Blog Archives

NSA Malware: Built Despite Warnings, Used in Global Cyber Attack

Run for Your Life: The American Police State Is Coming to Get You

The National Geospatial-Intelligence Agency (NGA): Washington’s Little Known Spy Agency

Yahoo Secretly Scanned Customer Emails for U.S. Intelligence

NSA Participated In Worst Abuses of the Iraq War, Spied on the UN, Assisted with Torture and Assassinations

PRISM: The NSA’s Data Collection Surveillance Program

The NSA Has Been Using An Algorithm To Decide Who Gets Killed With Drone Strikes

NSA Spying Targeted Israel, Caught Congressional Conversations

“Angst” Against Encryption: National Security and the Surveillance State. The Global Crackdown

Top NSA Whistleblower: Only “AFTER the Attack and People Die, They Do The Right Thing. This Should Make It Obvious What Route To Take”

Orwellian Justice Upholds NSA Spying on Americans: Court of Appeals Upholds Unconstitutional Mass Surveillance

Why We Can’t Trust the NSA (And Why That’s a Crisis)

NSA affair creates tensions between Berlin and Washington

The NSA’s Technotyranny: One Nation Under Surveillance

NSA Spying and the Patriot Act: Americans Don’t Trust the Government

US Appeals Court Strikes Down Bulk NSA Phone Spying on Americans

The Computers are Listening

IT Independence is National Security

NSA and Facebook Work Together

Glenn Greenwald vs Former GCHQ Director David Omand on ISC Surveillance Report

Video – Newsnight

The Intelligence and Security Committee of the UK Parliament (ISC) issued a lengthy report on the surveillance practices of GCHQ. Invoking the now-standard Orwellian tactic of claiming that “bulk collection” is not “mass surveillance,” the Committee predictably cleared GCHQ of illegality, but it did announce that it has “serious concerns” over the agency’s lack of transparency and oversight.

Posted March 14, 2015

http://www.informationclearinghouse.info/article41228.htm

The NSA Has Taken Over the Internet Backbone. We’re Suing to Get it Back

Moscow-Based Security Firm Reveals What May Be the Biggest NSA “Backdoor Exploit” Ever

The Future of Freedom: Interview with NSA Whistleblower William Binney

How Many of These Secret Surveillance Programs Do you Know About?

Internal NSA reports detail violation of laws, internal regulations

NSA tapping vast majority of cell phone networks worldwide

By Thomas Gaist

5 December 2014

Electronic surveillance programs run by the US National Security Agency have compromised the great majority of the world’s cell phone networks, according to newly released NSA documents leaked by Edward Snowden and published on The Intercept.

The NSA’s operation AURORAGOLD, exposed by the new Snowdendocuments, has already established an institutional and technological framework through which the spy agency can achieve direct access to all data traversing the world’s cellular networks.

Run by at least two secret NSA spy units, referred to in the documents as the Wireless Portfolio Management Office and the Target Technology Trends Center, AURORAGOLD encompasses a range of surveillance and electronic infiltration activities against cell phone networks on every continent.

The agency had established some level of electronic surveillance presence within 701 of the estimated 985 global cell phone networks as early as May 2012, the leaked documents reveal.

The main purposes of AURORAGOLD, the slides in the documents indicate, are:

* to “maintain data about international GSM/UMTS [cell phone] networks”

* to “forecast the evolution” of global cellular networks in support of the agency’s “imperative to Know the Future”

* to develop intelligence on and surveillance operations against “GSM/UMTS infrastructure,” “voice data convergence,” “technology migration,” and “technology deployments”

As part of AURORAGOLD, the slides show that NSA agents engage in:

* installing electronic backdoors in encryption systems deployed to protect cell phone networks

* gathering intelligence on and predicting the future development of cell phone security systems

* cracking new encryption technologies before they have even been deployed on live cellular networks

Information gathered by AURORAGOLD is widely shared within the intelligence agencies of the US and its allies, the slides show.

“Coincident beneficiaries of this mission are, among others, other NSA SIGDEV elements, protocol exploitation elements, and Five-Eyes Partner SIGDEV organizations,” one slide states. The Five Eyes network is comprised of the United States, Canada, Britain, Australia and New Zealand.

The leaked slides include a color-coded map showing that the NSA has tapped into 100 percent of existing cellular networks in numerous countries, including the majority of countries in Africa, as well as Mexico, Saudi Arabia, the Philippines, Venezuela, Poland and Indonesia.

The NSA has tapped a large majority of cell phone networks in China, Russia, Turkey, Iran and Spain, the map shows, and is running cellular network surveillance operations inside the US, the UK, Australia, New Zealand, Germany and France.

Making clear that the NSA is seeking to establish a regime of total information awareness even in relation to its corporate partners, one slide reads, “We monitor the industry” and demands “visibility into changing standards and practices for: Roaming, Signaling, Billing, Interoperability.”

The agency systematically spied on the content of emails sent from more than 1,000 email accounts run by key offices within the global telecommunications network.

One of the NSA’s main targets was a British-based global trade group called the GSM Association, which maintains ties to hundreds of telecommunications and tech companies around the world. NSA operations against GSM sought to intercept “IR.21 documents” passed between companies via GSM. The IR.21 documents contain information about cell phone networks that the NSA uses to penetrate their security systems.

The NSA and its British counterpart GCHQ worked together to crack the so-called “A 5/3” encryption algorithm as part of a program called WOLFRAMITE, the documents show.

The documents also shed light on the role of NSA in supporting the geopolitical machinations of US imperialism. One document shows that the NSA received orders to hack Libyan cellphone networks from the Pentagon’s Africa Command (AFRICOM) in March 2011.

“AFRICOM IKD-OPS requires information concerning the SMS Gateway domains for: Libyana mobile (libyans.ly) and Al Madar Al Jadid (almadar.ly),” one slide reads.

A slide boasting of the agency’s “Notable Successes” claims that the NSA has achieved “IR 21 collection from 67 high-priority networks,” including “recent IR 21s from Egypt,” and “IR 21 collection related to a possible new Chinese network.”

The latest documents make a mockery of the countless lies advanced by the Obama administration and the intelligence establishment in defense of the US government’s warrantless surveillance programs.

Rather than being limited to telephone metadata, or to “foreign intelligence” threats, the NSA’s surveillance machine has direct access to the bulk of cell phone traffic worldwide, including traffic that is supposedly protected by encryption.

Responding to the latest revelations, NSA spokeswoman Vanee Vines reassured the public that the spy agency “collects only those communications that it is authorized by law.”

In a sense, it is true that the surveillance programs have been “authorized by law.”

With the emergence of the Foreign Intelligence Surveillance Court in 1978, a secret surveillance judiciary has was established that presides over the development of a panoply of unconstitutional spying operations by the US intelligence establishment.

This process has complete support from the Republican and Democratic parties in Congress and the last several presidential administrations, which have adopted a series of executive orders authorizing mass surveillance.

The entire US government, including the Congress, has endorsed practices which clearly violate the Fourth Amendment to the US Bill of Rights. It is the military and intelligence agencies that call the shots in Washington, in alliance with Wall Street, not Senators, congressmen and even presidents, who serve as willing accomplices.

Defending the worldwide cell network tapping programs, NSA spokesperson Vines argued that the use by “terrorists” of cellular networks justifies total access by the US agency to global cellular data. “Terrorists, weapons proliferators, and other foreign targets often rely on the same means of communication as ordinary people,” Vines said.

These words express the fact that as far as the NSA is concerned, Internet and telephone users have no democratic rights. Under the pretext of spying on “terrorists” lurking in every corner of the globe, the NSA is aggressively pursuing its openly stated objectives: “Collect it All; Process it All; Exploit it All; Partner it All; Sniff it All; Know it All.”

Terrorists also breath the same air, drink the same water, eat the same food and travel the same roads as ordinary people. Apparently this brings every necessity of human life under the jurisdiction of the US military-intelligence apparatus.

The favorite arguments of right-wing dictatorships are now continually invoked by the leaders of the US bourgeois state. The NSA spokesperson’s comments are a textbook application of the authoritarian legal theories developed by Nazi jurists, which call for the executive power to free itself from all legal constraints in response to a “state of emergency.”

The Obama administration has fully embraced authoritarian legal doctrine that the government the government can spy arbitrarily on any target that its agents select.

http://www.wsws.org/en/articles/2014/12/05/cell-d05.html

How the NSA Hacks Cellphone Networks Worldwide

Global Research, December 04, 2014

cellphone21In March 2011, two weeks before the Western intervention in Libya, a secret message was delivered to the National Security Agency. An intelligence unit within the U.S. military’s Africa Command needed help to hack into Libya’s cellphone networks and monitor text messages.

For the NSA, the task was easy. The agency had already obtained technical information about the cellphone carriers’ internal systems by spying on documents sent among company employees, and these details would provide the perfect blueprint to help the military break into the networks.

The NSA’s assistance in the Libya operation, however, was not an isolated case. It was part of a much larger surveillance program—global in its scope and ramifications—targeted not just at hostile countries.

According to documents contained in the archive of material provided toThe Intercept by whistleblower Edward Snowden, the NSA has spied on hundreds of companies and organizations internationally, including in countries closely allied to the United States, in an effort to find security weaknesses in cellphone technology that it can exploit for surveillance.

The documents also reveal how the NSA plans to secretly introduce new flaws into communication systems so that they can be tapped into—a controversial tactic that security experts say could be exposing the general population to criminal hackers.

Codenamed AURORAGOLD, the covert operation has monitored the content of messages sent and received by more than 1,200 email accounts associated with major cellphone network operators, intercepting confidential company planning papers that help the NSA hack into phone networks.

One high-profile surveillance target is the GSM Association, an influential U.K.-headquartered trade group that works closely with large U.S.-based firms including Microsoft, Facebook, AT&T, and Cisco, and is currently being funded by the U.S. government to develop privacy-enhancing technologies.

Karsten Nohl, a leading cellphone security expert and cryptographer who was consulted by The Intercept about details contained in the AURORAGOLD documents, said that the broad scope of information swept up in the operation appears aimed at ensuring virtually every cellphone network in the world is NSA accessible.

THE OPERATION APPEARS AIMED AT ENSURING VIRTUALLY EVERY CELLPHONE NETWORK IN THE WORLD IS NSA ACCESSIBLE.

“Collecting an inventory [like this] on world networks has big ramifications,” Nohl said, because it allows the NSA to track and circumvent upgrades in encryption technology used by cellphone companies to shield calls and texts from eavesdropping. Evidence that the agency has deliberately plotted to weaken the security of communication infrastructure, he added, was particularly alarming.

“Even if you love the NSA and you say you have nothing to hide, you should be against a policy that introduces security vulnerabilities,” Nohl said, “because once NSA introduces a weakness, a vulnerability, it’s not only the NSA that can exploit it.”

NSA spokeswoman Vanee’ Vines told The Intercept in a statement that the agency “works to identify and report on the communications of valid foreign targets” to anticipate threats to the United States and its allies.

Vines said: “NSA collects only those communications that it is authorized by law to collect in response to valid foreign intelligence and counterintelligence requirements—regardless of the technical means used by foreign targets, or the means by which those targets attempt to hide their communications.”

Network coverage

The AURORAGOLD operation is carried out by specialist NSA surveillance units whose existence has not been publicly disclosed: the Wireless Portfolio Management Office, which defines and carries out the NSA’s strategy for exploiting wireless communications, and the Target Technology Trends Center, which monitors the development of new communication technology to ensure that the NSA isn’t blindsided by innovations that could evade its surveillance reach. The center’s logo is a picture of the Earth overshadowed by a large telescope; its motto is “Predict – Plan – Prevent.”

The NSA documents reveal that, as of May 2012, the agency had collected technical information on about 70 percent of cellphone networks worldwide—701 of an estimated 985—and was maintaining a list of 1,201 email “selectors” used to intercept internal company details from employees. (“Selector” is an agency term for a unique identifier like an email address or phone number.) From November 2011 to April 2012, between 363 and 1,354 selectors were “tasked” by the NSA for surveillance each month as part of AURORAGOLD, according to the documents. The secret operation appears to have been active since at least 2010.The information collected from the companies is passed onto NSA “signals development” teams that focus on infiltrating communication networks. It is also shared with other U.S. Intelligence Community agencies and with the NSA’s counterparts in countries that are part of the so-called “Five Eyes” surveillance alliance—the United Kingdom, Canada, Australia, and New Zealand.

Aside from mentions of a handful of operators in Libya, China, and Iran, names of the targeted companies are not disclosed in the NSA’s documents. However, a top-secret world map featured in a June 2012 presentation on AURORAGOLD suggests that the NSA has some degree of “network coverage” in almost all countries on every continent, including in the United States and in closely allied countries such as the United Kingdom, Australia, New Zealand, Germany, and France.

map

One of the prime targets monitored under the AURORAGOLD program is the London-headquartered trade group, the GSM Association, or the GSMA, which represents the interests of more than 800 major cellphone, software, and internet companies from 220 countries.

The GSMA’s members include U.S.-based companies such as Verizon, AT&T, Sprint, Microsoft, Facebook, Intel, Cisco, and Oracle, as well as large international firms including Sony, Nokia, Samsung, Ericsson, and Vodafone.

The trade organization brings together its members for regular meetings at which new technologies and policies are discussed among various “working groups.” The Snowden files reveal that the NSA specifically targeted the GSMA’s working groups for surveillance.

Claire Cranton, a spokeswoman for the GSMA, said that the group would not respond to details uncovered by The Intercept until its lawyers had studied the documents related to the spying.

“If there is something there that is illegal then they will take it up with the police,” Cranton said.

By covertly monitoring GSMA working groups in a bid to identify and exploit security vulnerabilities, the NSA has placed itself into direct conflict with the mission of the National Institute for Standards and Technology, or NIST, the U.S. government agency responsible for recommending cybersecurity standards in the United States. NIST recently handed out a grant of more than $800,000 to GSMA so that the organization could research ways to address “security and privacy challenges” faced by users of mobile devices.

The revelation that the trade group has been targeted for surveillance may reignite deep-seated tensions between NIST and NSA that came to the fore following earlier Snowden disclosures. Last year, NIST was forced to urge people not to use an encryption standard it had previously approved after it emerged NSA had apparently covertly worked to deliberately weaken it.

Jennifer Huergo, a NIST spokewoman, told The Intercept that the agency was “not aware of any activities by NSA related to the GSMA.” Huergo said that NIST would continue to work towards “bringing industry together with privacy and consumer advocates to jointly create a robust marketplace of more secure, easy-to-use, privacy-enhancing solutions.”

gstreetview2 GSMA headquarters in London (above)

Encryption attack

The NSA focuses on intercepting obscure but important technical documents circulated among the GSMA’s members known as “IR.21s.”

Most cellphone network operators share IR.21 documents among each other as part of agreements that allow their customers to connect to foreign networks when they are “roaming” overseas on a vacation or a business trip. An IR.21, according to the NSA documents, contains information “necessary for targeting and exploitation.”

The details in the IR.21s serve as a “warning mechanism” that flag new technology used by network operators, the NSA’s documents state. This allows the agency to identify security vulnerabilities in the latest communication systems that can be exploited, and helps efforts to introduce new vulnerabilities “where they do not yet exist.”

The IR.21s also contain details about the encryption used by cellphone companies to protect the privacy of their customers’ communications as they are transmitted across networks. These details are highly sought after by the NSA, as they can aid its efforts to crack the encryption and eavesdrop on conversations.

Last year, the Washington Post reported that the NSA had already managed to break the most commonly used cellphone encryption algorithm in the world, known as A5/1. But the information collected under AURORAGOLD allows the agency to focus on circumventing newer and stronger versions of A5 cellphone encryption, such as A5/3.

The documents note that the agency intercepts information from cellphone operators about “the type of A5 cipher algorithm version” they use, and monitors the development of new algorithms in order to find ways to bypass the encryption.

In 2009, the British surveillance agency Government Communications Headquarters conducted a similar effort to subvert phone encryption under a project called OPULANT PUP, using powerful computers to perform a “crypt attack” to penetrate the A5/3 algorithm, secret memos reveal. By 2011, GCHQ was collaborating with the NSA on another operation, calledWOLFRAMITE, to attack A5/3 encryption. (GCHQ declined to comment for this story, other than to say that it operates within legal parameters.)

The extensive attempts to attack cellphone encryption have been replicated across the Five Eyes surveillance alliance. Australia’s top spy agency, for instance, infiltrated an Indonesian cellphone company and stole nearly 1.8 million encryption keys used to protect communications, the New York Times reported in February.

The NSA’s documents show that it focuses on collecting details about virtually all technical standards used by cellphone operators, and the agency’s efforts to stay ahead of the technology curve occasionally yield significant results. In early 2010, for instance, its operatives had alreadyfound ways to penetrate a variant of the newest “fourth generation” smartphone-era technology for surveillance, years before it became widely adopted by millions of people in dozens of countries.

The NSA says that its efforts are targeted at terrorists, weapons proliferators, and other foreign targets, not “ordinary people.” But the methods used by the agency and its partners to gain access to cellphone communications risk significant blowback.

According to Mikko Hypponen, a security expert at Finland-based F-Secure, criminal hackers and foreign government adversaries could be among the inadvertent beneficiaries of any security vulnerabilities or encryption weaknesses inserted by the NSA into communication systems using data collected by the AURORAGOLD project.

“If there are vulnerabilities on those systems known to the NSA that are not being patched on purpose, it’s quite likely they are being misused by completely other kinds of attackers,” said Hypponen. “When they start to introduce new vulnerabilities, it affects everybody who uses that technology; it makes all of us less secure.”

“IT AFFECTS EVERYBODY WHO USES THAT TECHNOLOGY; IT MAKES ALL OF US LESS SECURE.”

In December, a surveillance review panel convened by President Obama concluded that the NSA should not “in any way subvert, undermine, weaken, or make vulnerable generally available commercial software.” The panel also recommended that the NSA should notify companies if it discovers previously unknown security vulnerabilities in their software or systems—known as “zero days” because developers have been given zero days to fix them—except in rare cases involving “high priority intelligence collection.”

In April, White House officials confirmed that Obama had ordered NSA to disclose vulnerabilities it finds, though qualified that with a loophole allowing the flaws to be secretly exploited so long as there is deemed to be “a clear national security or law enforcement” use.

Vines, the NSA spokeswoman, told The Intercept that the agency was committed to ensuring an “open, interoperable, and secure global internet.”

“NSA deeply values these principles and takes great care to honor them in the performance of its lawful foreign-intelligence mission,” Vines said.

She declined to discuss the tactics used as part of AURORAGOLD, or comment on whether the operation remains active.

———

Documents published with this article:

———

Photo: Cell tower: Justin Sullivan/Getty Images; GSMA headquarters: Google Maps

New documents detail NSA surveillance of Yahoo

By Thomas Gaist

13 September 2014

A trove of some 1,500 documents released Thursday by Yahoo Inc. shed new light on the US government’s warrantless electronic data mining programs, which have targeted Yahoo users for years.

The documents cover 2008 rulings by the Foreign Intelligence Surveillance Court (FISC) and the Foreign Intelligence Surveillance Court Review (FISCR), a secret appeals court established to review FISC decisions. Large sections of the documents will remain “sealed and classified,” according to a top Yahoo official.

Rejecting Yahoo’s challenges to the warrantless surveillance, the FISC ruled in 2008 that “there is a foreign intelligence exception” to Fourth Amendment protections against warrantless spying, the documents show. The court held that provisions in the Protect America Act (PAA) of 2007 authorized the NSA to conduct warrantless surveillance of the communications of American citizens.

Reviewing the ruling in August of 2008, the FISC-R affirmed that warrantless electronic surveillance does not violate the Fourth Amendment as long as it is carried out for “foreign intelligence” purposes. The FISC-R cited previous US Supreme Court decisions, saying they had authorized the US government to ignore Fourth Amendment protections under exceptional conditions of “special needs,” such as those arising from the “global war on terrorism.”

In a statement published Thursday in response to the Yahoo releases, Director of National Intelligence (DNI) James Clapper defended the FISC rulings, arguing that provisions in the PAA empowered the NSA to spy on targets “reasonably believed” to possess “foreign intelligence information.”

DNI Clapper bluntly asserted that “incidental collection” of data from US persons associated with such operations does not violate the Fourth Amendment, even if the targets are located in the US.

“Any incidental acquisition of the communications of non-targeted persons located in the United States and of non-targeted US persons, wherever they may be located, is also reasonable under the Fourth Amendment,” Clapper wrote.

Behind the convoluted pseudo-legal rationales promulgated by the intelligence bureaucracy and secret surveillance courts—including “incidental collection,” “special needs,” and “foreign intelligence exceptions,” etc.—the underlying reality is that the US government spies on whoever it wants, collects as much data from as many sources as possible, and does so in direct violation of core democratic rights protected by the US Constitution. As the NSA’s own documents make clear, the agency is guided by a maximalist “collection posture” defined by six main principles: “Collect it All; Process it All; Exploit it All; Partner it All; Sniff it All; Know it All.”

The US government began developing its mass warrantless surveillance techniques years before the passage of the surveillance legislation—the PAA of 2007 and the FISA Amendments Act of 2008—cited by the FISC in defense of the spying. Starting in 2005, the US launched the so-called Real Time Regional Gateway (RTRG) program, which sought to collect and analyze all electronic communications produced inside Iraq.

RTRG became the model for PRISM, the NSA’s primary data mining program. Yahoo, Google, Facebook, AOL, Apple, Microsoft, Skype, YouTube, and other major tech and communications companies were revealed as active collaborators in the PRISM program by the 2013 Snowden leaks.

According to one of the NSA slides leaked by Snowden, “98 percent of PRISM production is based on Yahoo, Google and Microsoft.” Another slide described PRISM as “the number one source of raw intelligence used for NSA analytic reports,” saying that it collects 91 percent of Internet data acquired in the course of NSA operations.

Under PRISM, NSA analysts can access every type of data hosted by these companies, including email, chat, webcams, web-based telephones, social media data, and numerous other forms. NSA agents can spy on these communications in real time and troll through user archives at will.

In its official statement released Thursday, Yahoo sought to portray itself as a principled opponent of the warrantless surveillance.

“We refused to comply with what we viewed as unconstitutional and overbroad surveillance and challenged the US Government’s authority … we had to fight every step of the way to challenge the US government’s surveillance efforts,” Yahoo general counsel Ron Bell wrote.

Such claims, made in one form or another by all the major tech firms involved, are part of a public relations campaign mounted by the corporations to conceal their close relations with the US government and its surveillance apparatus. Despite their posturing, Yahoo and the other tech giants have transferred huge amounts of data to the government for a period spanning years and actively facilitated government efforts to penetrate their information systems.

Relations between the NSA and Microsoft highlight this contradiction between the companies’ rhetorical and legal maneuvers, on the one hand, and their actual actions when it comes to customers’ data.

Like Yahoo, Microsoft has challenged US government surveillance powers in court, yet it has simultaneously worked together with the NSA to enable the agency to defeat the company’s own encryption systems, and to grant the FBI and NSA direct access to the SkyDrive file-hosting service used by more than 250 million people worldwide. Microsoft’s acquisition of Skype massively accelerated NSA efforts to spy on the communications platform’s hundreds of millions of users, Snowden-leaked documents show.

http://www.wsws.org/en/articles/2014/09/13/yaho-s13.html

The NSA’s New Partner in Spying: Saudi Arabia’s Brutal State Police

Whistleblower: NSA Stores 80% of all Phone Calls, Not Just Metadata – Full Audio

Spying on Innocents

High-Level NSA Official: the NSA Has Become “J. Edgar Hoover On Super Steroids”

Snowden documents show NSA spied on prominent Muslim-Americans

The Latest Snowden Leak Is Devastating to NSA Defenders

How NSA Can Secretly Aid Criminal Cases

Glenn Greenwald: How the NSA Tampers With US-made Internet Routers

The Worldwide Surveillance Machine: Leaked NSA Documents expose Agency’s Sophisticated Malware Arsenal

By Thomas Gaist

Global Research, March 14, 2014

nsaIn an article published Wednesday by the Intercept, “How the NSA Plans to Infect ‘Millions’ of Computers with Malware,” Glenn Greenwald and Ryan Gallagher made public yet more revelations—based on documents provided to them by Edward Snowden—about US National Security Agency surveillance operations.

The latest documents show that the NSA has escalated its “active” surveillance operations exponentially during the past decade. In contrast to passive surveillance, active surveillance methods involve intervening directly against targeted machines using a sophisticated arsenal of malware for a range of surveillance-related purposes. According to the Intercept, the NSA’s malware efforts have already infected at least 85,000 to 100,000 computers.

The leaked documents detail various aspects of a worldwide surveillance machine that is increasingly automated.

The growth of spying operations has encouraged the agency to automate aspects of its work. The NSA presentation states, “One of the greatest challenges for active SIGINT/attack is scale,” and adds, “Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture.)”

A program codenamed TURBINE, which has been operating since at least the summer of 2010, automated aspects of the process of malware deployment by NSA hackers. The Interceptdescribed the program as “a major tactical shift within the NSA that was expected to have a profound impact—allowing the agency to push forward into a new frontier of surveillance operations.” One NSA document leaked to the Intercept conceived TURBINE as a means to “increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.”

The intelligence “Black Budget” leaked by Snowden listed TURBINE as a main component of the NSA project “Owning the Net.”

The NSA leaks characterize TURBINE as: “A new intelligent command and control capability designed to manage a very large number of covert implants for active SIGINT and active Attack that reside on the GENIE covert infrastructure (for endpoint data extraction). It will increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.”

Malware tools deployed by the NSA and operating increasingly on an automated basis under TURBINE, include:

UNITEDRAKE—takes control over computers through plug-ins

CAPTIVATEDAUDIENCE—takes control of computer microphones and records users’ conversations

GUMFISH—accesses computer webcams to take photos of those nearby

FOGGYBOTTOM—records users’ browsing histories and collects login information including passwords for email accounts

SALVAGERABBIT—extracts data from removable flash drives once they are linked to a targeted machine

HAMMERCHANT and HAMMERSTEIN—carries out “exploitation attacks” against Virtual Private Network (VPN) systems, track phone calls sent via Skype

QUANTUMSKY—blocks targeted computers from accessing web sites

QUANTUMCOPPER – corrupts files downloaded by targeted computers

WILLOWVIXEN—sends spam messages with malicious links containing “back-door implants”

QUANTUMHAND—uses fake Facebook server to “shoot” malware packets at target

SECONDDATE—modifies content of communications between servers and clients in real time, redirects browsers to NSA servers codenamed FOXACID, said by NSA docs to have “mass exploitation potential for clients passing through network choke points”

VALIDATOR—downloads and uploads data to and from targeted computers

The NSA also launches malware attacks against systems administrators of telecommunications providers. This practice enables the NSA to spy on all communications being handled by a given provider.

“Sys admins are a means to an end” wrote an NSA operative in an internal message titled, “I hunt sys admins,” the documents show.

TURBINE operations are coordinated with a global network of surveillance “sensors,” codenamed TURMOIL, set up by the NSA around the world. This network finds targets by identifying data “selectors” including email and IP addresses, usernames, etc.

The documents leaked to the Intercept show that the other major powers which make up the “Five Eyes” global surveillance alliance—the UK, Canada, New Zealand, and Australia—have been involved in the use of malware implants. As part of its TURMOIL network, the NSA runs a joint eavesdropping base with the Government Communications Headquarters (GCHQ) in Britain, called the Menwith Hill satellite eavesdropping base.

The latest documents also revealed that GCHQ has been targeting systems administrators at Belgacom, known as “Operation Socialist,” since at least 2010.

In the wake of Snowden’s exposure of the mass surveillance, a propaganda offensive was initiated by the ruling elite, claiming that the spying was “narrowly targeted” against highly specific, imminent terrorist threats. These arguments have been thoroughly discredited. As the most recent leaks show, the US and its allies are carrying out aggressive surveillance and cyberwarfare operations against their own populations and targets around the world.

The implementation of “active” surveillance practices reflects the drive of the state to accumulate as much information on as many people as possible, in preparation for state repression against the mass struggles now developing in the international working class. This political agenda is propelling the continuous expansion and automation of the spying machinery.

http://www.globalresearch.ca/the-worldwide-surveillance-machine-leaked-nsa-documents-expose-agencys-sophisticated-malware-arsenal/5373433

Leaked NSA documents expose agency’s sophisticated malware arsenal

By Thomas Gaist 

14 March 2014

In an article published Wednesday by the Intercept, “How the NSA Plans to Infect ‘Millions’ of Computers with Malware,” Glenn Greenwald and Ryan Gallagher made public yet more revelations—based on documents provided to them by Edward Snowden—about US National Security Agency surveillance operations.

The latest documents show that the NSA has escalated its “active” surveillance operations exponentially during the past decade. In contrast to passive surveillance, active surveillance methods involve intervening directly against targeted machines using a sophisticated arsenal of malware for a range of surveillance-related purposes. According to the Intercept, the NSA’s malware efforts have already infected at least 85,000 to 100,000 computers.

The leaked documents detail various aspects of a worldwide surveillance machine that is increasingly automated.

The growth of spying operations has encouraged the agency to automate aspects of its work. The NSA presentation states, “One of the greatest challenges for active SIGINT/attack is scale,” and adds, “Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture.)”

A program codenamed TURBINE, which has been operating since at least the summer of 2010, automated aspects of the process of malware deployment by NSA hackers. The Intercept described the program as “a major tactical shift within the NSA that was expected to have a profound impact—allowing the agency to push forward into a new frontier of surveillance operations.” One NSA document leaked to the Interceptconceived TURBINE as a means to “increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.”

The intelligence “Black Budget” leaked by Snowden listed TURBINE as a main component of the NSA project “Owning the Net.”

The NSA leaks characterize TURBINE as: “A new intelligent command and control capability designed to manage a very large number of covert implants for active SIGINT and active Attack that reside on the GENIE covert infrastructure (for endpoint data extraction). It will increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.”

Malware tools deployed by the NSA and operating increasingly on an automated basis under TURBINE, include:

UNITEDRAKE—takes control over computers through plug-ins

CAPTIVATEDAUDIENCE—takes control of computer microphones and records users’ conversations

GUMFISH—accesses computer webcams to take photos of those nearby

FOGGYBOTTOM—records users’ browsing histories and collects login information including passwords for email accounts

SALVAGERABBIT—extracts data from removable flash drives once they are linked to a targeted machine

HAMMERCHANT and HAMMERSTEIN—carries out “exploitation attacks” against Virtual Private Network (VPN) systems, track phone calls sent via Skype

QUANTUMSKY—blocks targeted computers from accessing web sites

QUANTUMCOPPER – corrupts files downloaded by targeted computers

WILLOWVIXEN—sends spam messages with malicious links containing “back-door implants”

QUANTUMHAND—uses fake Facebook server to “shoot” malware packets at target

SECONDDATE—modifies content of communications between servers and clients in real time, redirects browsers to NSA servers codenamed FOXACID, said by NSA docs to have “mass exploitation potential for clients passing through network choke points”

VALIDATOR—downloads and uploads data to and from targeted computers

The NSA also launches malware attacks against systems administrators of telecommunications providers. This practice enables the NSA to spy on all communications being handled by a given provider.

“Sys admins are a means to an end” wrote an NSA operative in an internal message titled, “I hunt sys admins,” the documents show.

TURBINE operations are coordinated with a global network of surveillance “sensors,” codenamed TURMOIL, set up by the NSA around the world. This network finds targets by identifying data “selectors” including email and IP addresses, usernames, etc.

The documents leaked to the Intercept show that the other major powers which make up the “Five Eyes” global surveillance alliance—the UK, Canada, New Zealand, and Australia—have been involved in the use of malware implants. As part of its TURMOIL network, the NSA runs a joint eavesdropping base with the Government Communications Headquarters (GCHQ) in Britain, called the Menwith Hill satellite eavesdropping base.

The latest documents also revealed that GCHQ has been targeting systems administrators at Belgacom, known as “Operation Socialist,” since at least 2010.

In the wake of Snowden’s exposure of the mass surveillance, a propaganda offensive was initiated by the ruling elite, claiming that the spying was “narrowly targeted” against highly specific, imminent terrorist threats. These arguments have been thoroughly discredited. As the most recent leaks show, the US and its allies are carrying out aggressive surveillance and cyberwarfare operations against their own populations and targets around the world.

The implementation of “active” surveillance practices reflects the drive of the state to accumulate as much information on as many people as possible, in preparation for state repression against the mass struggles now developing in the international working class. This political agenda is propelling the continuous expansion and automation of the spying machinery.

http://www.wsws.org/en/articles/2014/03/14/malw-m14.html

Leaked documents detail NSA surveillance operations against WikiLeaks

By Thomas Gaist 

19 February 2014

Documents from whistleblower Edward Snowden show that the US National Security Agency and British GCHQ have carried out political surveillance operations targeting WikiLeaks, its founder Julian Assange and readers of the whistle-blowing web site. In addition to the US and Britain, the operations also involved the other members “of the “Five Eyes” allied countries (New Zealand, Australia and Canada).

The documents were posted by Glenn Greenwald and Ryan Gallagher on the Intercept in an extensive expose titled “Snowden Documents Reveal Covert Surveillance and Pressure Tactics Aimed at WikiLeaks and Its Supporters.” Among other things, they show that the agency has collected IP addresses of computers visiting the WikiLeaks site, considered classifying WikiLeaks as “a malicious foreign actor,” and placed Assange on an NSA “manhunting” list that included alleged Al Qaeda terrorists.

The leaked documents have further exposed as lies the claims of the Obama administration that the NSA police-state apparatus is directed against “terrorists.” In reality, the NSA is using its illegal and secret access to the internet backbone to monitor the internet activity of its political adversaries and anyone considered a threat to the interests of the American ruling class.

The government of the UK has played a major role in the targeting of the web site. The leaked documents contained information about a GCHQ program called ANTICRISIS GIRL. The program is revealed in a Power Point slide prepared by the British spy agency for the 2012 SIGDEV Conference, an annual symposium held by the surveillance bureaucracies of the major powers. Under ANTICRISIS GIRL, GCHQ has been collecting IP addresses of individual computers that visit the WikiLeaks site, allowing them to identify and surveil individuals who access WikiLeaks.

As the Intercept wrote, “GCHQ used its surveillance system to secretly monitor visitors to a WikiLeaks site. By exploiting its ability to tap into the fiber-optic cables that make up the backbone of the Internet, the agency confided to allies in 2012, it was able to collect the IP addresses of visitors in real time, as well as the search terms that visitors used to reach the site from search engines like Google.”

“Illustrating how far afield the NSA deviates from its self-proclaimed focus on terrorism and national security,” the Intercept wrote, “the documents reveal that the agency considered using its sweeping surveillance system against Pirate Bay, which has been accused of facilitating copyright violations. The agency also approved surveillance of the foreign ‘branches’ of hacktivist groups, mentioning Anonymous by name.”

It must be assumed that by tapping into Internet cables operated by powerful telecommunications companies, the US government and its allies are able to monitor virtually all Internet activity.

Claims that surveillance does not target Americans have also been further discredited by the leak. One entry from the leaked NSA documents states that it is “Okay to go after foreign servers which US people use also” saying that surveillance operators should “try to minimize” the number of American users swept up in their electronic dragnet. When data from a US user is improperly captured, the documents state, this is “nothing to worry about.”

The US government has carried out a coordinated campaign against WikiLeaks in particular, beginning with the release of the Afghanistan War Logs in July of 2010.

An NSA file titled “Manhunting Timeline” from 2010 described the maneuvers of the US as it sought to coordinate an “international effort to focus the legal element of national power upon non-state actor Assange, and the human network that supports WikiLeaks.” In August 2010, the US government pressed 10 other countries to level criminal charges against Assange, describing him as “founder of the rogue WikiLeaks internet website and responsible for the unauthorized publication of over 70,000 classified documents covering the war in Afghanistan.”

For publishing documents that exposed the war crimes of the US ruling class, Assange is now listed in this gruesomely named file, which is filled with high priority enemies of the state. The “Manhunting Timeline,” according to the Intercept, “details, on a country-by-country basis, efforts by the US government and its allies to locate, prosecute, capture or kill alleged terrorists, drug traffickers, Palestinian leaders and others.”

Baltasar Garzón, a Spanish jurist who represents WikiLeaks, said, “These documents demonstrate that the political persecution of WikiLeaks is very much alive. The paradox is that Julian Assange and the WikiLeaks organization are being treated as a threat instead of what they are: a journalist and a media organization that are exercising their fundamental right to receive and impart information in its original form, free from omission and censorship, free from partisan interests, free from economic or political pressure.”

The leaks show that the NSA has proposed listing of Assange as a “malicious foreign agent,” a move which the Intercept said “would have allowed the group to be targeted with extensive electronic surveillance—without the need to exclude US persons from surveillance searches.”

Assange is currently trapped in the Ecuadorian embassy in London. He faces the danger of being extradited to Sweden on trumped-up sex charges. An NBC report earlier this month documented the use of sex scandals and other dirty tricks to undermine targets.

ANTICRISIS GIRL is one component of Britain’s surveillance efforts. The Global Telecoms Exploitation (GTE), which plays a role in ANTICRISIS, is also involved in the expansive data mining program TEMPORA. TEMPORA collects data from the backbone of the internet, enabling the surveillance agencies to access vast amounts of private information.

As the Intercept wrote about GTE and its role within GCHQ, “Operating in the United Kingdom and from secret British eavesdropping bases in Cyprus and other countries, GCHQ conducts what it refers to as ‘passive’ surveillance—indiscriminately intercepting massive amounts of data from Internet cables, phone networks and satellites. The GTE unit focuses on developing ‘pioneering collection capabilities’ to exploit the stream of data gathered from the Internet.”

In response to the leaks, WikiLeaks founder Julian Assange posted a statement online, saying that the intelligence agencies were operating above the law.

“News that the NSA planned these operations at the level of its Office of the General Counsel is especially troubling,” Assange said. “The NSA and its UK accomplices show no respect for the rule of law.”

Gus Hosein, head of the human rights organization Privacy International, similarly cited the documents as evidence of the collapse of the rule of law. “We may be tempted to see GCHQ as a rogue agency, ungoverned in its use of unprecedented powers generated by new technologies. But GCHQ’s actions are authorized by [government] ministers. The fact that ministers are ordering the monitoring of political interests of Internet users shows a systemic failure in the rule of law.”

http://www.wsws.org/en/articles/2014/02/19/wiki-f19.html

Today We Fight Back Against Mass Surveillance

By By Adi Kamdar

February 11, 2014 “Information Clearing House – “EFF” –  Since June, ongoing revelations about the NSA’s activities have shown us the expanding scope of government surveillance. Today is the day people around the world are demanding an end to mass spying.

A broad coalition of organizations, companies, and individuals are loudly voicing their stance against unwarranted mass spying—over 6,000 websites have joined together today to demand reform. EFF stands by millions of users—represented by groups like Demand Progress, ACLU, PEN, and Access as well as companies like Google, Twitter, Mozilla, and reddit—to reform governmental collection of innocent users’ information.

Over the past few years, we’ve seen the Internet as a political force make waves in Washington. From our defeat of the Internet censorship bill SOPA to our battles over CISPA, TPP, and patent reform, history has shown that we can activate our networks to beat back legislation that threatens our ability to connect, as well as champion bills that will further our rights online.

We can win this. We can stop mass spying. With public opinion polls on our side, unprecedented pressure from presidential panels and oversight boards, and millions of people speaking out around the world, we’ve got a chance now to change surveillance policy for good.

Last year, we were presented with a new opportunity—an opportunity in the form of leaks that showed us the truth about deeply invasive surveillance programs around the world. This is the year we make good on that opportunity. Let’s ensure that sacrifices made by whistleblowers and risks taken by brave journalists were not done in vain.

Join us in fighting back. We’ve laid out below how you can speak out against mass spying.

In the US? Call Congress today.

Dial 202-552-0505 or click here to enter your phone number and have our call tool connect you

Privacy Info: This telephone calling service is operated by Twilio and will connect you to your representatives. Information about your call, including your phone number and the time and length of your call, will be collected by Twilio and subject to Twilio’s privacy policy.

Calling Congress takes just five minutes and is the most effective action you can take right now to let your elected officials know that mass surveillance must end.

Here’s what you should say:

I’d like Senator/Representative __ to support and co-sponsor H.R. 3361/S. 1599, the USA Freedom Act. I would also like you to oppose S. 1631, the so-called FISA Improvements Act. Moreover, I’d like you to work to prevent the NSA from undermining encryption standards and to protect the privacy rights of non-Americans.

Outside the US? Take action now.

Mass spying affects all of us worldwide. Demand an end to mass surveillance by signing the 13 Principles petition.

More ways to get involved

After you have called Congress or signed the 13 Principles, share this action widely.

Join me in demanding an end to illegal mass surveillance. Take action now:

https://thedaywefightback.org/?r=eff%20#StoptheNSA

On your social network of choice, be sure to use the hashtag #StoptheNSA.

There are also a handful of in-person events occurring around the world—protests, discussions, cryptoparties, and more. Don’t see one in your area? It’s not too late to throw one together today.

Today we fight back

This fight is more important than ever. Our world has radically changed since last June, when newspapers started reporting on mass spying based on documents revealed by Edward Snowden. Today, it is widely known that the international spy agencies collect users’ phone callsemailsaddress booksbuddy listscalling recordsonline video game chatsfinancial documentsbrowsing historytext messages, and calendar data. We also know that the security agencies have hacked deep into the backbone of the Internet and disrupted international encryption standards. These activities compromise the confidence and safety of countless people, organizations, and companies.

The President’s NSA review group has demanded expansive reforms to NSA surveillance programs. The Congressionally mandated Privacy and Civil Liberties Oversight Board has condemned NSA surveillance programs as illegal. And recent polls have shown that a majority of Americans oppose governmental mass collection of phone and Internet data.

It’s time to turn this momentum into action. Call Congress today, or if you’re abroad, make your voice heard.

http://www.informationclearinghouse.info/article37615.htm

NSA “Exploiting” U.S. Citizens Online Porn Viewing Habits: James Bamford

Video

“Everyone’s a Target: How America Lost Control of the National Security Agency”

Posted February 10, 2014

 Clip

http://www.informationclearinghouse.info/article37602.htm

%d bloggers like this: