1. NSA

Category Archives: NSA

SIM Card Company Says the NSA Probably Hacked It

Posted on by

TIME Tech Security SIM Card Company Says the NSA Probably Hacked It David GouldGetty Images But it denies the NSA got access to billions of people's mobile communications

One of the worlds largest manufacturers of SIM cards has acknowledged evidence of security agency attacks on the companys internal networks, but its denying that American and British intelligence agents were able to get access to billions of mobile phone users secure data.

Gemalto, a French-Dutch supplier of SIM cards, found reasonable grounds of an attack by U.S. National Security Agency and its British counterpart, the Government Communications Headquarters (GCHQ) following an internal investigation into a series of security incidents. The audits came after online publication The Intercept reported on what it said was a joint British-American operation to covertly hack Gemaltos stash of SIM encryption keys, based on documents leaked by Edward Snowden.

SIM cards are small encrypted devices inside cell phones that carry users unique identifier codes on a network. Breaking their encryption could allow intelligence agencies or hackers easier access to targets mobile communication.

In particular, Gemalto cited two sophisticated intrusions in 2010 and 2011, one of which involved sending malware-infected attachments from faked company email addresses. Gemalto acknowledged that the breaches may have enabled a third party such as the NSA to spy on internal communications from company employees, but denied the breach led to a massive loss of encryption keys. The Intercept previously reported that the NSA and GCHQ stole encryption codes as Gemalto sent them to device makers like Chinas Huawei.

The attacks against Gemalto only breached its office networks and could not have resulted in a massive theft of SIM encryption keys, read a statement from the company.

Read this article:

SIM Card Company Says the NSA Probably Hacked It

Posted in NSA

Snowden: Spy Agencies Screwed All of Us in Hacking Crypto Keys

Posted on by

NSA whistleblower Edward Snowden didnt mince words during a Reddit Ask Me Anything session on Monday when he said the NSA and the British spy agency GCHQ had screwed all of us when it hacked into the Dutch firm Gemalto to steal cryptographic keys used in billions of mobile SIM cards worldwide.

When the NSA and GCHQ compromised the security of potentially billions of phones (3g/4g encryption relies on the shared secret resident on the sim), Snowden wrote in the AMA, they not only screwed the manufacturer, they screwed all of us, because the only way to address the security compromise is to recall and replace every SIM sold by Gemalto.

Gemalto is one of the leading makers of SIM cards used in billions of mobile phones around the world to secure the communications of telecom customers of AT&T, T-Mobile, Verizon, Sprint and more than 400 other wireless carriers in 85 countries. Stealing the crypto keys essentially allows the spy agencies to wiretap and decipher encrypted phone communications at will without the assistance of telecom carriers or the oversight of a court or government. The keys also allow the agencies to decrypt previously intercepted messages they hadnt been able to crack.

But in stealing the keys with the aim of targeting the communications of specific customers, the spy agencies undermine the security of billions of other customers.

Our governments should never be weighing the equities in an intelligence gathering operation such that a temporary benefit to surveillance regarding a few key targets is seen as more desireable than protecting the communications of a global system Snowden wrote.

As The Intercept reported last week, the spy agencies targeted employees of the Dutch firm, reading their siphoned emails and scouring their Facebook posts to obtain information that would help the agencies hack the employees. Once on employee systems, the spy agencies planted backdoors and other tools to give them a persistent foothold on the companys network. We believe we have their entire network, the author of a PowerPoint slide, leaked by Snowden to journalist Glenn Greenwald, boasted about the hack.

Snowden commented on the story after being asked what he thought about recent revelations from Kaspersky Lab that it had uncovered a spy module, believed to belong to the NSA, designed for hacking the firmware of hard drives. Snowden said the firmware hacking was significant but even more significant was the theft of the crypto keys.

[A]lthough firmware exploitation is nasty, Snowden responded, its at least theoretically reparable: tools could plausibly be created to detect the bad firmware hashes and re-flash good ones. This isnt the same for SIMs, which are flashed at the factory and never touched again.

Julian Sanchez of the Cato Institute shared Snowdens sentiments about the crypto theft.

We hear a great deal lately about the value of information sharing in cybersecurity, he wrote in a blog post about the hack of Gemalto. Well, heres a case where NSA had information that the technology American citizens and companies rely on to protect their communications was not only vulnerable, but had in fact been compromised.[T]his is one more demonstration that proposals to require telecommunications providers and device manufacturers to build law enforcement backdoors in their products are a terrible, terrible idea. As security experts have rightly insisted all along, requiring companies to keep a repository of keys to unlock those backdoors makes the key repository itself a prime target for the most sophisticated attackerslike NSA and GCHQ.

Originally posted here:

Snowden: Spy Agencies Screwed All of Us in Hacking Crypto Keys

Posted in NSA

NSA: Snowden leaks hurt ability to track terrorists – CNN.com

Posted on by

"I would say that it has had a material impact in our ability to generate insights as to what counterterrorism, what terrorist groups around the world are doing," Adm. Michael Rogers told a group gathered in Washington for a cybersecurity summit hosted by the New America think tank.

READ: Jeb Bush defends NSA dragnet

"Do you have new blind spots that you didn't have prior to the revelation," moderator and CNN National Security correspondent Jim Sciutto asked.

"Have I lost capability that we had prior to the revelations? Yes," Rogers responded. "Anyone who thinks this has not had an impact I would say doesn't know what they're talking about."

Snowden himself remains free in Russia. A film about him won an Academy Award on Sunday evening.

Rogers says he knew U.S. infrastructure would likely come under cyber-attack on his watch, but the target of Sony Pictures was a surprise.

"I fully expected, sadly in some ways, that in my time as the commander of United States Cyber Command the Department of Defense would be tasked with attempting to defend the nation against those kind of attacks," he said. "I didn't realize that it would be against a motion picture company, to be honest."

North Korea is widely believed to be behind the hack in response to Sony's production of the film "The Interview," which depicts a comedic plot to kill leader Kim Jong-un

Rogers declined to respond to a question if the United States was behind a retaliatory online attack that took down North Korea's Internet access.

When asked which nations had the ability to strike U.S. cyber interests Rogers declined to provide assessments of most countries.

View original post here:

NSA: Snowden leaks hurt ability to track terrorists - CNN.com

Posted in NSA

NSA: Snowden leaks hurt us

Posted on by

"I would say that it has had a material impact in our ability to generate insights as to what counterterrorism, what terrorist groups around the world are doing," Adm. Michael Rogers told a group gathered in Washington for a cybersecurity summit hosted by the New America think tank.

READ: Jeb Bush defends NSA dragnet

"Do you have new blind spots that you didn't have prior to the revelation," moderator and CNN National Security correspondent Jim Sciutto asked.

"Have I lost capability that we had prior to the revelations? Yes," Rogers responded. "Anyone who thinks this has not had an impact I would say doesn't know what they're talking about."

Snowden himself remains free in Russia. A film about him won an Academy Award on Sunday evening.

Rogers says he knew U.S. infrastructure would likely come under cyber-attack on his watch, but the target of Sony Pictures was a surprise.

"I fully expected, sadly in some ways, that in my time as the commander of United States Cyber Command the Department of Defense would be tasked with attempting to defend the nation against those kind of attacks," he said. "I didn't realize that it would be against a motion picture company, to be honest."

North Korea is widely believed to be behind the hack in response to Sony's production of the film "The Interview," which depicts a comedic plot to kill leader Kim Jong-un

Rogers declined to respond to a question if the United States was behind a retaliatory online attack that took down North Korea's Internet access.

When asked which nations had the ability to strike U.S. cyber interests Rogers declined to provide assessments of most countries.

Visit link:

NSA: Snowden leaks hurt us

Posted in NSA

NSA director wants gov't access to encrypted communications

Posted on by

The U.S. should be able to craft a legal framework to let government agencies read encrypted data, Rogers says

It probably comes as no surprise that the director of the U.S. National Security Agency wants access to encrypted data on computers and other devices.

The U.S. should be able to craft a policy that allows the NSA and law enforcement agencies to read encrypted data when they need to, NSA director Michael Rogers said during an appearance at a cybersecurity policy event Monday.

Asked if the U.S. government should have backdoors to encrypted devices, Rogers said the U.S. government needs to develop a "framework."

"You don't want the FBI and you don't want the NSA unilaterally deciding, 'So, what are we going to access and what are we not going to access?'" Rogers said during his appearance at the New America Foundation. "That shouldn't be for us. I just believe that this is achievable. We'll have to work our way through it."

Justsecurity.org has a transcript of an exchange between Rogers and Yahoo CISO Alex Stamos at Monday's event.

Rogers isn't the first member of President Barack Obama's administration to call for encryption workarounds in recent months. In September, after Apple and Google announced encryption features on their smartphone OSes, both FBI Director James Comey and Attorney General Eric Holder raised concerns that additional encryption tools would hinder law enforcement investigations.

Stamos questioned whether it is a good idea to build backdoors in encryption. "If we're going to build defects/backdoors or golden master keys for the U.S. government, do you believe we should do so .... for the Chinese government, the Russian government, the Saudi Arabian government, the Israeli government, the French government?" he said, according to the Justsecurity transcript.

Rogers objected to using the word "backdoor". "When I hear the phrase 'backdoor', I think, 'Well, this is kind of shady. Why would you want to go in the backdoor? It would be very public,'" he said. "Again, my view is: We can create a legal framework for how we do this. It isn't something we have to hide, per se."

An NSA spokeswoman wasn't immediately available for further comment.

See the original post:

NSA director wants gov't access to encrypted communications

Posted in NSA

Yahoo Executive Confronts NSA Director Over Backdoors

Posted on by

In one of the most public confrontations of a top U.S. intelligence official by Silicon Valley in recent years, a senior Yahoo Inc. official peppered the National Security Agency director, Adm. Mike Rogers, at a conference on Monday over digital spying.

The exchange came during a question and answer session at a daylong summit on cybersecurity hosted by the think tank New America. Mr. Rogers spent an hour at the conference answering a range of questions about his agencys practices and the global cyber threat.

The tense exchange began when Alex Stamos, Yahoos chief information-security officer, asked Mr. Rogers if Yahoo should acquiesce to requests from Saudi Arabia, China, Russia, France and other countries to build a backdoor in some of their systems that would allow the countries to spy on certain users.

It sounds like you agree with [Federal Bureau of Investigation Director James] Comey that we should be building defects into the encryption in our products so that the US government can decrypt, Mr. Stamos said, according to a transcript of the exchange compiled by the Just Security blog.

That would be your characterization, Mr. Rogers said, cutting the Yahoo executive off.

Mr. Stamos was trying to argue that if Yahoo gave the NSA access to this information, other countries could try and compel the company to provide the same access to data.

Mr. Rogers said he believed that it is achievable to create a legal framework that allows the NSA to access encrypted information without upending corporate security programs.He declined to provide more details.

Well, do you believe we should build backdoors for other countries? Mr. Stamos continued?

My position is hey, look, I think that were lying that this isnt technically feasible, Mr. Rogers replied.

He said the framework would have to be worked out ahead of time by policy makers not the NSA.

Go here to see the original:

Yahoo Executive Confronts NSA Director Over Backdoors

Posted in NSA

Can the Senates new Republicans usher in NSA surveillance reform?

Posted on by

With the snow-capped Montana mountains behind him, flannel-clad Steve Daines blasted the National Security Agencys sweeping surveillance practices. I stood up to the Washington establishment in support of [a bill] to stop the NSA from collecting the records of innocent Americans, he said. Big government can take away our freedoms.

That was Mr. Daines campaign ad. And the message clearly resonated Daines, a former House representative from Montana, won his election to the Senate.

Security and privacy became hot-button issues in political races across the country after former NSA contractor Edward Snowden disclosed the spy agencys collection of millions of Americans call records. With several national polls showing Americans support curbing the controversial program, many wannabe senators, like Daines, spoke out about the need to protect civil liberties.

Now, 13 new senators are here in Washington and their votes will be crucial in the upcoming debates over surveillance reform.

Congress failed to pass a reform bill last year, despite President Obamas urging and recommendations from government-appointed privacy and civil liberties boards to end the domestic call record bulk collection program. In a Republican-controlled Congress, however, the politics of privacy are even more complex.

After the November elections, incoming Senate Majority Leader Mitch McConnell encouraged his Republican colleagues to oppose advancing the USA Freedom Act because it could hurt the fight against terrorism. With the threat from the Islamic State in the news, the vote to debate the surveillance reform bill fell short by just two votes. This time around, privacy advocates are warily watching the fresh crop of senators all Republican but one.

If they stay consistent with their past pro-privacy positions, they could very well tip the precarious balance in the upper chamber in favor of reform.

Theres a pretty short list of issues where our phones start ringing off the hook here, Daines told Passcode. Guns, he says, is a key one and when you start looking at surveillance and the federal government overreach, our phone really starts ringing.

This year, the pressures on: A key provision of the Patriot Act the NSA says provides the legal authority for the domestic spying program is set to sunset in June.

Its something the Republican Party is going to have to debate, says Mark Jaycox, legislative analyst for the Electronic Frontier Foundation. The question is going to be, can new members convince the leadership that these authorities need to be reformed?

See the original post:

Can the Senates new Republicans usher in NSA surveillance reform?

Posted in NSA

How the NSAs Firmware Hacking Works and Why Its So Unsettling

Posted on by

One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drives firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmwarethe guts of any computersurpasses anything else they had ever seen.

The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. The module, named nls_933w.dll, is the first of its kind found in the wild and is used with both the EquationDrug and GrayFish spy platforms Kaspersky uncovered.

It also has another capability: to create invisible storage space on the hard drive to hide data stolen from the system so the attackers can retrieve it later. This lets spies like the Equation Group bypass disk encryption by secreting documents they want to seize in areas that dont get encrypted.

Kaspersky has so far uncovered 500 victims of the Equation Group, but only five of these had the firmware-flashing module on their systems. The flasher module is likely reserved for significant systems that present special surveillance challenges. Costin Raiu, director of Kasperskys Global Research and Analysis Team, believes these are high-value computers that are not connected to the internet and are protected with disk encryption.

Heres what we know about the firmware-flashing module.

Hard drive disks have a controller, essentially a mini-computer, that includes a memory chip or flash ROM where the firmware code for operating the hard drive resides.

When a machine is infected with EquationDrug or GrayFish, the firmware flasher module gets deposited onto the system and reaches out to a command server to obtain payload code that it then flashes to the firmware, replacing the existing firmware with a malicious one. The researchers uncovered two versions of the flasher module: one that appears to have been compiled in 2010 and is used with EquatinoDrug and one with a 2013 compilation date that is used with GrayFish.

The Trojanized firmware lets attackers stay on the system even through software updates. If a victim, thinking his or her computer is infected, wipes the computers operating system and reinstalls it to eliminate any malicious code, the malicious firmware code remains untouched. It can then reach out to the command server to restore all of the other malicious components that got wiped from the system.

Even if the firmware itself is updated with a new vendor release, the malicious firmware code may still persist because some firmware updates replace only parts of the firmware, meaning the malicious portions may not get overwritten with the update. The only solution for victims is to trash their hard drive and start over with a new one.

The attack works because firmware was never designed with security in mind. Hard disk makers dont cryptographically sign the firmware they install on drives the way software vendors do. Nor do hard drive disk designs have authentication built in to check for signed firmware. This makes it possible for someone to change the firmware. And firmware is the perfect place to conceal malware because antivirus scanners dont examine it. Theres also no easy way for users to read the firmware and manually check if its been altered.

See the article here:

How the NSAs Firmware Hacking Works and Why Its So Unsettling

Posted in NSA

Google Gagged and Ordered by NSA and FBI to Release Personal Data of Wikileaks Staffers – Video

Posted on by


Google Gagged and Ordered by NSA and FBI to Release Personal Data of Wikileaks Staffers
Michael Ratner says that US government is still pursuing criminal investigations against Wikileaks Editor and staffers, not just because of what they have al...

By: TheRealNews

View original post here:

Google Gagged and Ordered by NSA and FBI to Release Personal Data of Wikileaks Staffers - Video

Posted in NSA

Laura Poitras on being Edward Snowden’s first contact over leaked NSA documents – Video

Posted on by


Laura Poitras on being Edward Snowden #39;s first contact over leaked NSA documents
Oscar-nominated filmmaker Laura Poitras talks about what it was like to be Edward Snowden #39;s first contact over leaked NSA documents. Subscribe to The National to watch more videos here:...

By: The National

More:

Laura Poitras on being Edward Snowden's first contact over leaked NSA documents - Video

Posted in NSA

  1. NSA