Paranoid Technology All things cybersecurity

19Mar/14Off

NSA’s MYSTIC Program – Where is it deployed?

mystic-logoOn March 18 Washington Post published an article detailing another NSA program based on Snowden documents. According to these documents the NSA has a surveillance system that is capable of recording 100% of  a foreign country's phone calls.

Some details of the system - from the Washington Post article:

".... In the initial deployment, collection systems are recording “every single” conversation nationwide, storing billions of them in a 30-day rolling buffer that clears the oldest calls as new ones arrive, according to a classified summary.

The call buffer opens a door “into the past,” the summary says, enabling users to “retrieve audio of interest that was not tasked at the time of the original call.” Analysts listen to only a fraction of 1 percent of the calls, but the absolute numbers are high. Each month, they send millions of voice clippings, or “cuts,” for processing and long-term storage. ...."

16Mar/14Off

Zuckerberg Calls Obama about NSA’s antics…

fb-markzuckerbegMark Zuckerbeg apparently called President Obama the day after more revelations from Edward Snowden documents came into light that NSA was using a system called Turbine to emulate Facebook servers for hijacking user accounts and hacking into computer systems.

Zuckerberg who has been speaking against NSA's intrusive surveillance operations for a while now wrote on his page:

"I've called President Obama to express my frustration over the damage the government is creating for all of our future. Unfortunately, it seems like it will take a very long time for true full reform."

On his personal page Zuckerberg further said -

5Feb/13Off

President given “broad authority” to order cyber attacks

cyber-warfareEnter the era of official cyber warfare. According to a report by The New York Times; a secret White House legal review has cleared the way for preemptive cyber attacks if the president determines there is credible evidence of a pending attack. Granted certain countries are really trying hard to steal corporate secrets, but hopefully, this will not end-up like conventional warfare - remember the (on-going) misguided UAV attacks and now the new enemy cyber terrorists....  Officials who had been involved in the review told The Times' David Sanger and Thom Shanker that the new rules give the president "broad power" to order computer-based attacks on adversaries that disrupt or destroy their systems, without requiring a declaration of war from Congress. The rules also govern how intelligence agencies can monitor networks for early warnings of imminent attacks, and when the Department of Defense can become involved in dealing with domestic network-based attacks.

15Jan/13Off

Red October Cyber Espionage Ring

large-red-october We thought it started with StuxNet and/or Flame - Red October cyber espionage ring has been in operation for 5 years, deep undercover. It targeted most major European governments, diplomatic offices all over the world. The most interesting thing this may not be a state sponsored attack, or so far it seems. During its 5 year existence Red October downloaded hundreds of terabytes of data to its operators. Who is behind this operation is currently unclear. Kaspersky Labs uncovered this espionage ring; senior Kaspersky researcher Roel Schouwenberg told SecurityWatch:...

4Jan/13Off

State Sponsored Cyber Espionage Up by 75%

According to a report issued by the Defense Security Services, government sponsored espionage is up by 75% from 2011.

DSS Director Stanley L. Sims stated that the attack pattern became even more firmly established in fiscal year 2011. And followed on to say: "Foreign collectors seek to elude the protective efforts of industry, DSS, the Intelligence Community, and law enforcement by concealing their activities behind various covers, such as third countries, front companies, and cyber identities."

9Oct/12Off

Intelligence Panel – Chinese Telecom Companies Pose a Threat

In a report to be issued on Monday the House Intelligence Committee is warning US businesses not to do business with Huawei Technologies Ltd. and ZTE Corp of China.

The report reflects on the  U.S. concern over cyber-attacks traced to China - "China has the means, opportunity, and motive to use telecommunications companies for malicious purposes," the report says. In addition the report recommends that no US government system use any components from these two companies due to espionage risk.

19Jun/12Off

US & Israel Develop Flame to Slow Down Iranians

The behemoth (20 times the size of Stuxnet) called Flame turned out to be a US & Israel joint effort to slow down Iran's nuclear efforts. This is the first organized cyber espionage / sabotage campaign to date by governments. Well other than Promis scandal (U.S. was acting solo on that one and it was only espionage) - read this little article on Wikipedia.

According to Kaspersky Labs Flame and Stuxnet shared some of the same code proving that the both malware were written by the same point of origin.“This is about preparing the battlefield for another type of covert action,” said one former

10Feb/12Off

Hoping for a “Cyber Crisis”…

It is true, industrial espionage is a big problem in the U.S. - Russia and China were pointed out to be the two major conspirators stealing technology and trade secrets from American companies in a report sent to the Congress by the U.S. intelligence community last year... According to the report the loss is in billions of dollars. So what should be done, should we rely on the companies to protect themselves or ask for the government to step in?

   
Stop SOPA