1. NSA

Category Archives: NSA

China stole F35 Joint Strike Fighter jet designs NSA document leak Breaking News January 2015 – Video

Posted on by


China stole F35 Joint Strike Fighter jet designs NSA document leak Breaking News January 2015
China stole F35 Joint Strike Fighter jet designs NSA document leak Breaking News January 2015 http://mashable.com/2015/01/18/f35-joint-strike-fighter-snowden/ January 2015 Breaking News USA...

By: u2bheavenbound

Visit link:

China stole F35 Joint Strike Fighter jet designs NSA document leak Breaking News January 2015 - Video

Posted in NSA

We shall wipe out Pakistan if it thinks of nuclear war with Hindustan – NSA Shri Ajit Doval Sir – Video

Posted on by


We shall wipe out Pakistan if it thinks of nuclear war with Hindustan - NSA Shri Ajit Doval Sir
NSA Shri Ajit Doval Sir said there would be no Pakistan if it thinks of nuclear war with Hindustan.

By: Ajit Doval Fans

See the rest here:

We shall wipe out Pakistan if it thinks of nuclear war with Hindustan - NSA Shri Ajit Doval Sir - Video

Posted in NSA

Report: NSA not only creates, but also hijacks, malware

Posted on by

In addition to having its own arsenal of digital weapons, the U.S. National Security Agency reportedly hijacks and repurposes third-party malware.

The NSA is using its network of servers around the world to monitor botnets made up of thousands or millions of infected computers. When needed, the agency can exploit features of those botnets to insert its own malware on the already compromised computers, through a technology codenamed Quantumbot, German new magazine Der Spiegel reported Sunday.

One of the secret documents leaked by former NSA contractor Edward Snowden and published by Der Spiegel contains details about a covert NSA program called DEFIANTWARRIOR thats used to hijack botnet computers and use them as pervasive network analysis vantage points and throw-away non-attributable CNA [computer network attack] nodes.

This means that if a users computer is infected by cybercriminals with some malware, the NSA might step in, deploy their own malware alongside it and then use that computer to attack other interesting targets. Those attacks couldnt then be traced back to the NSA.

According to the leaked document, this is only done for foreign computers. Bots that are based in the U.S. are reported to the FBI Office of Victim Assistance.

The NSA also intercepts and collects data that is stolen by third-party malware programs, especially those deployed by other foreign intelligence agencies, if it is valuable. It refers to this practice as fourth party collection.

In 2009, the NSA tracked a Chinese cyberattack against the U.S. Department of Defense and was eventually able to infiltrate the operation. It found that the Chinese attackers were also stealing data from the United Nations so it continued to monitor the attackers while they were collecting internal UN data, Der Spiegel reported.

It goes deeper than that. One leaked secret document contains an NSA workers account of a case of fifth party collection. It describes how the NSA infiltrated the South Korean CNE (computer network exploitation) program that targeted North Korea.

We found a few instances where there were NK officials with SK implants on their boxes, so we got on the exfil [data exfiltration] points, and sucked back the data, the NSA staffer wrote in the document. However, some of the individuals that SK was targeting were also part of the NK CNE program. So I guess that would be the fifth party collect you were talking about.

In other words, the NSA spied on a foreign intelligence agency that was spying on a different foreign intelligence agency that had interesting data of its own.

Go here to see the original:

Report: NSA not only creates, but also hijacks, malware

Posted in NSA

NSA hacked North Korea computers in 2010

Posted on by

US cybersecurity officials were convinced North Korea was behind the notorious Sony hack last November because the NSA had secretly infiltrated the hermit kingdoms computer systems years before the Hollywood e-mail raid, according to a new report.

The National Security Agency penetrated North Korean networks in 2010 over concerns the nations digital infrastructure was considered one of the most impenetrable targets on earth, The New York Times reports.

The NSAs classified program placed malware that could trace the workings of North Korean hackers and followed a secretive system that traveled from Chinese and Malaysian networks back into a North Korean intelligence service.

Evidence gathered during the US cyber-surveillance mission convinced President Obama that hackers backed by the North Korean government were responsible for the Sony attacks, the paper said.

The hackers released embarrassing personal e-mails from Sony Pictures bigwigs in an attempt to thwart the release of a movie that lampooned North Korean despot Kim Jong-un.

Read more here:

NSA hacked North Korea computers in 2010

Posted in NSA

Warning Sony of Coming Storm Wasn't NSA's Department

Posted on by

The United States National Security Agency knew in advance that North Korea was about to hack into Sony's systems, according to The New York Times.

The NSA apparently penetrated North Korea's network through several vectors, including Chinese networks used to connect with the rest of the world and hacker connections in Malaysia. The NSA was able to burrow in using the networks of South Korea and other allies.

Leveraging the South Korean network was referenced in this now-unclassified NSA document published by Der Spiegel.

The evidence gathered by the NSA reportedly spurred President Obama's accusation that North Korea was behind last year's cyberattacks on Sony.

The report triggered a media storm and drew a wide gamut of responses from readers.

"I wonder if perhaps the NSA did get wind of the planned attack but deliberately withheld that info from Sony because it, the NSA, feared that Sony might react by tightening its security, thereby tipping off NK that the NSA knew what it was up to," mused archer717. "I'll bet Sony's execs are asking themselves just that question as they read this article."

Several expressed support for the NSA's monitoring North Korea's systems.

For example, "I'm very glad the U.S. has the capability to monitor these rogue actors," Tim wrote, pointing out that the NSA's stated mission is collecting foreign signals intelligence to prevent strategic surprises.

On the other hand, many, like Phil Green, argued that the U.S.' own hands are not clean.

"You always figure that, when the U.S. accuses another nation of bad behavior, that the U.S. has done the very act complained of," Green suggested. "We hacked Iran's and Brazil's oil companies and invaded the privacy of everyone on Earth long before we were caught, but not before we had accused others of doing what we do best and more of than anyone else."

Excerpt from:

Warning Sony of Coming Storm Wasn't NSA's Department

Posted in NSA

NSA: We're in YOUR BOTNET

Posted on by

The NSA quietly commandeered a botnet targeting US Defence agencies to attack other victims including Chinese and Vietnamese dissidents, Snowden documents reveal.

The allegation is among the latest in a cache of revelations dropped by Der Spiegel that revealed more about the spy agency.

The "Boxingrumble" botnet was detected targeting the Defence Department's Nonsecure Internet Protocol Router Network prompting NSA bods to redirect the attack to a server operated by the Tailored Access Operations unit.

A DNS spoofing attack tricked the botnet into treating the spies as trusted command and control agents. The NSA then used the bot's hooks into other victims to foist its own custom malware.

Much of the bot-hijacking attacks dubbed "Quantumbot" by the NSA was conducted under its operation DEFIANT WARRIOR which utilised XKeyscore and infrastructure of Five Eyes allies including Australia, New Zealand, the UK and Canada to identify foreign bots ripe for attack.

The work granted broader network exploitation, attack and vantage points, NSA Power Point slides revealed (pdf).

It was part of what appeared to be the NSA's dream of having "a botnet upon which the sun never sets", a goal noted under the slide title "if wishes were ponies".

Bots found in the US would be referred to the FBI for cleansing, but infected victims in other countries were considered collateral.

The documents also revealed the NSA's Tutelage program (pdf), a sister to Turmoil and part of the Turbulence family of surveillance and exploitation kit, was used to block distributed denial of service (DoS) attacks by the Anonymous collective.

Tutelage was successful in identifying and blocking internet protocol addresses linked to the Low Orbit Ion Cannon DDoS software when US Defence agencies were attacked.

Read more:

NSA: We're in YOUR BOTNET

Posted in NSA

NSA brags about turning the tables on cyberwarfare hackers

Posted on by

NSA NSA headquarters

How confident is the National Security Agency about its ability to wage cyberwarfare? Enough so that it's bragging about it. A new round of Edward Snowden leaks published by Der Spiegel reveal that the institution has not only been gearing up for a future of digital battles (it asked for $1 billion to improve its cyberattacks back in 2013), but boasts about what it can already do. For example, it touts that it can "drink your milkshake" (There Will Be Blood style) if you dare attack American government computers. When China hacked the Department of Defense in 2009, the NSA not only pinpointed the source of attack, but broke into China's intelligence network and monitored the country's spying efforts. This "fourth party collection," as the NSA calls it, lets the agency find out what's happening without doing all the hard work.

The NSA also makes it a point to use the tools and methods of their attackers against them, and to develop its own attacks against critical systems (like energy grids) in case they're needed. Its agents all that worried about getting caught, either. They regularly cover their tracks, such as by placing data on the servers of "scapegoat" targets to throw people off the scent.

It's not surprising that the NSA would turn the tables on its foes. However, it's willing to use "fourth party" techniques on any country that isn't part of the Five Eyes Alliance (Australia, Canada, New Zealand, the UK and the US), including its allies. And there's a concern that the US is shifting too much of its attention toward offensive capabilities, rather than focusing on defense -- it's hard to claim the moral high ground in cyberwarfare when you're willing and able to inflict serious damage.

Der Spiegel

The rest is here:

NSA brags about turning the tables on cyberwarfare hackers

Posted in NSA

NSA secretly hijacked existing malware to spy on N. Korea, others

Posted on by

When the NSA had limited access to North Korea's networks, the agency secretly tapped into South Korea's surveillance malware.

A new wave of documents from Edward Snowden's cache of National Security Agency data published by Der Spiegel demonstrate how the agency has used its network exploitation capabilities both to defend military networks from attack and to co-opt other organizations' hacks for intelligence collection and other purposes. In one case, the NSA secretly tapped into South Korean network espionage on North Korean networks to gather intelligence.

The documents were published as part of an analysis by Jacob Appelbaum and others working for Der Speigel of how the NSA has developed an offensive cyberwarfare capability over the past decade. According to a report by the New York Times, the access the NSA gained into North Korea's networkswhich initially leveraged South Korean "implants" on North Korean systems, but eventually consisted of the NSA's own malwareplayed a role in attributing the attack on Sony Pictures to North Korean state-sponsored actors.

Included with the documents released by Der Spiegel are details on how the NSA built up its Remote Operations Center to carry out "Tailored Access Operations" on a variety of targets, while also building the capability to do permanent damage to adversaries' information systems, including internal NSA newsletter interviews and training materials. Also included was a malware sample for a keylogger, apparently developed for by NSA and possibly other members of the "Five Eyes" intelligence community, was also included in the dump. The code appears to be from the Five Eyes joint program "Warriorpride," a set of tools shared by the NSA, the United Kingdom's GCHQ, The Australian Signals Directorate, Canada's Communications Security Establishment, and New Zealand's Government Communications Security Bureau.

It's not clear from the report whether the keylogger sample came from the cache of documents provided by former NSA contractor Edward Snowden, or from another source. As of now, Appelbaum and Der Spiegel have not yet responded to a request by Ars for clarification. However, Appelbaum has previously published content from the NSA, including the NSA's ANT catalog of espionage tools, that were apparently not from the Snowden cache.

The core of NSA's ability to detect, deceive, block and even repurpose others' cyber-attacks, according to the documents, are Turbine and Turmoil, components of the Turbulence family of Internet surveillance and exploitation systems. These systems are also connected to Tutelage, an NSA system used to monitor traffic to and from US military networks, to defend against attacks on Department of Defense systems.

When an attack on a DoD network is detected through passive surveillance (either through live alerts from the Turmoil surveillance filters or processing by the Xkeyscore database), the NSA can identify the components involved in the attack and take action to block it, redirect it to a false target to analyze the malware used in the attack, or do other things to disrupt or deceive the attacker. This all happens outside of DOD's networks, on the public Internet, using "Quantum" attacks injected into network traffic at a routing point.

But NSA can also use others' cyberattacks for its own purposes, including hijacking botnets operated by other actors to spread NSA's own "implant" malware. Collection of intelligence of a target using another actor's hack of that target is referred to within the signals intelligence community as "fourth party collection." By discovering an active exploit by another intelligence organization or other attacker on a target of interest, the NSA can opportunistically ramp up collection on that party as well, or even use it to distribute its own malware to do surveillance.

In a case study covered in one NSA presentation, the NSA's Tailored Access Office hijacked a botnet known by the codename "Boxingrumble" that had primarily targeted the computers of Chinese and Vietnamese dissidents, and was being used to target the DOD's unclassified NIPRNET network. The NSA was able to deflect the attack and fool the botnet into treating one of TAO's servers as a trusted command and control (C&C or C2) server. TAO then used that position of trust, gained by executing a DNS spoofing attack injected into the botnet's traffic, to gather intelligence from the bots and distribute NSA's own implant malware to the targets.

Things get even more interesting in the case of NSA's urgent need to gather more intelligence from North Korea's networks. In a question-and-answer posting to NSA's intranet, an NSA employee recounted a "fifth party" collection that occurred when the NSA hacked into South Korea's exploit of North Korean computers--and ended up collecting data from North Korea's hack of someone else:

Read more:

NSA secretly hijacked existing malware to spy on N. Korea, others

Posted in NSA

NSA Hacked N Korean Network Prior to Sony Incursion

Posted on by

Andrea Mitchell

Andrea Mitchell, the veteran NBC chief foreign affairs correspondent, is also the host of "Andrea Mitchell Reports," an hour of political news and interviews with top newsmakers on MSNBC.

Mitchell covered the entire 2008 presidential campaign, from the kickoff in February 2007, broadcasting live from every major primary and caucus state and all the candidate debates for NBC News and MSNBC programs, including TODAY, Nightly News with Brian Williams, Hardball, Morning Joe and Meet the Press.

She also covered Barack Obama's trip to Iraq, the Middle East and Europe during the presidential campaign. Mitchell currently covers foreign policy, intelligence and national security issues for all NBC News properties.

As a featured political correspondent in 2004, Mitchell was a regular panelist on MSNBCs Hardball and was the first reporter to break the story that Democratic presidential nominee Sen. John Kerry had chosen Sen. John Edwards as his vice presidential running mate.

In September 2005, Mitchell authored Talking Back, a memoir about her experiences as one of the first women to cover five presidents, Congress and foreign policy.

That year, Mitchell also received the prestigious Goldsmith Career Award for Excellence in Journalism from the John F. Kennedy School of Government.

In 2004, the Radio-Television News Directors Association honored Mitchell with the Leonard Zeidenberg Award for her contribution to the protection of First Amendment freedoms.

Mitchells extensive and varied reports include a series of exclusive interviews over the years with Cuban President Fidel Castro. Her unprecedented access resulted in a one-hour documentary on Cuba in December 2003.

Throughout 2002 and 2003, Mitchell covered the United Nations debate leading up to the Iraq war and provided detailed reports on the questions surrounding pre-war intelligence and weapons of mass destruction.

View original post here:

NSA Hacked N Korean Network Prior to Sony Incursion

Posted in NSA

NSA Broke Into North Korea's Internet Before Sony Hack: Report

Posted on by

TheNational Security Agency-- also known as the NSA -- tapped into North Koreas computer network in 2010, long before the attack on Sony Pictures Entertainment in November, the New York Timesreported exclusively. The U.S. was able to pinpoint North Korea as the culprit responsible for the Sony hack since it was familiar with the DPRKs Internet operation.

But the U.S. didnt break into the computer system of Kim Jong Uns government without help. South Korea and other allies aided America, the Times said, citing an NSA document along withformer U.S. and foreign officials.

President Barack Obama blamed North Korea for the Sony hack. He had no doubt North Korea was responsible because the information came through early warning radar, the Times said.

The speed and certainty with which the United States made its determinations about North Korea told you that something was different here -- that they had some kind of inside view, James A. Lewis, acyberwarfareexpert at the Center for Strategic and International Studies in Washington, told the Times. Attributing where attacks come from is incredibly difficult and slow.

When American whistleblower Edward Snowden leaked information about the NSA to media outlets in June 2013, the country had mixed feelings about whether the U.S. government should monitor their personal communications in the search for potential threats, the Washington Post reported Saturday. A Washington Post-ABC News poll released Sunday indicates twice as many Americans are willing to give up their privacy to protect themselves from potential terror threats as those who oppose the surveillance.The study queried 1,003 adults Jan. 12-15. It had a margin of error of 3.5 points.

When it comes to privacy versus protection, young adults are the most confused. They are split with 48 percent saying threats should be investigated and 47 percent saying privacy should be put first. However, when it comes to senior citizens the divide is drastically different: 75 percent of people more than 65 years of age say threats should be examined.

Snowden, who sought asylum in Russia, released documents indicatingChinese spies stole 50 terabytes of data, including information about the F-35 Joint Strike Fighter. The Chinese were reportedly able to use data stolen from American intelligence to create "fifth-generation" fighter that could threaten the dominance the U.S. holds in the skies.

Follow me on Twitter @mariamzzarella

View post:

NSA Broke Into North Korea's Internet Before Sony Hack: Report

Posted in NSA

Report: Inside North Korea's network, NSA saw signs of Sony attack

Posted on by

The U.S. National Security Agency has had a secret foothold for years in North Koreas networks and saw signs of the Sony Pictures Entertainment attack but only in retrospect grasped its reach and depth, The New York Times reported Sunday.

The spy agency has worked for at least four years to infiltrate networks inside North Korea and those in China and Malaysia favored by the countrys hackers, the newspaper reported, citing former U.S. and foreign officials and a newly disclosed NSA document published by Der Spiegel.

The revelation explains why the U.S. quickly blamed North Korea for the attacks despite widespread skepticism from the computer security community, which said only circumstantial evidence pointed to the countrys involvement.

The hackers were incredibly careful, and patient, the Times reported, citing a person who had been briefed on the investigation.

The Sony attack stole terabytes of sensitive documents, including a salary spreadsheet for 6,000 employees, internal emails, pre-release copies of films and vast amounts of personnel data. It also broke thousands of the organizations computers by using a destructive type of malicious software that wipes files.

A group calling itself the Guardians of Peace claimed responsibility for the attacks, releasing the data piecemeal on file-sharing sites and reaching out directly to journalists with links to the material.

It initially appeared the group wanted to blackmail Sony. Only later did the North Korean connection emerge in part due to Sony Pictures plan to release The Interview, a comedy centered on an absurd campaign by two Americans to assassinate North Korean leader Kim Jong Un.

After the U.S. blamed North Korea in mid-December, it was silent on what evidence led to the conclusion. On Jan. 2, President Barack Obama authorized sanctions against North Korea, adding to those in place for years against the secretive nation.

Its the second time the U.S. has directly blamed another country for cyberattacks. In the first legal action of its kind in May 2014, federal prosecutors charged five members of the Chinese Army with stealing trade secrets from U.S. organizations over eight years. China denied the accusations.

FBI Director James Comey offered more clues for the Sony attacks on Jan. 7, saying the hackers failed to to mask their IP addresses. That revealed some emails from the hackers to Sony employees came from Internet connections used by the North.

Go here to read the rest:

Report: Inside North Korea's network, NSA saw signs of Sony attack

Posted in NSA

  1. NSA