Monthly Archives: January 2015

Total Surveillance NSA using Email Address Contact Lists to target Drone Strikes Oct 21, 2013
Hi Friends,how are you? If You Like My Channel Then Please Like,Share And Subscribed To My Channel for daily Update...:)

By: John Salina

See the rest here:
Total Surveillance NSA using Email Address Contact Lists to target Drone Strikes Oct 21, 2013 - Video

In addition to having its own arsenal of digital weapons, the U.S. National Security Agency reportedly hijacks and repurposes third-party malware.

The NSA is using its network of servers around the world to monitor botnets made up of thousands or millions of infected computers. When needed, the agency can exploit features of those botnets to insert its own malware on the already compromised computers, through a technology codenamed Quantumbot, German new magazine Der Spiegel reported Sunday.

One of the secret documents leaked by former NSA contractor Edward Snowden and published by Der Spiegel contains details about a covert NSA program called DEFIANTWARRIOR thats used to hijack botnet computers and use them as pervasive network analysis vantage points and throw-away non-attributable CNA [computer network attack] nodes.

This means that if a users computer is infected by cybercriminals with some malware, the NSA might step in, deploy their own malware alongside it and then use that computer to attack other interesting targets. Those attacks couldnt then be traced back to the NSA.

According to the leaked document, this is only done for foreign computers. Bots that are based in the U.S. are reported to the FBI Office of Victim Assistance.

The NSA also intercepts and collects data that is stolen by third-party malware programs, especially those deployed by other foreign intelligence agencies, if it is valuable. It refers to this practice as fourth party collection.

In 2009, the NSA tracked a Chinese cyberattack against the U.S. Department of Defense and was eventually able to infiltrate the operation. It found that the Chinese attackers were also stealing data from the United Nations so it continued to monitor the attackers while they were collecting internal UN data, Der Spiegel reported.

It goes deeper than that. One leaked secret document contains an NSA workers account of a case of fifth party collection. It describes how the NSA infiltrated the South Korean CNE (computer network exploitation) program that targeted North Korea.

We found a few instances where there were NK officials with SK implants on their boxes, so we got on the exfil [data exfiltration] points, and sucked back the data, the NSA staffer wrote in the document. However, some of the individuals that SK was targeting were also part of the NK CNE program. So I guess that would be the fifth party collect you were talking about.

In other words, the NSA spied on a foreign intelligence agency that was spying on a different foreign intelligence agency that had interesting data of its own.

Originally posted here:
Report: NSA not only creates, but also hijacks, malware

US cybersecurity officials were convinced North Korea was behind the notorious Sony hack last November because the NSA had secretly infiltrated the hermit kingdoms computer systems years before the Hollywood e-mail raid, according to a new report.

The National Security Agency penetrated North Korean networks in 2010 over concerns the nations digital infrastructure was considered one of the most impenetrable targets on earth, The New York Times reports.

The NSAs classified program placed malware that could trace the workings of North Korean hackers and followed a secretive system that traveled from Chinese and Malaysian networks back into a North Korean intelligence service.

Evidence gathered during the US cyber-surveillance mission convinced President Obama that hackers backed by the North Korean government were responsible for the Sony attacks, the paper said.

The hackers released embarrassing personal e-mails from Sony Pictures bigwigs in an attempt to thwart the release of a movie that lampooned North Korean despot Kim Jong-un.

Read the rest here:
NSA hacked North Korea computers in 2010

Home News Security NSA hacked North Korea in 2010 but still failed to spot Sony attack The US had enough insight to blame North Korea. But will sceptics be convinced?

Share

The National Security Agency (NSA) failed to grasp the seriousness of North Koreas alleged November attack on Sony Pictures as it unfolded despite having penetrated the countrys networks as far back as 2010, a report by the New York Times has suggested.

Judging from the anonymous sources lined up by the newspaper as well as a short Der Spiegel document released from Edward Snowdens cache, the US program was fairly successful at burrowing into the North Korea s cyber-systems from about four years ago, detecting the Chinese and Malaysian networks used by its expanding cyber-army.

From the Spiegel document, it appears that both the US and South Korea were able to implant malware on the mailboxes of specific North Korean officials. The US even detected and hijacked a third-party campaign (most likely by China) that hacked North Korea with great success using a zero day flaw.

As to how the US used intelligence gathered during this period to trace the Sony attacks to North Korea only after the fact, the New York Times is tantalisingly vague. Again, we hit the usual wall.

Fearing the exposure of its methods in a country that remains a black hole for intelligence gathering, American officials have declined to talk publicly about the role the technology played in Washingtons assessment that the North Korean government had ordered the attack on Sony, said the NYT.

Why didnt the US spot the attacks in advance if they had broken into North Koreas systems? In fact it appears they did to some extent but underestimated their seriousness. For instance, the NSA did not know that the attackers had used a spear phishing attack to successfully gain access to the admin account needed to do much of the damage.

The attackers spent two months from mid-September to mid-November roaming around the firms network, plotting their destructive attack in more detail, the newspaper briefings said.

The US even put a name to the Sony attack - Reconnaissance General Bureau commander, Kim Yong-chol, who allegedly oversaw the attacks.

Read more:
NSA hacked North Korea in 2010 but still failed to spot Sony attack

The United States National Security Agency knew in advance that North Korea was about to hack into Sony's systems, according to The New York Times.

The NSA apparently penetrated North Korea's network through several vectors, including Chinese networks used to connect with the rest of the world and hacker connections in Malaysia. The NSA was able to burrow in using the networks of South Korea and other allies.

Leveraging the South Korean network was referenced in this now-unclassified NSA document published by Der Spiegel.

The evidence gathered by the NSA reportedly spurred President Obama's accusation that North Korea was behind last year's cyberattacks on Sony.

The report triggered a media storm and drew a wide gamut of responses from readers.

"I wonder if perhaps the NSA did get wind of the planned attack but deliberately withheld that info from Sony because it, the NSA, feared that Sony might react by tightening its security, thereby tipping off NK that the NSA knew what it was up to," mused archer717. "I'll bet Sony's execs are asking themselves just that question as they read this article."

Several expressed support for the NSA's monitoring North Korea's systems.

For example, "I'm very glad the U.S. has the capability to monitor these rogue actors," Tim wrote, pointing out that the NSA's stated mission is collecting foreign signals intelligence to prevent strategic surprises.

On the other hand, many, like Phil Green, argued that the U.S.' own hands are not clean.

"You always figure that, when the U.S. accuses another nation of bad behavior, that the U.S. has done the very act complained of," Green suggested. "We hacked Iran's and Brazil's oil companies and invaded the privacy of everyone on Earth long before we were caught, but not before we had accused others of doing what we do best and more of than anyone else."

See more here:
Warning Sony of Coming Storm Wasn't NSA's Department

The NSA quietly commandeered a botnet targeting US Defence agencies to attack other victims including Chinese and Vietnamese dissidents, Snowden documents reveal.

The allegation is among the latest in a cache of revelations dropped by Der Spiegel that revealed more about the spy agency.

The "Boxingrumble" botnet was detected targeting the Defence Department's Nonsecure Internet Protocol Router Network prompting NSA bods to redirect the attack to a server operated by the Tailored Access Operations unit.

A DNS spoofing attack tricked the botnet into treating the spies as trusted command and control agents. The NSA then used the bot's hooks into other victims to foist its own custom malware.

Much of the bot-hijacking attacks dubbed "Quantumbot" by the NSA was conducted under its operation DEFIANT WARRIOR which utilised XKeyscore and infrastructure of Five Eyes allies including Australia, New Zealand, the UK and Canada to identify foreign bots ripe for attack.

The work granted broader network exploitation, attack and vantage points, NSA Power Point slides revealed (pdf).

It was part of what appeared to be the NSA's dream of having "a botnet upon which the sun never sets", a goal noted under the slide title "if wishes were ponies".

Bots found in the US would be referred to the FBI for cleansing, but infected victims in other countries were considered collateral.

The documents also revealed the NSA's Tutelage program (pdf), a sister to Turmoil and part of the Turbulence family of surveillance and exploitation kit, was used to block distributed denial of service (DoS) attacks by the Anonymous collective.

Tutelage was successful in identifying and blocking internet protocol addresses linked to the Low Orbit Ion Cannon DDoS software when US Defence agencies were attacked.

More:
NSA: We're in YOUR BOTNET