revealed the NSA tracks hundreds of millions of people's movements using cellphones' metadata. Internationally, research has pointed to the NSA's ability to surveil the domestic Internet traffic of foreign countries through "boomerang routing".[18]

The origins of the National Security Agency can be traced back to April 28, 1917, three weeks after the U.S. Congress declared war on Germany in World War I. A code and cipher decryption unit was established as the Cable and Telegraph Section which was also known as the Cipher Bureau.[19] It was headquartered in Washington, D.C. and was part of the war effort under the executive branch without direct Congressional authorization. During the course of the war it was relocated in the army's organizational chart several times. On July 5, 1917, Herbert O. Yardley was assigned to head the unit. At that point, the unit consisted of Yardley and two civilian clerks. It absorbed the navy's Cryptanalysis functions in July 1918. World War I ended on November 11, 1918, and the army cryptographic section of Military Intelligence (MI-8) moved to New York City on May 20, 1919, where it continued intelligence activities as the Code Compilation Company under the direction of Yardley.[20][21]

After the disbandment of the U.S. Army cryptographic section of military intelligence, known as MI-8, in 1919, the U.S. government created the Cipher Bureau, also known as Black Chamber. The Black Chamber was the United States' first peacetime cryptanalytic organization.[22] Jointly funded by the Army and the State Department, the Cipher Bureau was disguised as a New York City commercial code company; it actually produced and sold such codes for business use. Its true mission, however, was to break the communications (chiefly diplomatic) of other nations. Its most notable known success was at the Washington Naval Conference, during which it aided American negotiators considerably by providing them with the decrypted traffic of many of the conference delegations, most notably the Japanese. The Black Chamber successfully persuaded Western Union, the largest U.S. telegram company at the time, as well as several other communications companies to illegally give the Black Chamber access to cable traffic of foreign embassies and consulates.[23] Soon, these companies publicly discontinued their collaboration.

Despite the Chamber's initial successes, it was shut down in 1929 by U.S. Secretary of State Henry L. Stimson, who defended his decision by stating, "Gentlemen do not read each other's mail".[24]

During World War II, the Signal Intelligence Service (SIS) was created to intercept and decipher the communications of the Axis powers.[25] When the war ended, the SIS was reorganized as the Army Security Agency (ASA), and it was placed under the leadership of the Director of Military Intelligence.[25]

On May 20, 1949, all cryptologic activities were centralized under a national organization called the Armed Forces Security Agency (AFSA).[25] This organization was originally established within the U.S. Department of Defense under the command of the Joint Chiefs of Staff.[26] The AFSA was tasked to direct Department of Defense communications and electronic intelligence activities, except those of U.S. military intelligence units.[26] However, the AFSA was unable to centralize communications intelligence and failed to coordinate with civilian agencies that shared its interests such as the Department of State, Central Intelligence Agency (CIA) and the Federal Bureau of Investigation (FBI).[26] In December 1951, President Harry S. Truman ordered a panel to investigate how AFSA had failed to achieve its goals. The results of the investigation led to improvements and its redesignation as the National Security Agency.[27]

The National Security Council issued a memorandum of October 24, 1952, that revised National Security Council Intelligence Directive (NSCID) 9. On the same day, Truman issued a second memorandum that called for the establishment of the NSA.[28] The actual establishment of the NSA was done by a November 4 memo by Robert A. Lovett, the Secretary of Defense, changing the name of the AFSA to the NSA, and making the new agency responsible for all communications intelligence.[29] Since President Truman's memo was a classified document,[28] the existence of the NSA was not known to the public at that time. Due to its ultra-secrecy the U.S. intelligence community referred to the NSA as "No Such Agency".[30]

In the 1960s, the NSA played a key role in expanding U.S. commitment to the Vietnam War by providing evidence of a North Vietnamese attack on the American destroyer USSMaddox during the Gulf of Tonkin incident.[31]

A secret operation, code-named "MINARET", was set up by the NSA to monitor the phone communications of Senators Frank Church and Howard Baker, as well as key leaders of the civil rights movement, including Martin Luther King Jr., and prominent U.S. journalists and athletes who criticized the Vietnam War.[32] However, the project turned out to be controversial, and an internal review by the NSA concluded that its Minaret program was "disreputable if not outright illegal".[32]

The NSA mounted a major effort to secure tactical communications among U.S. forces during the war with mixed success. The NESTOR family of compatible secure voice systems it developed was widely deployed during the Vietnam War, with about 30,000 NESTOR sets produced. However a variety of technical and operational problems limited their use, allowing the North Vietnamese to exploit and intercept U.S. communications.[33]:Vol I, p.79

In the aftermath of the Watergate scandal, a congressional hearing in 1975 led by Senator Frank Church[34] revealed that the NSA, in collaboration with Britain's SIGINT intelligence agency Government Communications Headquarters (GCHQ), had routinely intercepted the international communications of prominent anti-Vietnam war leaders such as Jane Fonda and Dr. Benjamin Spock.[35] The Agency tracked these individuals in a secret filing system that was destroyed in 1974.[36] Following the resignation of President Richard Nixon, there were several investigations of suspected misuse of FBI, CIA and NSA facilities.[37] Senator Frank Church uncovered previously unknown activity,[37] such as a CIA plot (ordered by the administration of President John F. Kennedy) to assassinate Fidel Castro.[38] The investigation also uncovered NSA's wiretaps on targeted U.S. citizens.[39]

After the Church Committee hearings, the Foreign Intelligence Surveillance Act of 1978 was passed into law. This was designed to limit the practice of mass surveillance in the United States.[37]

In 1986, the NSA intercepted the communications of the Libyan government during the immediate aftermath of the Berlin discotheque bombing. The White House asserted that the NSA interception had provided "irrefutable" evidence that Libya was behind the bombing, which U.S. President Ronald Reagan cited as a justification for the 1986 United States bombing of Libya.[40][41]

In 1999, a multi-year investigation by the European Parliament highlighted the NSA's role in economic espionage in a report entitled 'Development of Surveillance Technology and Risk of Abuse of Economic Information'.[42] That year, the NSA founded the NSA Hall of Honor, a memorial at the National Cryptologic Museum in Fort Meade, Maryland.[43] The memorial is a, "tribute to the pioneers and heroes who have made significant and long-lasting contributions to American cryptology".[43] NSA employees must be retired for more than fifteen years to qualify for the memorial.[43]

NSA's infrastructure deteriorated in the 1990s as defense budget cuts resulted in maintenance deferrals. On January 24, 2000, NSA headquarters suffered a total network outage for three days caused by an overloaded network. Incoming traffic was successfully stored on agency servers, but it could not be directed and processed. The agency carried out emergency repairs at a cost of $3million to get the system running again. (Some incoming traffic was also directed instead to Britain's GCHQ for the time being.) Director Michael Hayden called the outage a "wake-up call" for the need to invest in the agency's infrastructure.[44]

In the 1990s the defensive arm of the NSAthe Information Assurance Directorate (IAD)started working more openly; the first public technical talk by an NSA scientist at a major cryptography conference was J. Solinas' presentation on efficient Elliptic Curve Cryptography algorithms at Crypto 1997.[45] The IAD's cooperative approach to academia and industry culminated in its support for a transparent process for replacing the outdated Data Encryption Standard (DES) by an Advanced Encryption Standard (AES). Cybersecurity policy expert Susan Landau attributes the NSA's harmonious collaboration with industry and academia in the selection of the AES in 2000and the Agency's support for the choice of a strong encryption algorithm designed by Europeans rather than by Americansto Brian Snow, who was the Technical Director of IAD and represented the NSA as cochairman of the Technical Working Group for the AES competition, and Michael Jacobs, who headed IAD at the time.[46]:75

After the terrorist attacks of September 11, 2001, the NSA believed that it had public support for a dramatic expansion of its surveillance activities.[47] According to Neal Koblitz and Alfred Menezes, the period when the NSA was a trusted partner with academia and industry in the development of cryptographic standards started to come to an end when, as part of the change in the NSA in the post-September 11 era, Snow was replaced as Technical Director, Jacobs retired, and IAD could no longer effectively oppose proposed actions by the offensive arm of the NSA.[48]

In the aftermath of the September 11 attacks, the NSA created new IT systems to deal with the flood of information from new technologies like the Internet and cellphones. ThinThread contained advanced data mining capabilities. It also had a "privacy mechanism"; surveillance was stored encrypted; decryption required a warrant. The research done under this program may have contributed to the technology used in later systems. ThinThread was cancelled when Michael Hayden chose Trailblazer, which did not include ThinThread's privacy system.[49]

Trailblazer Project ramped up in 2002 and was worked on by Science Applications International Corporation (SAIC), Boeing, Computer Sciences Corporation, IBM, and Litton Industries. Some NSA whistleblowers complained internally about major problems surrounding Trailblazer. This led to investigations by Congress and the NSA and DoD Inspectors General. The project was cancelled in early 2004.

Turbulence started in 2005. It was developed in small, inexpensive "test" pieces, rather than one grand plan like Trailblazer. It also included offensive cyber-warfare capabilities, like injecting malware into remote computers. Congress criticized Turbulence in 2007 for having similar bureaucratic problems as Trailblazer.[50] It was to be a realization of information processing at higher speeds in cyberspace.[51]

The massive extent of the NSA's spying, both foreign and domestic, was revealed to the public in a series of detailed disclosures of internal NSA documents beginning in June 2013. Most of the disclosures were leaked by former NSA contractor Edward Snowden. On 4 September 2020, the NSAs surveillance program was ruled unlawful by the US Court of Appeals. The court also added that the US intelligence leaders, who publicly defended it, were not telling the truth.[52]

NSA's eavesdropping mission includes radio broadcasting, both from various organizations and individuals, the Internet, telephone calls, and other intercepted forms of communication. Its secure communications mission includes military, diplomatic, and all other sensitive, confidential or secret government communications.[53]

According to a 2010 article in The Washington Post, "[e]very day, collection systems at the National Security Agency intercept and store 1.7billion e-mails, phone calls and other types of communications. The NSA sorts a fraction of those into 70 separate databases."[54]

Because of its listening task, NSA/CSS has been heavily involved in cryptanalytic research, continuing the work of predecessor agencies which had broken many World War II codes and ciphers (see, for instance, Purple, Venona project, and JN-25).

In 2004, NSA Central Security Service and the National Cyber Security Division of the Department of Homeland Security (DHS) agreed to expand NSA Centers of Academic Excellence in Information Assurance Education Program.[55]

As part of the National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD 54), signed on January 8, 2008, by President Bush, the NSA became the lead agency to monitor and protect all of the federal government's computer networks from cyber-terrorism.[9]

Operations by the National Security Agency can be divided in three types:

"Echelon" was created in the incubator of the Cold War.[56] Today it is a legacy system, and several NSA stations are closing.[57]

NSA/CSS, in combination with the equivalent agencies in the United Kingdom (Government Communications Headquarters), Canada (Communications Security Establishment), Australia (Australian Signals Directorate), and New Zealand (Government Communications Security Bureau), otherwise known as the UKUSA group,[58] was reported to be in command of the operation of the so-called ECHELON system. Its capabilities were suspected to include the ability to monitor a large proportion of the world's transmitted civilian telephone, fax and data traffic.[59]

During the early 1970s, the first of what became more than eight large satellite communications dishes were installed at Menwith Hill.[60] Investigative journalist Duncan Campbell reported in 1988 on the "ECHELON" surveillance program, an extension of the UKUSA Agreement on global signals intelligence SIGINT, and detailed how the eavesdropping operations worked.[61] On November 3, 1999 the BBC reported that they had confirmation from the Australian Government of the existence of a powerful "global spying network" code-named Echelon, that could "eavesdrop on every single phone call, fax or e-mail, anywhere on the planet" with Britain and the United States as the chief protagonists. They confirmed that Menwith Hill was "linked directly to the headquarters of the US National Security Agency (NSA) at Fort Meade in Maryland".[62]

NSA's United States Signals Intelligence Directive 18 (USSID 18) strictly prohibited the interception or collection of information about "... U.S. persons, entities, corporations or organizations...." without explicit written legal permission from the United States Attorney General when the subject is located abroad, or the Foreign Intelligence Surveillance Court when within U.S. borders. Alleged Echelon-related activities, including its use for motives other than national security, including political and industrial espionage, received criticism from countries outside the UKUSA alliance.[63][64]

The NSA was also involved in planning to blackmail people with "SEXINT", intelligence gained about a potential target's sexual activity and preferences. Those targeted had not committed any apparent crime nor were they charged with one.[65]

In order to support its facial recognition program, the NSA is intercepting "millions of images per day".[66]

The Real Time Regional Gateway is a data collection program introduced in 2005 in Iraq by NSA during the Iraq War that consisted of gathering all electronic communication, storing it, then searching and otherwise analyzing it. It was effective in providing information about Iraqi insurgents who had eluded less comprehensive techniques.[67] This "collect it all" strategy introduced by NSA director, Keith B. Alexander, is believed by Glenn Greenwald of The Guardian to be the model for the comprehensive worldwide mass archiving of communications which NSA is engaged in as of 2013.[68]

A dedicated unit of the NSA locates targets for the CIA for extrajudicial assassination in the Middle East.[69] The NSA has also spied extensively on the European Union, the United Nations and numerous governments including allies and trading partners in Europe, South America and Asia.[70][71]

In June 2015, WikiLeaks published documents showing that NSA spied on French companies.[72]

In July 2015, WikiLeaks published documents showing that NSA spied on federal German ministries since the 1990s.[73][74] Even Germany's Chancellor Angela Merkel's cellphones and phone of her predecessors had been intercepted.[75]

Edward Snowden revealed in June 2013 that between February 8 and March 8, 2013, the NSA collected about 124.8billion telephone data items and 97.1billion computer data items throughout the world, as was displayed in charts from an internal NSA tool codenamed Boundless Informant. Initially, it was reported that some of these data reflected eavesdropping on citizens in countries like Germany, Spain and France,[76] but later on, it became clear that those data were collected by European agencies during military missions abroad and were subsequently shared with NSA.

In 2013, reporters uncovered a secret memo that claims the NSA created and pushed for the adoption of the Dual EC DRBG encryption standard that contained built-in vulnerabilities in 2006 to the United States National Institute of Standards and Technology (NIST), and the International Organization for Standardization (aka ISO).[77][78] This memo appears to give credence to previous speculation by cryptographers at Microsoft Research.[79] Edward Snowden claims that the NSA often bypasses encryption altogether by lifting information before it is encrypted or after it is decrypted.[78]

XKeyscore rules (as specified in a file xkeyscorerules100.txt, sourced by German TV stations NDR and WDR, who claim to have excerpts from its source code) reveal that the NSA tracks users of privacy-enhancing software tools, including Tor; an anonymous email service provided by the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) in Cambridge, Massachusetts; and readers of the Linux Journal.[80][81]

Linus Torvalds, the founder of Linux kernel, joked during a LinuxCon keynote on September 18, 2013, that the NSA, who are the founder of SELinux, wanted a backdoor in the kernel.[82] However, later, Linus' father, a Member of the European Parliament (MEP), revealed that the NSA actually did this.[83]

When my oldest son was asked the same question: "Has he been approached by the NSA about backdoors?" he said "No", but at the same time he nodded. Then he was sort of in the legal free. He had given the right answer, everybody understood that the NSA had approached him.

IBM Notes was the first widely adopted software product to use public key cryptography for clientserver and serverserver authentication and for encryption of data. Until US laws regulating encryption were changed in 2000, IBM and Lotus were prohibited from exporting versions of Notes that supported symmetric encryption keys that were longer than 40 bits. In 1997, Lotus negotiated an agreement with the NSA that allowed export of a version that supported stronger keys with 64 bits, but 24 of the bits were encrypted with a special key and included in the message to provide a "workload reduction factor" for the NSA. This strengthened the protection for users of Notes outside the US against private-sector industrial espionage, but not against spying by the US government.[85][86]

While it is assumed that foreign transmissions terminating in the U.S. (such as a non-U.S. citizen accessing a U.S. website) subject non-U.S. citizens to NSA surveillance, recent research into boomerang routing has raised new concerns about the NSA's ability to surveil the domestic Internet traffic of foreign countries.[18] Boomerang routing occurs when an Internet transmission that originates and terminates in a single country transits another. Research at the University of Toronto has suggested that approximately 25% of Canadian domestic traffic may be subject to NSA surveillance activities as a result of the boomerang routing of Canadian Internet service providers.[18]

Intercepted packages are opened carefully by NSA employees

A "load station" implanting a beacon

A document included in NSA files released with Glenn Greenwald's book No Place to Hide details how the agency's Tailored Access Operations (TAO) and other NSA units gain access to hardware. They intercept routers, servers and other network hardware being shipped to organizations targeted for surveillance and install covert implant firmware onto them before they are delivered. This was described by an NSA manager as "some of the most productive operations in TAO because they preposition access points into hard target networks around the world."[87]

Computers seized by the NSA due to interdiction are often modified with a physical device known as Cottonmouth.[88] Cottonmouth is a device that can be inserted in the USB port of a computer in order to establish remote access to the targeted machine. According to NSA's Tailored Access Operations (TAO) group implant catalog, after implanting Cottonmouth, the NSA can establish a network bridge "that allows the NSA to load exploit software onto modified computers as well as allowing the NSA to relay commands and data between hardware and software implants."[89]

NSA's mission, as set forth in Executive Order 12333 in 1981, is to collect information that constitutes "foreign intelligence or counterintelligence" while not "acquiring information concerning the domestic activities of United States persons". NSA has declared that it relies on the FBI to collect information on foreign intelligence activities within the borders of the United States, while confining its own activities within the United States to the embassies and missions of foreign nations.[90]

The appearance of a 'Domestic Surveillance Directorate' of the NSA was soon exposed as a hoax in 2013.[91][92]

NSA's domestic surveillance activities are limited by the requirements imposed by the Fourth Amendment to the U.S. Constitution. The Foreign Intelligence Surveillance Court for example held in October 2011, citing multiple Supreme Court precedents, that the Fourth Amendment prohibitions against unreasonable searches and seizures applies to the contents of all communications, whatever the means, because "a person's private communications are akin to personal papers."[93] However, these protections do not apply to non-U.S. persons located outside of U.S. borders, so the NSA's foreign surveillance efforts are subject to far fewer limitations under U.S. law.[94] The specific requirements for domestic surveillance operations are contained in the Foreign Intelligence Surveillance Act of 1978 (FISA), which does not extend protection to non-U.S. citizens located outside of U.S. territory.[94]

George W. Bush, president during the 9/11 terrorist attacks, approved the Patriot Act shortly after the attacks to take anti-terrorist security measures. Title 1, 2, and 9 specifically authorized measures that would be taken by the NSA. These titles granted enhanced domestic security against terrorism, surveillance procedures, and improved intelligence, respectively. On March 10, 2004, there was a debate between President Bush and White House Counsel Alberto Gonzales, Attorney General John Ashcroft, and Acting Attorney General James Comey. The Attorneys General were unsure if the NSA's programs could be considered constitutional. They threatened to resign over the matter, but ultimately the NSA's programs continued.[95] On March 11, 2004, President Bush signed a new authorization for mass surveillance of Internet records, in addition to the surveillance of phone records. This allowed the president to be able to override laws such as the Foreign Intelligence Surveillance Act, which protected civilians from mass surveillance. In addition to this, President Bush also signed that the measures of mass surveillance were also retroactively in place.[96]

Under the PRISM program, which started in 2007,[97][98] NSA gathers Internet communications from foreign targets from nine major U.S. Internet-based communication service providers: Microsoft,[99] Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple. Data gathered include email, video and voice chat, videos, photos, VoIP chats such as Skype, and file transfers.

Former NSA director General Keith Alexander claimed that in September 2009 the NSA prevented Najibullah Zazi and his friends from carrying out a terrorist attack.[100] However, this claim has been debunked and no evidence has been presented demonstrating that the NSA has ever been instrumental in preventing a terrorist attack.[101][102][103][104]

Besides the more traditional ways of eavesdropping in order to collect signals intelligence, NSA is also engaged in hacking computers, smartphones and their networks. These operations are conducted by the Tailored Access Operations (TAO) division, which has been active since at least circa 1998.[105]

According to the Foreign Policy magazine, "... the Office of Tailored Access Operations, or TAO, has successfully penetrated Chinese computer and telecommunications systems for almost 15 years, generating some of the best and most reliable intelligence information about what is going on inside the People's Republic of China."[106][107]

In an interview with Wired magazine, Edward Snowden said the Tailored Access Operations division accidentally caused Syria's internet blackout in 2012.[108]

The NSA is led by the Director of the National Security Agency (DIRNSA), who also serves as Chief of the Central Security Service (CHCSS) and Commander of the United States Cyber Command (USCYBERCOM) and is the highest-ranking military official of these organizations. He is assisted by a Deputy Director, who is the highest-ranking civilian within the NSA/CSS.

NSA also has an Inspector General, head of the Office of the Inspector General (OIG), a General Counsel, head of the Office of the General Counsel (OGC) and a Director of Compliance, who is head of the Office of the Director of Compliance (ODOC).[109]

Unlike other intelligence organizations such as CIA or DIA, NSA has always been particularly reticent concerning its internal organizational structure.

As of the mid-1990s, the National Security Agency was organized into five Directorates:

Each of these directorates consisted of several groups or elements, designated by a letter. There were for example the A Group, which was responsible for all SIGINT operations against the Soviet Union and Eastern Europe, and G Group, which was responsible for SIGINT related to all non-communist countries. These groups were divided in units designated by an additional number, like unit A5 for breaking Soviet codes, and G6, being the office for the Middle East, North Africa, Cuba, Central and South America.[111][112]

As of 2013[update], NSA has about a dozen directorates, which are designated by a letter, although not all of them are publicly known. The directorates are divided in divisions and units starting with the letter of the parent directorate, followed by a number for the division, the sub-unit or a sub-sub-unit.

The main elements of the organizational structure of the NSA are:[113]

In the year 2000, a leadership team was formed, consisting of the Director, the Deputy Director and the Directors of the Signals Intelligence (SID), the Information Assurance (IAD) and the Technical Directorate (TD). The chiefs of other main NSA divisions became associate directors of the senior leadership team.[123]

After president George W. Bush initiated the President's Surveillance Program (PSP) in 2001, the NSA created a 24-hour Metadata Analysis Center (MAC), followed in 2004 by the Advanced Analysis Division (AAD), with the mission of analyzing content, Internet metadata and telephone metadata. Both units were part of the Signals Intelligence Directorate.[124]

A 2016 proposal would combine the Signals Intelligence Directorate with Information Assurance Directorate into Directorate of Operations.[125]

NSANet stands for National Security Agency Network and is the official NSA intranet.[126] It is a classified network,[127] for information up to the level of TS/SCI[128] to support the use and sharing of intelligence data between NSA and the signals intelligence agencies of the four other nations of the Five Eyes partnership. The management of NSANet has been delegated to the Central Security Service Texas (CSSTEXAS).[129]

NSANet is a highly secured computer network consisting of fiber-optic and satellite communication channels which are almost completely separated from the public Internet. The network allows NSA personnel and civilian and military intelligence analysts anywhere in the world to have access to the agency's systems and databases. This access is tightly controlled and monitored. For example, every keystroke is logged, activities are audited at random and downloading and printing of documents from NSANet are recorded.[130]

In 1998, NSANet, along with NIPRNET and SIPRNET, had "significant problems with poor search capabilities, unorganized data and old information".[131] In 2004, the network was reported to have used over twenty commercial off-the-shelf operating systems.[132] Some universities that do highly sensitive research are allowed to connect to it.[133]

The thousands of Top Secret internal NSA documents that were taken by Edward Snowden in 2013 were stored in "a file-sharing location on the NSA's intranet site"; so, they could easily be read online by NSA personnel. Everyone with a TS/SCI-clearance had access to these documents. As a system administrator, Snowden was responsible for moving accidentally misplaced highly sensitive documents to safer storage locations.[134]

The NSA maintains at least two watch centers:

The number of NSA employees is officially classified[4] but there are several sources providing estimates.In 1961, NSA had 59,000 military and civilian employees, which grew to 93,067 in 1969, of which 19,300 worked at the headquarters at Fort Meade. In the early 1980s NSA had roughly 50,000 military and civilian personnel. By 1989 this number had grown again to 75,000, of which 25,000 worked at the NSA headquarters. Between 1990 and 1995 the NSA's budget and workforce were cut by one third, which led to a substantial loss of experience.[137]

In 2012, the NSA said more than 30,000 employees worked at Fort Meade and other facilities.[2] In 2012, John C. Inglis, the deputy director, said that the total number of NSA employees is "somewhere between 37,000 and one billion" as a joke,[4] and stated that the agency is "probably the biggest employer of introverts."[4] In 2013 Der Spiegel stated that the NSA had 40,000 employees.[5] More widely, it has been described as the world's largest single employer of mathematicians.[138] Some NSA employees form part of the workforce of the National Reconnaissance Office (NRO), the agency that provides the NSA with satellite signals intelligence.

As of 2013 about 1,000 system administrators work for the NSA.[139]

The NSA received criticism early on in 1960 after two agents had defected to the Soviet Union. Investigations by the House Un-American Activities Committee and a special subcommittee of the United States House Committee on Armed Services revealed severe cases of ignorance in personnel security regulations, prompting the former personnel director and the director of security to step down and leading to the adoption of stricter security practices.[140] Nonetheless, security breaches reoccurred only a year later when in an issue of Izvestia of July 23, 1963, a former NSA employee published several cryptologic secrets.

The very same day, an NSA clerk-messenger committed suicide as ongoing investigations disclosed that he had sold secret information to the Soviets on a regular basis. The reluctance of Congressional houses to look into these affairs had prompted a journalist to write, "If a similar series of tragic blunders occurred in any ordinary agency of Government an aroused public would insist that those responsible be officially censured, demoted, or fired." David Kahn criticized the NSA's tactics of concealing its doings as smug and the Congress' blind faith in the agency's right-doing as shortsighted, and pointed out the necessity of surveillance by the Congress to prevent abuse of power.[140]

Edward Snowden's leaking of the existence of PRISM in 2013 caused the NSA to institute a "two-man rule", where two system administrators are required to be present when one accesses certain sensitive information.[139] Snowden claims he suggested such a rule in 2009.[141]

The NSA conducts polygraph tests of employees. For new employees, the tests are meant to discover enemy spies who are applying to the NSA and to uncover any information that could make an applicant pliant to coercion.[142] As part of the latter, historically EPQs or "embarrassing personal questions" about sexual behavior had been included in the NSA polygraph.[142] The NSA also conducts five-year periodic reinvestigation polygraphs of employees, focusing on counterintelligence programs. In addition the NSA conducts periodic polygraph investigations in order to find spies and leakers; those who refuse to take them may receive "termination of employment", according to a 1982 memorandum from the director of NSA.[143]

There are also "special access examination" polygraphs for employees who wish to work in highly sensitive areas, and those polygraphs cover counterintelligence questions and some questions about behavior.[143] NSA's brochure states that the average test length is between two and four hours.[144] A 1983 report of the Office of Technology Assessment stated that "It appears that the NSA [National Security Agency] (and possibly CIA) use the polygraph not to determine deception or truthfulness per se, but as a technique of interrogation to encourage admissions."[145] Sometimes applicants in the polygraph process confess to committing felonies such as murder, rape, and selling of illegal drugs. Between 1974 and 1979, of the 20,511 job applicants who took polygraph tests, 695 (3.4%) confessed to previous felony crimes; almost all of those crimes had been undetected.[142]

In 2010 the NSA produced a video explaining its polygraph process.[146] The video, ten minutes long, is titled "The Truth About the Polygraph" and was posted to the Web site of the Defense Security Service. Jeff Stein of The Washington Post said that the video portrays "various applicants, or actors playing themit's not cleardescribing everything bad they had heard about the test, the implication being that none of it is true."[147] AntiPolygraph.org argues that the NSA-produced video omits some information about the polygraph process; it produced a video responding to the NSA video.[146][148] George Maschke, the founder of the Web site, accused the NSA polygraph video of being "Orwellian".[147]

After Edward Snowden revealed his identity in 2013, the NSA began requiring polygraphing of employees once per quarter.[149]

The number of exemptions from legal requirements has been criticized. When in 1964 the Congress was hearing a bill giving the director of the NSA the power to fire at will any employee, The Washington Post wrote: "This is the very definition of arbitrariness. It means that an employee could be discharged and disgraced on the basis of anonymous allegations without the slightest opportunity to defend himself." Yet, the bill was accepted by an overwhelming majority.[140] Also, every person hired to a job in the US after 2007, at any private organization, state or federal government agency, must be reported to the New Hire Registry, ostensibly to look for child support evaders, except that employees of an intelligence agency may be excluded from reporting if the director deems it necessary for national security reasons.

When the agency was first established, its headquarters and cryptographic center were in the Naval Security Station in Washington, D.C. The COMINT functions were located in Arlington Hall in Northern Virginia, which served as the headquarters of the U.S. Army's cryptographic operations.[150] Because the Soviet Union had detonated a nuclear bomb and because the facilities were crowded, the federal government wanted to move several agencies, including the AFSA/NSA. A planning committee considered Fort Knox, but Fort Meade, Maryland, was ultimately chosen as NSA headquarters because it was far enough away from Washington, D.C. in case of a nuclear strike and was close enough so its employees would not have to move their families.[151]

Construction of additional buildings began after the agency occupied buildings at Fort Meade in the late 1950s, which they soon outgrew.[151] In 1963 the new headquarters building, nine stories tall, opened. NSA workers referred to the building as the "Headquarters Building" and since the NSA management occupied the top floor, workers used "Ninth Floor" to refer to their leaders.[152] COMSEC remained in Washington, D.C., until its new building was completed in 1968.[151] In September 1986, the Operations 2A and 2B buildings, both copper-shielded to prevent eavesdropping, opened with a dedication by President Ronald Reagan.[153] The four NSA buildings became known as the "Big Four."[153] The NSA director moved to 2B when it opened.[153]

Headquarters for the National Security Agency is located at 39632N 764617W / 39.10889N 76.77139W / 39.10889; -76.77139 in Fort George G. Meade, Maryland, although it is separate from other compounds and agencies that are based within this same military installation. Fort Meade is about 20mi (32km) southwest of Baltimore,[154] and 25mi (40km) northeast of Washington, D.C.[155] The NSA has two dedicated exits off BaltimoreWashington Parkway. The Eastbound exit from the Parkway (heading toward Baltimore) is open to the public and provides employee access to its main campus and public access to the National Cryptology Museum. The Westbound side exit, (heading toward Washington) is labeled "NSA Employees Only".[156][157] The exit may only be used by people with the proper clearances, and security vehicles parked along the road guard the entrance.[158]

NSA is the largest employer in the state of Maryland, and two-thirds of its personnel work at Fort Meade.[159] Built on 350 acres (140ha; 0.55sqmi)[160] of Fort Meade's 5,000 acres (2,000ha; 7.8sqmi),[161] the site has 1,300 buildings and an estimated 18,000 parking spaces.[155][162]

The main NSA headquarters and operations building is what James Bamford, author of Body of Secrets, describes as "a modern boxy structure" that appears similar to "any stylish office building."[163] The building is covered with one-way dark glass, which is lined with copper shielding in order to prevent espionage by trapping in signals and sounds.[163] It contains 3,000,000 square feet (280,000m2), or more than 68 acres (28ha), of floor space; Bamford said that the U.S. Capitol "could easily fit inside it four times over."[163]

The facility has over 100 watchposts,[164] one of them being the visitor control center, a two-story area that serves as the entrance.[163] At the entrance, a white pentagonal structure,[165] visitor badges are issued to visitors and security clearances of employees are checked.[166] The visitor center includes a painting of the NSA seal.[165]

The OPS2A building, the tallest building in the NSA complex and the location of much of the agency's operations directorate, is accessible from the visitor center. Bamford described it as a "dark glass Rubik's Cube".[167] The facility's "red corridor" houses non-security operations such as concessions and the drug store. The name refers to the "red badge" which is worn by someone without a security clearance. The NSA headquarters includes a cafeteria, a credit union, ticket counters for airlines and entertainment, a barbershop, and a bank.[165] NSA headquarters has its own post office, fire department, and police force.[168][169][170]

The employees at the NSA headquarters reside in various places in the Baltimore-Washington area, including Annapolis, Baltimore, and Columbia in Maryland and the District of Columbia, including the Georgetown community.[171] The NSA maintains a shuttle service from the Odenton station of MARC to its Visitor Control Center and has done so since 2005.[172]

Following a major power outage in 2000, in 2003 and in follow-ups through 2007, The Baltimore Sun reported that the NSA was at risk of electrical overload because of insufficient internal electrical infrastructure at Fort Meade to support the amount of equipment being installed. This problem was apparently recognized in the 1990s but not made a priority, and "now the agency's ability to keep its operations going is threatened."[173]

On August 6, 2006, The Baltimore Sun reported that the NSA had completely maxed out the grid, and that Baltimore Gas & Electric (BGE, now Constellation Energy) was unable to sell them any more power.[174] NSA decided to move some of its operations to a new satellite facility.

BGE provided NSA with 65 to 75 megawatts at Fort Meade in 2007, and expected that an increase of 10 to 15 megawatts would be needed later that year.[175] In 2011, the NSA was Maryland's largest consumer of power.[159] In 2007, as BGE's largest customer, NSA bought as much electricity as Annapolis, the capital city of Maryland.[173]

Read this article:

National Security Agency - Wikipedia

Posted in NSA

Talks with China will not help says USA NSA on situation on Ladakh – Oneindia

India

oi-Vicky Nanjappa

| Published: Saturday, October 10, 2020, 14:01 [IST]

New Delhi, Oct 10: China has "attempted to seize" control of the Line of Actual Control (LAC) with India "by force" as part of its territorial aggression, US' National Security Adviser has said, underlining that time has come to accept that dialogue and agreements will not persuade Beijing to change.

India and China are locked in a five-month-long tense standoff in eastern Ladakh that has significantly strained relations between New Delhi and Beijing. Both sides have held a series of high-level diplomatic and military talks to resolve the border row. However, no breakthrough has been achieved to end the standoff.

China has deployed 60k soldiers on Indias northern border: Mike Pompeo

"Chinese Communist Party's territorial aggression is also apparent on its Indian border where China has attempted to seize control of the Line of Actual Control by force," US National Security Adviser Robert O'Brien said in a remark on China early this week in Utah.

China's territorial aggression is also true in the Taiwan Strait where the PLA (People's Liberation Army) Navy and Air Force continue to conduct threatening military drills, O'Brien said.

"Beijing's signature international development programme, One Belt One Road (OBOR), involves impoverished companies taking on opaque and unsustainable Chinese loans to pay Chinese firms employing Chinese labourers to build their infrastructure," he said.

Many of these projects are unnecessary, shoddily built and are "white elephants", the US National Security Adviser said.

"And now these countries' dependence on the Chinese debt leaves their sovereignty eroded and with no choice but to hue to the party's line on UN votes or any other issue that the Chinese Communist Party considers a red line," he said.

O'Brien also noted that China's other international aid efforts include selling surveillance systems and similar tools of repression to "pariah regimes" around the world, including Venezuela's Nicolas Maduro.

Amidst face-off with China, the importance of Rustom-2 in Indias arsenal

"The time has come to accept that dialogue and agreements will not persuade or compel the People's Republic of China to change. There's nothing to be gained from looking the other way or turning the other cheek. We've been doing that for far too long," he said.

O'Brien said the US must stand up to the Chinese and protect the American people.

"We must promote American prosperity, practice peace through strength and advance American influence in the world," he said, adding that under President Donald Trump's leadership that is exactly what the US has done.

O'Brien said the Trump administration has adopted a competitive approach to China.

That approach, he said, has two primary objectives. First, improve the resiliency of US institutions, alliances and partnerships to prevail against the challenges that China presents; and the second is to impose tangible cost in order to compel Beijing to cease or reduce actions harmful to America's vital national interest and those of its allied and partner nations.

"President Trump has taken decisive action to meet these objectives. He is working to prevent companies that answer to the Chinese Communist Party's intelligence and security apparatus," O'Brien said.

Citing examples, he said Chinese telecommunications giants Huawei and ZTE have been prevented from accessing Americans' personal and private data and national secrets. The Trump administration, he said, has also imposed import and export restrictions on US semiconductor technology and other exports going to Huawei and similar Chinese telecommunications corporations.

Our democratic partners are starting to follow. Just last month, the UK joined democracies such as the Czech Republic, Denmark, Latvia, Estonia, Lithuania, Poland, Romania and Sweden in committing to using trusted suppliers to build their future 5G networks, O'Brien said.

"Carriers like Jio in India, Telstra in Australia, SK and KT in South Korea, NTT in Japan, and others have prohibited the use of Huawei equipment in their networks. The Trump administration is investigating and prosecuting the economic espionage aggressively," he said.

O'Brien said the Trump administration has strengthened its military relationships in the Indo-Pacific region.

"One important partnership which will be one of the most key partnerships for the United States in the 21st century, India, is thriving," he said.

He also noted that the US has signed extended US military access to Singapore's air and naval bases. The country is also working closely with Japan, Australia and New Zealand to strengthen relationships with the Pacific Islands, especially Timor. It is also working closely with Mongolia.

However, O'Brien said even as the US competes with China, it does welcome cooperation where America's interests align.

"The US has a deep and abiding respect for the Chinese people and enjoys longstanding ties to that country, including our alliance in World War II," O'Brien said.

For Breaking News and Instant Updates

Allow Notifications

You have already subscribed

Go here to see the original:

Talks with China will not help says USA NSA on situation on Ladakh - Oneindia

Posted in NSA

How to choose the right multifactor authentication program – Federal News Network

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drives daily audio interviews onApple PodcastsorPodcastOne.

With a huge chunk of the federal workforce still working remotely, the PIV cards employees normally use to authenticate themselves on federal networks arent always an option. So, many agencies have turned to commercial multifactor authentication solutions as an alternative. But some of those solutions are more secure than others. To help agencies sort the good from the not-so-good, the National Security Agency has just released a guide to commercial multifactor authentication. Dr. Alan Laing is Senior Subject Matter Expert for Vulnerabilities and Mitigations at NSA, and he joined the Federal Drive to talk more about the information paper.

Jared Serbu: I think for starters, maybe you can just spend a minute here talking about why NSA decided to release this publication at this particular time. I mean, is have you been getting a lot of inquiries from federal agencies and other organizations about multifactor authentication in these interesting last few months?

Alan Laing: So interesting last months is probably a good term to use. The NSA put out a number of cybersecurity information reports related to our customers, trying to continue working. A lot of them were pushed to do telework and things like that. So the multifactor authentication cybersecurity report was part of that.

Jared Serbu: And I guess the main takeaway for me here is that in a pinch, almost anything is better than just a username and password. But not all multifactor authentication schemes are created equal. And just working backwards here a little bit, you specifically call out techniques like text messages, out-of-band SMS messages to your phone, and some of the commercial biometric solutions that are out there, as not being the best ideas. Talk a bit about some of the weaknesses there and why you wouldnt necessarily use those as your first go-tos.

Alan Laing: Yeah, so the SMS and biometrics have have a history of being ineffective at binding the user that is making a request to their digital identity. The NIST report on digital identity guidance describes the the rationale for that. Basically, youre leaving your fingerprints and biometrics all over the place, and its its fairly easy to replicate. And then for the SMS, theres, theres a ton of ways to impersonate or to capture the SMS messages. So that was considered not the best way of moving forward.

Jared Serbu: And the publication, we should tell listeners, does include a list of all the various FIPS-approved solutions that are out there. We certainly cant get into them all in this venue. But can you take us through some of the characteristics that you want to be looking for when youre actually selecting a strong solution?

Alan Laing: Given the need to get this out quickly? We have some expertise here. But we wanted to be fair, so we used the criteria in the NIST digital guidelines document, the recent update, and we used those criteria for our search of public websites that vendors were advertising solutions that met these criteria. So the NIST webpage that has all the validated crypto modules was where we started. And then when we saw the vendors that were validating their products for advertising or indicating that they were compliant or trying to meet the criteria, then we went into those websites and validated those products against the criteria.

Jared Serbu: Can you take us through what you think the most or this is almost a NIST question. But what the most important criteria are for determining whether you really can trust a multifactor authentication scheme.

Alan Laing: So theres the cryptographic part of it. Every multifactor authentication involves some sort of cryptography, whether its a one-time password or a random number generator. So, the independent and standards-based validation thats provided by the FIPS 140-2 validation scheme is probably the most important piece of that. The validator, the verifier of the request also needs to be locked down so theyre not just accepting any claim. It has to be also be cryptographically, and from a network security perspective, it needs to be sound. Those two together and you see the FIPS validation indications in the report as well as things like FedRAMP, or the NIST 853, which is their security controls document.

Jared Serbu: And as you also point out in the document, well, you dont point this out but Ill point out, not every agencys going to have the option to send government-furnished equipment home with every single employee. But you do point out that that is a better option, if you can. Can you talk a bit about why thats the case?

Alan Laing: Yeah. So the phrase that I like to use is, if you have a perfectly good sound authenticator, and you put it into a perfectly compromised host, whoever is controlling that host has access to those credentials. And so making sure that the credentials are in the control of the user, all factors of the authentication solution should be under the exclusive control of the user thats representing it. So government-furnished equipment is managed with the understanding of the specific threats. And its more difficult to do that with your own home computer than if the information isnt there, or the work required to maintain that might not be being done regularly.

Jared Serbu: Yeah, and you also point out that if you dont have the option of sending hardware home with people, virtual GFE is a pretty good second choice. Can you talk about how close we can get to a secure environment with that virtualized environment?

Alan Laing: So the 10s program that was referenced in the document is an Air Force program that basically takes your hardware and allows you to boot to a known good image. So that deals with a lot of the issues regarding you know, an intruder that might have persistence on the hard drive. It basically forces the adversary to start anew with an attack against your system. And these are refreshed periodically to maintain a fairly good protection against the current threats as well.

Jared Serbu: Thats Dr. Alan Laing, the senior subject matter expert for vulnerabilities and mitigations at NSA.

Read more here:

How to choose the right multifactor authentication program - Federal News Network

Posted in NSA

National Storage Affiliates Trust Announces Date of its Third Quarter 2020 Earnings Release and Conference Call – Business Wire

GREENWOOD VILLAGE, Colo.--(BUSINESS WIRE)--National Storage Affiliates Trust (NSA or the Company) (NYSE: NSA) today announced the Company will release financial results for the three months ended September 30, 2020 after market close on Thursday, November 5, 2020. NSA will host a conference call to discuss its financial results, current market conditions and future outlook at 1:00 p.m. Eastern Time on Friday, November 6, 2020. Following prepared remarks, management will accept questions from registered financial analysts. All other participants are encouraged to listen to the call via webcast using the link found on the Companys website.

Conference Call and Webcast:Date/Time: Friday, November 6, 2020 at 1:00 p.m. ETWebcast link available at: http://www.nationalstorageaffiliates.com Domestic (toll free): 877-407-9711International: 412-902-1014

Replay Information:Domestic (toll free): 877-660-6853International: 201-612-7415Conference ID: 13692161

A replay of the webcast will be available for 30 days on NSAs website at http://www.nationalstorageaffiliates.com. Any transcription, recording or retransmission of the Companys conference call and webcast in any way are strictly prohibited without the prior written consent of NSA.

Supplemental materials will be posted to the investor relations section of the companys website prior to the conference call.

About National Storage Affiliates Trust

National Storage Affiliates Trust is a real estate investment trust headquartered in Denver, Colorado, focused on the ownership, operation and acquisition of self storage properties located within the top 100 metropolitan statistical areas throughout the United States. As of June 30, 2020, the Company held ownership interests in and operated 784 self storage properties located in 35 states and Puerto Rico with approximately 49.2 million rentable square feet. NSA is one of the largest owners and operators of self storage properties among public and private companies in the United States.

View post:

National Storage Affiliates Trust Announces Date of its Third Quarter 2020 Earnings Release and Conference Call - Business Wire

Posted in NSA

UofL to launch health care cybersecurity curriculum with $6.3 million from National Security Agency, pilot focused on veterans and first responders -…

LOUISVILLE, Ky. The University of Louisville will develop a curriculum to increase cybersecurity talent specifically focused on health care thanks to a $6 million in funding from the National Security Agency (NSA). The pilot phase of the Healthcare Cybersecurity Workforce Certificate initially will provide the training for 200 first responders and military veterans in accordance with the request for proposal. The certificate incorporates technology industry badging from Microsoft, IBM, and Google, as well as hands-on, applied learning and gamification components.

UofL will lead the curriculum development and pilot the online program through itsCenter for Digital Transformation, working with a coalition of three other institutions. The project also includes $300,000 in funding for research into security biometrics.

We understand the need for cybersecurity talent in our health care workforce to protect the information systems that patients, providers, and payers rely on to deliver quality health care, said UofL President Neeli Bendapudi. We are excited to provide this exceptional opportunity for students to enhance their future career opportunities with cutting-edge skills in a short six-month time frame while increasing security for health care data in Louisville and beyond.

Building on more than a decade of expertise in cybersecurity training, UofL will lead a coalition of schools to develop the curriculum including the University of Arkansas Little Rock, the University of North Florida, the Kentucky Community and Technical College System Bluegrass Community and Technical College and Owensboro Community and Technical College, and a coalition liaison from the City University of Seattle. Each of the schools in the coalition is an NSA-designated National Center of Academic Excellence in Cyber Defense and contributes interests, experience, and skills aligned with health care cybersecurity systems.

U.S. Senate Majority Leader Mitch McConnell authored a provision in the FY 2020 National Defense Authorization Act directing the NSA to partner with universities to develop the cybersecurity workforce. Senator McConnell, also a senior member of the Senate Appropriations Committee, then secured the necessary federal funding to make this program possible. Later, the Senator wrote to NSA Director General Paul Nakasone to support UofLs application and encourage the universitys selection for this prestigious pilot program.

The University of Louisville is uniquely positioned to educate a new generation of cybersecurity professionals. I was proud to lead the Senate to create and fund this national security pilot program and to support the universitys proposal, McConnell said. Working with industry leaders through its Center for Digital Transformation, UofL and its coalition partners can improve our nations health care cyber defense. Im particularly pleased the university is tapping into the skills of our brave service members as they return to civilian life, including many from Kentuckys military installations. This project represents an intersection of UofLs many strengths and Im grateful for President Bendapudis enthusiasm to bring it to Louisville. I look forward to the collaborations benefits for our Commonwealth and the nation.

The UofL Center for Digital Transformation provides future-focused curricula and educational tools to help train the workforce in fast-growing technology areas by integrating the best features of industry and academic institution relationships. The center will coordinate, develop, manage, and monitor the Healthcare Cybersecurity Workforce Certificate program, a two-year project with an option for a third year. Following its development, the curriculum will be made available to other institutions at no charge, increasing the impact of this investment beyond Louisville and Kentucky.

In addition to the certificate program, the project will engage UofLs engineering research power to develop a new security authentication method using neural network models. Adel Elmaghraby, Ph.D., co-PI for the entire project and professor in the UofLSpeed School of Engineering, will lead a collaboration with Mississippi-based historically black institution Alcorn State University to conduct pioneering research into biometrics. The researchers will investigate whether a persons computer keystrokes and mouse movements can be used as a sort of digital signature which, along with their username and password, would provide an added layer of cybersecurity.

As technology continues to become more and more of an integral piece of our everyday lives, a strong cybersecurity industry and workforce are the most important protections we have in making our personal information, our financial transactions, and our health care systems secure, said U.S. Rep. John Yarmuth. I was proud to support this proposal and I am thrilled to see the University of Louisville receive this much sought-after federal investment. This project will help ensure that our city and the university are not only front and center in the future of cybersecurity and the protection of critical information, but also are creating the highly skilled workforce that drives economic growth for years to come.

Certificate program participants will complete the three-level certificate in only six months through online courses led by instructors from coalition institutions, gaining expertise in artificial intelligence, robotics, blockchain, internet of things (IoT), machine learning, and other areas. The curriculum will employ innovative training tools including gamification and make use of anonymous datasets and use cases provided by industry partners, including the Louisville Healthcare CEO Council.

As our health care data environment becomes increasingly complex, it is absolutely critical that patient health information is secure and protected, said Tammy York Day, LHCC president and CEO. LHCC is committed to supporting UofLs efforts to arm the next generation of cybersecurity professionals with the skills they need to ensure that our health care data infrastructure is a tool not a barrier to empowering patients to be active participants in their own health care. This grant from the NSA is one of many LHCC-UofL collaborative efforts designed to support and broaden our health care innovation ecosystem, create a strong tech talent pipeline, strengthen and deepen the connections between our corporate and academic communities and invest in Louisvilles success together.

While the curriculum is focused on the health care industry, the skills learned are applicable to multiple industries. In the course of the certificate program, participants will earn industry badges from Google, IBM, Microsoft, and others, adding value to certificate completion and providing pathways to additional educational opportunities.

Since these skills are applicable in nearly every industry, the career credentials these students will acquire are highly valued not only in the health care industry but across the business spectrum, said Sharon Kerrick, Ph.D., assistant vice president and executive director of UofLs Center for Digital Transformation and the principal investigator on the grant.

Andrew Wright, Ph.D., assistant professor of computer information systems in the UofLCollege of Business, will assist in leading the development of the certificate program curriculum. Once developed, the curriculum will be available to other institutions free of charge for one year. The first cohort of 30-40 students is expected to be enrolled in spring 2021. Applicants do not need health care experience or to be enrolled in a degree program at UofL to complete the certificate, however, it can be applied as a credit toward some UofL degree programs.

In its pilot phase, 200 military veterans and first responders will participate in the certificate program free of charge.

The cybersecurity certificate pilot led by UofL for military veterans and first responders is another great example of the universitys strong support to national security. This program will provide participants the opportunity to receive a meaningful certificate leading to employment opportunities in rewarding careers in a growth industry and provide regional/national employers with a much-needed talent source, said retired Army Brig. Gen. Jim Iacocca, president, and CEO of Knox Regional Development Alliance.

Kyle Hurwitz, director of military initiatives at UofL, says this is another example of UofLs commitment to serving military-connected students.

This grant is a win-win for the national cybersecurity talent pool especially focusing on health care, Hurwitz said. Through it, we will be able to assist transitioning service members to gain employment in very high demand industry.

UofL has achieved Military Friendly School designation for 10 consecutive years.

Excerpt from:

UofL to launch health care cybersecurity curriculum with $6.3 million from National Security Agency, pilot focused on veterans and first responders -...

Posted in NSA

NSA announces new Autumn webinar series ‘Feeding the flock and getting it right’ – The Scottish Farmer

IN a year where face to face events are off the table, the National Sheep Association are offering its next programme of Autumn webinars to be held as part of its Virtual celebration of sheep farming.

NSAs programme of webinars will this time be mostly themed to fit with the Autumn online events focus Feeding the flock and getting it right on Tuesday, October 21 and Wednesday, October 22.

The nutrition focussed discussions will provide sheep farmers with the chance to hear from industry experts in the comfort, safety and convenience of their own homes as Covid-19 restrictions continue to limit the opportunity to join traditional evening meetings often held by NSA regions at this time of year.

Many of NSAs long-standing supporters will be joining the webinars to deliver interesting and useful information. Sponsors and speakers for the two-day series include AHDB, MSD Animal Health, Rumenco, ForFarmers, The Woodland Trust, Agriwebb, Bimeda, Carrs Billington and British Wool.

All webinars will be open to everyone to join, with free registration for each webinar available in advance from the NSAs new online event website nsavirtualevent.org.uk

The opportunity to view new products and demonstrations will also run alongside the webinar programme as trade stand exhibitors and breed societies are able to deliver information to interested sheep farmers through their own dedicated area of the website.

NSA chief executive Phil Stocker said: We have been thrilled by the success of our webinars since this new way of sharing information was somewhat forced upon us earlier this year. Now, as a permanent feature of the knowledge exchange NSA is proud to deliver alongside some incredibly experienced and interesting speakers we hope that our new line up of Autumn webinars will appeal to sheep farmers, students, veterinary professionals and more who are looking to update their knowledge on flock nutrition and other topics..

Details of the webinar programme and registrations links can be found at http://www.nsavirtualevent.org.uk.

Recordings from previous NSA webinars can be viewed at http://www.nationalsheep.org.uk/webinars.

More:

NSA announces new Autumn webinar series 'Feeding the flock and getting it right' - The Scottish Farmer

Posted in NSA

How the NSA is disrupting foreign hackers targeting COVID-19 vaccine research – TechCrunch

The headlines arent always kind to the National Security Agency, a spy agency that operates almost entirely in the shadows. But a year ago, the NSA launched its new Cybersecurity Directorate, which in the past year has emerged as one of the more visible divisions of the spy agency.

At its core, the directorate focuses on defending and securing critical national security systems that the government uses for its sensitive and classified communications. But the directorate has become best known for sharing some of the more emerging, large-scale cyber threats from foreign hackers. In the past year the directorate has warned against attacks targeting secure boot features in most modern computers, and doxxed a malware operation linked to Russian intelligence. By going public, NSA aims to make it harder for foreign hackers to reuse their tools and techniques, while helping to defend critical systems at home.

But six months after the directorate started its work, COVID-19 was declared a pandemic and large swathes of the world and the U.S. went into lockdown, prompting hackers to shift gears and change tactics.

The threat landscape has changed, Anne Neuberger, NSAs director of cybersecurity, told TechCrunch at Disrupt 2020. Weve moved to telework, we move to new infrastructure, and weve watched cyber adversaries move to take advantage of that as well, she said.

Publicly, the NSA advised on which videoconferencing and collaboration software was secure, and warned about the risks associated with virtual private networks, of which usage boomed after lockdowns began.

But behind the scenes, the NSA is working with federal partners to help protect the efforts to produce and distribute a vaccine for COVID-19, a feat that the U.S. government called Operation Warp Speed. News of NSAs involvement in the operation was first reported by Cyberscoop. As the world races to develop a working COVID-19 vaccine, which experts say is the only long-term way to end the pandemic, NSA and its U.K. and Canadian partners went public with another Russian intelligence operation aimed at targeting COVID-19 research.

Were part of a partnership across the U.S. government, we each have different roles, said Neuberger. The role we play as part of Team America for Cyber is working to understand foreign actors, who are they, who are seeking to steal COVID-19 vaccine information or more importantly, disrupt vaccine information or shake confidence in a given vaccine.

Neuberger said that protecting the pharma companies developing a vaccine is just one part of the massive supply chain operation that goes into getting a vaccine out to millions of Americans. Ensuring the cybersecurity of the government agencies tasked with approving a vaccine is also a top priority.

Here are more takeaways from the talk, and you can watch the interview in full (embedded above).

TikTok is just days away from an app store ban, after the Trump administration earlier this year accused the Chinese-owned company of posing a threat to national security. But the government has been less than forthcoming about what specific risks the video sharing app poses, only alleging that the app could be compelled to spy for China. Beijing has long been accused of cyberattacks against the U.S., including the massive breach of classified government employee files from the Office of Personnel Management in 2014.

Neuberger said that the scope and scale of TikToks apps data collection makes it easier for Chinese spies to answer all kinds of different intelligence questions on U.S. nationals. Neuberger conceded that U.S. tech companies like Facebook and Google also collect large amounts of user data. But that there are greater concerns on how [China] in particular could use all that information collected against populations other than its own, she said.

The NSA is trying to be more open about the vulnerabilities it finds and discloses, Neuberger said. She told TechCrunch that the agency has shared a number of vulnerabilities with private companies this year, but those companies did not want to give attribution.

One exception was earlier this year when Microsoft confirmed NSA had found and privately reported a major cryptographic flaw in Windows 10, which could have allowed hackers to run malware masquerading as a legitimate file. The bug was so dangerous that NSA reported the vulnerability to Microsoft, which patched the bug.

Only two years earlier, the spy agency was criticized for finding and using a Windows vulnerability to conduct surveillance instead of alerting Microsoft to the flaw. The exploit was later leaked and was used to infect thousands of computers with the WannaCry ransomware, causing millions of dollars worth of damage.

As a spy agency, NSA exploits flaws and vulnerabilities in software to gather intelligence on the enemy. It has to run through a process called the Vulnerabilities Equities Process, which allows the government to retain bugs that it can use for spying.

Excerpt from:

How the NSA is disrupting foreign hackers targeting COVID-19 vaccine research - TechCrunch

Posted in NSA

Deputy NSA gets one year extension – The Hindu

The Central Government on Thursday extended the tenure of Deputy National Security Adviser Pankaj Saran for one year.

Mr. Saran is a 1982 batch officer of the Indian Foreign Service and was appointed Deputy NSA in May 2018. He was then serving as Indias envoy to Russia.

The competent authority has approved the extension in tenure of Mr. Saran for one year beyond September 3, 2020 on contract basis as per the notification issued by the Department of Personnel and Training.

Mr. Saran previously held different positions, including the countrys High Commissioner to Bangladesh and has also served as the Joint Secretary in the Prime Ministers Office between 2007 and 2012 during the UPA regime.

Former chief of the Intelligence Bureau, Ajit Doval, is the National Security Adviser since 2014 after the NDA government headed by Narendra Modi came to power.

You have reached your limit for free articles this month.

To get full access, please subscribe.

Already have an account ? Sign in

Show Less Plan

Find mobile-friendly version of articles from the day's newspaper in one easy-to-read list.

Move smoothly between articles as our pages load instantly.

Enjoy reading as many articles as you wish without any limitations.

A one-stop-shop for seeing the latest updates, and managing your preferences.

A select list of articles that match your interests and tastes.

We brief you on the latest and most important developments, three times a day.

*Our Digital Subscription plans do not currently include the e-paper ,crossword, iPhone, iPad mobile applications and print. Our plans enhance your reading experience.

Read the original post:

Deputy NSA gets one year extension - The Hindu

Posted in NSA

Crime Prevention and Community Outreach, Common Goals for NSA and NYPD Commissioner – Abasto, Food and Beverage Industry News

Leaders of the National Supermarket Association (NSA) met with New York Police (NYPD) Commissioner Dermont Shea in recent days to seek solutions to the recent wave of robberies against its members grocery stores and to work on programs to help the community.

NSA President William Rodriguez, accompanied by members of the Board of Directors of the association that represents more than 400 independent supermarkets in New York and other cities on the East Coast, had the opportunity to dialogue with Commissioner Shea on issues of mutual interest.

According to a press release from the NSA, the meeting was also attended by the Chief of Patrol Bureau, Fausto Pichardo, who is the first Dominican-American to reach this position.

NSA leaders discussed with Commissioner Shea priority issues for the association, such as finding solutions to reduce the recent crime wave in their members stores.

Related Article: The National Supermarket Association Strengthens Relationship With The Dominican Government

We had a very productive conversation that took place over the course of an hour in which we discussed high-level priorities, such as the recent increase in crime at our members stores, opportunities for partnership in our mutual efforts to reach out to youth, and ways we can work together to keep our communities safe, said Rodriguez.

The National Supermarket Association expressed its support for the NYPD and its leadership personally thanked Commissioner Shea for the work of his officers during the pandemic and their tireless efforts to help keep neighborhoods safe. NYC has been the safest big city in the world for a while and will continue to be so with the efforts of the NYPD, the statement said.

This meeting was a great first step in establishing a more formal relationship between NSA and NYPD. We look forward to working together now and in the future, the NSA leadership said.

Excerpt from:

Crime Prevention and Community Outreach, Common Goals for NSA and NYPD Commissioner - Abasto, Food and Beverage Industry News

Posted in NSA

Exceeding All Expectations: A Journey of Adversity, Triumph and Eternal Optimism – Worth

We all have a role to play if we are to discover an effective means out of our collective global social crisis.

This is the story that I never wanted to tell and the article that I never thought I would write.

Although these are my experiences, too many of my colleagues have similar stories. Unfortunately, so do many of our friends, family members and kindred spirits around the world. This is an American story, and it is a global story.

As a former senior national security official retrospectively looking at life, I can say that it is a story of hopes, promises, courage, circumstance, disappointment and perseverance. Most importantly, it is ultimately a story of triumph.

It is difficult to write about the numerous obstacles that one might face in lifeespecially when these obstacles are based solely on superficial trivialities, such as ones melanin content or skin pigmentation, and not on deficiencies in a persons intellect, motivation, character, potential or loyalty to their nation.

I have never sought sympathy nor empty apologies, so I have avoided talking about:

My climb up the corporate mountainwas arduous, challenging and eventually rewarding. I welcomed the challenge of high expectations, but unlike many of my non-minority counterparts who were on similar climbs, I had few Sherpas, almost no time for acclimation at any level, no supplemental oxygen (i.e., sustained mentoring or assistance) and had to move along a steeper incline than most.

I worked at the National Security Agency (NSA), where only a gifted and blessed few ever make it to the top of operations. From that perch, you are entrusted to lead the United States global Signals Intelligence enterprise and arguably one of the worlds most capable spy organizations. The NSAs Operations Directorate has a storied history that includes contributing to breaking the World War II enigma code and still provides key input to the President of the United States daily intelligence briefing book. In the NSAs storied operations history, no minority had ever successfully reached its pinnacle.

I was promoted into the U.S. Senior Executive Service in my late 30s. Since the NSA is a Department of Defense (DoD) organization, I was a one-star general equivalent. This came at a time when minorities rarely achieved that rank and almost never until their early 50s. I began my career as an Air Force Russian linguist. My first assignment was in Japan, where it immediately became apparent that the words Black and Russian were more synonymous with a bar drink than an individual. I was never mistreated, just viewed as more of a curiosity. My 36-plus-year career climb was unlike most. This is my first capture of these experiences in writing.

The anecdotes that I have experienced during my life would literally fill a multi-volume book. Upon hearing brief snippets, most listeners shake their heads in disbelief. Although only a few incidents were done with malicious intent, they each spoke volumes about our culture and accepted behaviors.

A few examples of the adversity I faced included:

In spite of the many challenges, I eventually shattered a significant ceiling becoming NSAs Director of Global Operations. Entrusted with multi-billion-dollar budgets, I led tens of thousands of the worlds best engineers, mathematicians, computer scientists, analysts and linguists. This was a far cry from the days when NSA minorities were relegated to the basement. However, when I departed the NSA, there was still much to be done.

The current pandemic has severely impacted much of our daily lives. This has also affected the economic, social and mental well-being of millions across the world.

However, there has also been a silent pandemic that has been ravaging our nation, and the world, for centuries. It has prevented citizens from attending schools and colleges, sporting and entertainment venues, visiting certain public places, joining various professions and being accepted into boardrooms. It has even interfered with places of worship. The side effects of this pandemic will likely linger for centuries to come. There are no daily casualty counts or comprehensive economic metrics, and although it is easy to identify, few want to acknowledge its existence. We shun the topic, ascribing it to days gone by, while ignoring the fact that if we only open our eyes, it stares back at us in our communities and workplaces. It is the pandemic of discrimination, bias and presumed privilege that knows no boundaries. This pandemic permeates every facet of our lives and is spawned in our homes, neighborhoods, communities and businesses. There appears to be no immunity for this silent plague and unfortunately few seem willing to help find a cure. But there is hope

The past six months have been a period of enlightenment for many. We have become semi-experts in the art of social distancing, living with some degree of depravity and adjusting to a new way of life. However, we have also seen an unprecedented social movement blossoming around the world. The movement has taken root in our homes, cities and businesses, and is being joined by those of goodwill and like minds daily. While this movement can be viewed with guarded optimism, many of us know that it is rooted in a fragile foundation that could crumble at any moment.

I applaud Worth for having the courage and social consciousness to allow me to tell part of my story. Mine is but a small link in a global chain of stories that should and must be told. I hope that in the coming months we can present the journeys of others who have triumphed in the face of overwhelming adversity. These authors stories should inspire us, while stirring our social and ethical consciousnesses to assist others in their journeys. We all have a role to play if we are to discover an effective means out of our collective global social crisis.

Writing this story has been cathartic. My reluctance has been overtaken by a sense of moral obligation to embolden others to come forward. We need your intellect, resourcefulness, ideas, prayers and active participation if we are to build a coalition of the willing and able. The journey will not be easymost worthy endeavors are usually laboriousbut we will achieve our goals. I look forward to serving with you. Keep the faith.

An indispensable guide to finance, investing and entrepreneurship.

Go here to read the rest:

Exceeding All Expectations: A Journey of Adversity, Triumph and Eternal Optimism - Worth

Posted in NSA

Police: 2 more held in Agra boys kidnap-murder, NSA to be invoked – The Indian Express

By: Express News Service | Noida | September 14, 2020 5:01:30 amAccording to police, the two were nabbed near KSB Chowk in Chinchwad around 7.30 pm on Wednesday. Police said that during a search, they recovered 13.2 grams of MD, worth Rs 39,600, from them. (Representational)

Three days after the body of a missing nine-year-old boy was found in a pile of sacks, Agra police on Sunday arrested two more accused in connection with the case, taking the total arrests to three. They are likely to invoke the National Security Act (NSA) against the accused. The process to suspend an inspector of the police station concerned for alleged dereliction of duty will soon start.

Two more persons have been arrested after the main accused, Wahid, was arrested on Saturday. Given the nature of the crime, we will ensure that NSA is invoked against the accused. We will be initiating suspension proceedings against a policeman of the station concerned, said Agra SSP Babloo Kumar.

The child went missing from Agras Dhaura area on Tuesday, and his body was found close to his home two days later. According to police, the accused kidnapped the boy hoping for Rs 2 lakh in ransom but ended up killing him for fear of being caught. The accused allegedly choked him to death, police said.

The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest India News, download Indian Express App.

The Indian Express (P) Ltd

Read the rest here:

Police: 2 more held in Agra boys kidnap-murder, NSA to be invoked - The Indian Express

Posted in NSA

Huge threat to national security as hackers attack NIC computers, steal sensitive information – DNA India

In a major development, India's largest data agency National Informatics Centre (NIC) faced a cyberattack in which many computers of the agency were targeted and sensitive information was stolen from them.

The Special Cell of Delhi Police has registered a case and started investigations in connection with this attack.

The NIC contains information related to the national interest, including the Prime Minister and the NSA, among others. In such a situation, this cyber attack is being considered very dangerous. According to the information, this cyberattack has been done by a Bangalore based firm, with connections to the United States

Besides the information related to national security, the NIC computers also have information related to the citizens of India, and well as VVIP people.

According to the information received by the Special Cell of Delhi Police, a malware was sent to the systems of NIC through e-mail. Clicking on the link wiped all the information from the computers after which, information was given to Delhi Police. As soon as the news broke, the Special Cell of Delhi Police took command and started investigating the case.

Upon investigation of the received email on the complaint of the employees of NIC, its link was found to be connected to a company based out of Bangalore. A police investigation found the IP address of this company, which is associated with a US-based firm.

Original post:

Huge threat to national security as hackers attack NIC computers, steal sensitive information - DNA India

Posted in NSA

NSA to be invoked against miscreants involved in killing Malihabad farmer: Lucknow DM – Outlook India

Lucknow, Sep 13 (PTI) The Lucknow district administration has decided to invoke stringent National Security Act against the six bike-borne miscreants involved in the killing of a 30-year-old farmer in its Malihabad tehsil early this week.

Ram Vilas Rawat, a Dalit farmer of Malihabad''s Dilawar Nagar area was attacked by the six bike-borne youths -- Ghulam Ali, Mustaqeem, Mufeed, Shanu and Guddu on Thursday night after he objected to them for running their bike on a hosepipe watering his field.

Rawat was critically injured in the attack and succumbed to his injuries while being rushed to the Malihabad community health centre, said police earlier.

"The entire incident is being probed by a Deputy SP rank officer and the National Security Act will be invoked against those found guilty," Lucknow District Magistrate of Abhishek Prakash said on Sunday.

Under the NSA, one can be detained without a charge for up to 12 months if the authorities are satisfied that the person is a threat to national security or law and order.

The police have already booked the six on charges of murder under IPC and various other provisions of the Scheduled Castes and the Scheduled Tribes (Prevention of Atrocities) Act, 1989.

So far, three accused -- Ghulam Ali, Mustaqeem and Mufeed -- have been arrested, and efforts are on to nab the other two suspects.District Magistrate Prakash on Saturday visited Dilawar Nagar and transferred a sum of Rs 5 lakh to the bank account Rawat''s widow.

He also urged the family members of the deceased to maintain peace in the area and assured them of all possible help.

"The entire incident will be probed, and mischievous elements should be identified, and their arms'' licence will be cancelled," the DM said.

Rawat''s death had triggered a protest from his co-villagers, who had blocked the Hardoi Road and clashed with police.

"The entire incident will be probed, and mischievous elements would be identified, and their arms'' licenses will be cancelled," the DM said.

Malihabad Sub-Divisional Magistrate Ajay Kumar Rai, meanwhile, on Sunday said the situation in the area is normal, and the police force has been deployed in the area. PTI NAV RAXRAX

Disclaimer :- This story has not been edited by Outlook staff and is auto-generated from news agency feeds. Source: PTI

View post:

NSA to be invoked against miscreants involved in killing Malihabad farmer: Lucknow DM - Outlook India

Posted in NSA