Posts Tagged ‘hacking’

Philippines: Former Interior Secretary Warns of Possible Reactions By China to The Philippines’ South China Sea Arbitration Effort

March 25, 2014


Pagasa Island

MANILA – Former Interior and Local Government Secretary Rafael Alunan reveals China had warned the Philippines of consequences once it files its memorial with the International Tribunal for the Law of the Sea or ITLOS on March 30.

Alunan, a co-convenor of the West Philippine Sea Coalition, said the warning was communicated by China’s foreign ministry to the Philippines’ envoy in China. He said he got the information from a top government official.

Alunan said based on intelligence analysis, the consequences could range from expanded sanctions to outright sabotage.

Some members of the West Philippine Sea Coalition at an event last year: (L to R) Rene Saguisag, Risa Hontiveros, Nick Sotelo, Rafael Alunan III, and Roilo Golez.

He said part of the sanctions imposed by China was a ban on the import of Philippine bananas to China due to a rise in tensions over Scarborough Shoal.

“In the realm of what is possible, there were two things that they concentrated on in their analysis. One is expanded sanctions…In this particular case, they could expand the sanctions by stopping the flow of raw materials needed by our local manufacturers and exporters. The second possible action that China might take against us could be in the form of sabotage. As you know, people are concerned by the fact that a Chinese state-owned company controls our grid. They have 40% in terms of investment but they have operational and maintenance control,” he said.

“I was told the grid could be shut down remotely. I was taken aback by that. And then there is also a possibility that they can introduce viruses to our communication lines that can either capture data or corrupt data. The third aspect…instead of walloping us in the West Philippine Sea, they can just fund our local rebels and make trouble.”

But Alunan and former National Security Adviser Roilo Golez both agree the arbitration case is the best approach to the territorial dispute.

They said an ITLOS ruling in favor of the Philippines would give the country the legal backing and the moral high ground and prove that China is the interloper.

“By being over-assertive, China is triggering an alliance against itself,” Golez said.

Alunan added: “If we play our cards right in the United Nations, the General Assembly itself could issue a statement detrimental to China.

“The best way to stand up to a bully is to stand united.”

China claims about 90 percent of the 3.5-million-sq-km resource-rich waters situated in the south of China and surrounding several Southeast Asian nations. Malaysia, Brunei, Vietnam and Taiwan also claim parts of the sea.

Recently, China told the Philippines to abandon the disputed Ayungin Shoal in the West Philippine Sea after Manila said it planned to challenge a Chinese naval blockade of the area by sending supplies to its troops stationed there.

“The Chinese government’s attitude on maintaining the country’s sovereignty and territorial integrity is unwavering. We will never tolerate the Philippines illegal occupation of Ren’ai reef,” Chinese Foreign Ministry spokesman Hong Lei told a daily news briefing.

“China is on high alert for the Philippines possibly taking more provocative acts in the South China Sea. The Philippines must accept responsibility for the consequences of what will happen,” he claimed.

The Philippines has urged regional grouping the Association of South East Asian Nations (ASEAN) to conclude a binding code of conduct (CoC) with China to avoid accidents and miscalculations in the disputed waters, but China has been insisting direct dialogues with each claimant instead of group discussion.

The Philippines has taken its dispute with China to arbitration under the U.N. Convention on the Law of the Sea but China is refusing to participate. With Reuters

Includes video:



By Camille Diola ( |

MANILA, Philippines — Former Interior Secretary Rafael Alunan III warned against China’s feared retaliation through economic and environmental sanctions after Manila’s memorial is submitted to the arbitral tribunal on March 30.

Alunan said that China can sabotage communication lines and even the electrical grid, but it can also support armed groups in the country.

“Something that wasn’t discussed too much but still falls within the realm of the possible is that instead of walloping us in the West Philippine Sea and driving home their point, they could just fund our local rebels and make trouble,” Alunan, a co-convenor of the West Philippine Sea Coalition, said in an interview with ANC on Tuesday.

Alunan said that China has threatened to impose economic sanctions on the Philippines in opposition to the arbitration case pending before the International Tribunal on the Law of the Sea in the Hague, Netherlands.

He said the warning was made by the Chinese Foreign Ministry to Philippine envoys in Beijing.

Further analysis of intelligence data and Chinese capabilities, meanwhile, also reveals likely scenarios Alunan had called “irregular warfare.”

“They could expand the sanctions by stopping the flow of raw materials needed by our local manufacturers and exporters,” Alunan said.

He also warned that the Asian giant may disrupt human and ecological security by “remotely” shutting down the electrical grid, 40 percent of which is controlled by a Chinese state-owned company.

“I was taken aback by that. And then there is also a possibility that they can introduce viruses to our communication lines that can either capture data or corrupt data,” Alunan said.

In a message shared with, Alunan urged government officials, including those in posts not related to defense, to answer 10 questions on national security in anticipation of China’s possible actions.

Map locator

Above: China’s claims are vast and contrary to international law.

The chart below shows the area declared by China on 1 January 2014 as “an area under China’s jurisdiction.” China says “foreign fishing vessels” can only enter and work in this area with prior approval from China. Vietnam, the Philippines and others have said they will not comply with China’s law.



Issa Says CIA Spying on Senate Intelligence Committee Could be “Treason”

March 13, 2014

House Oversight Committee Chairman Darrell Issa said he is incensed about allegations the CIA spied on the Senate Intelligence Committee, calling it “treason.”

Breitbart News

“I think Senator Feinstein is as outraged as anyone and I share her outrage. I think the violation of the Constitutional separation of powers should be an offense of the highest level—virtually treason,” Issa told Breitbart News on Tuesday.

“Spying on the executive branch—spying on Congress or violating the separation of powers as to the Supreme Court or as to Congress is effectively treason. Treason—it’s written up in the Constitution,” Issa said of Feinstein’s revelations, adding, “I don’t know who gave the orders, but to spy on other branches is in fact a constitutional violation at the level of high crimes and misdemeanors and certainly should cause the removal of anyone involved.”

Sen. Dianne Feinstein (D-CA), Chairman of the Senate Select Intelligence Committee, Tuesday accused the spy agency of secretly examining her committee’s computers and taking documents relating to the CIA’s interrogation methods on terror suspects who were held overseas after the 9/11 attacks.

CIA Chief John Brennan disputed Feinstein during a speech at the Council on Foreign Relations saying that, “when the facts come out on this, I think a lot of people who are claiming that there has been this tremendous sort of spying and monitoring and hacking will be proved wrong.”

According to reports, Feinstein is seeking out the FBI to investigate the matter further. Feinstein’s colleague Sen. Barbara Boxer (D-CA) told Breitbart News she supports Feinstein, saying she thought, “it’s really essential that we have a division of powers or separation of powers here so that the Senate can do its oversight.”

Congress and the executive branch have rarely been at odds in such a heated way as they are now. Last month, Issa questioned Deputy Attorney General James Cole as to whether the NSA collects phone records of congressional members and their staffs, to which Cole responded, “We probably do, Mr. Congressman. But we’re not allowed to look at any of those, however, unless we have reasonable, articulable suspicion that those numbers are related to a known terrorist threat.”

House Democrats also said they were shocked at the revelations coming out of Feinstein’s office.

“I don’t know how much is based in fact, but it’s a terrible thing, when you cross that line of separation of (powers). A lot of things people can complain about with our government, but the balance of power is so very important,” said Rep. Charlie Rangel (D – NY), who was hoping the allegations were not true.

Rep. Emanuel Cleaver (D – MO) agreed, telling Breitbart News, “It’s frightening if it’s true. I think that most Americans would be absolutely outraged to find out that some of the freedoms we thought we were experiencing were sabotaged, so we have to wait and see if it’s true.”

Iran’s infiltration of a Navy computer network sure to get attention in vetting of next head of the embattled National Security Agency

February 18, 2014
By Siobhan Gorman and Julian E. Barnes
The Wall Street Journal

Vice Adm. Michael Rogers in 2012.   Agence France-Presse/Getty Images

WASHINGTON—Iran’s infiltration of a Navy computer network was far more extensive than previously thought, according to officials, and the officer who led the response will likely face questions about it from senators weighing his nomination as the next head of the embattled National Security Agency.

It took the Navy about four months to finally purge the hackers from its biggest unclassified computer network, according to current and former officials.

Some lawmakers are concerned about how long it took. When Vice Adm. Michael Rogers, President Barack Obama’s choice for the new NSA director, faces his confirmation hearing, some senators are expected to ask whether there is a long-term plan to address security gaps exposed by the attack, congressional aides said. The hearing hasn’t been scheduled yet, but could be next month.

The Wall Street Journal in September first reported the discovery of the Iranian cyberattack. Officials at the time said the intruders had been removed. However, officials now acknowledge that the attack was more invasive, getting into what one called the “bloodstream” of the Navy and Marine Corps system and managing to stay there until November.

The hackers targeted the Navy Marine Corps Internet, the unclassified network used by the Department of the Navy to host websites, store nonsensitive information and handle voice, video and data communications. The network has 800,000 users at 2,500 locations, according to the Navy.

Officials said there was no evidence the Iranians have been able to break into a network beyond the Navy Marine Corps Internet and no classified networks were penetrated.

Network repairs continue to close the many security gaps revealed by the intrusion, not just on Navy computers but across the Department of Defense, the officials said.

“It was a real big deal,” said the senior U.S. official. “It was a significant penetration that showed a weakness in the system.”

Adm. Rogers declined to comment, citing a standard practice of not speaking publicly before a confirmation hearing.

Iranian officials didn’t respond to requests to comment, but in the past have said they were victims of cyberattacks by Western powers, including the Stuxnet virus uncovered in 2010.

Details remain classified and murky, but the penetration allowed the Iranians to conduct surveillance on the Navy’s and Marine Corps’ unclassified networks, said the senior U.S. official. While that official said the intruders were able to compromise communications on the network, a senior defense official said no email accounts were hacked and no data was stolen.

“We were able to eliminate the bad guys from our networks,” the senior defense official said.

The military response, an effort known as Operation Rolling Tide, was overseen by Adm. Rogers as the Navy’s chief of cybersecurity. But Adm. Rogers, who has also been nominated as chief of the military’s Cyber Command, will likely defer most answers at his confirmation hearing to a classified hearing.

While lawmakers have raised questions, senior officials defended Adm. Rogers, saying the Navy response demonstrated leadership and helped buttress the military’s overall cyberdefenses.

“It was a big problem, but it was a success,” said the senior defense official. “Mike Rogers did a very, very good job handling this.”

The issue isn’t expected to derail Adm. Rogers’ nomination, but it coincides with scrutiny of the NSA over complaints world-wide about the way it conducts electronic surveillance.

The intrusion into the Navy’s system was the most recent in a series of Iranian cyberoffensives that have taken U.S. military and intelligence officials by surprise.

In early 2012, top intelligence officials held the view that Iran wanted to execute a cyberattack but had little capability. Not long after, Iranian hackers began a series of major “denial-of-service” attacks on a growing number of U.S. bank websites, and they launched a virus on a Saudi oil company that immobilized 30,000 computers.

The senior defense official said the cost to repair the Navy network after the attack was approximately $10 million. But other officials said the ultimate price tag is likely to be higher. The attack and other cyberthreats prompted a broader review of Navy and DoD network security and upgrades to military cyberdefenses were needed. The added defenses are expected to cost several hundred million dollars, officials said.

Current and former officials differ on whether the time it took to push the Iranians out of the system and clean up the intrusion—approximately four months—was excessive. In part, the response took a long time because hackers were able to infiltrate deep into the system.

“The thing got into the bloodstream, and it wasn’t just in the main arteries, it was in all the little capillaries,” the senior U.S. official said.

The senior defense official said within three weeks of the intrusion, officials understood the full scope of the attack and put in place a plan to try and push the intruders out. As part of the response, the unclassified network was taken down twice for upgrades and to clean out the intruders, the senior defense official said.

As part of the response, a former official said the Navy ordered a surge of so-called cyberwarriors and contractors to work on the response to the attack. They are working with a list of roughly 60 actions to be taken to fix the network, the former U.S. official said.

One official said part of the reason the response has taken so long is that Adm. Rogers has sought to employ a comprehensive strategy that fixes broader network security problems rather than solely cleaning up after the incident. Cybersecurity experts said the roughly four-month-long penetration created security risks.

“That’s a long time,” said James Lewis, a cybersecurity specialist at the Center for Strategic and International Studies. “Generally, not being able to get people off your network is a significant risk for any military operation.”

Defense officials were surprised at the skills of the Iranian hackers. Previously, their tactics had been far cruder, usually involving so-called denial of service attacks that disrupt network operations but usually don’t involve a penetration of network security. They then established what is known as a beacon, which communicated back to the hackers and allowed them to execute their surveillance remotely.

The intruders were able to enter the network through a security gap in one of the Navy’s many public-facing websites, and investigators have discovered that poor internal network security allowed them to migrate deep inside that network, according to current and former officials.

Officials said the vulnerabilities that allowed the Iranians to get into the network were closed by early October, but it took several more weeks to eliminate hidden spyware lurking throughout the system.

By early November, the senior U.S. official said, the Navy was finally confident it had rid its networks of the hackers and had ensured they could no longer remotely access Navy systems. Officials said the Iranians probably obtained account credentials used to log into the network.

“It was a real eye-opener in terms of the capabilities of Iran to get into a Defense Department system and stay in there for months,” said a former U.S. official. “That’s worrisome.”

Write to Siobhan Gorman at and Julian E. Barnes at


“Stop spying on people!” — Syrian Electronic Army’s cyber-attacks compromising Skype’s Twitter, Facebook accounts

January 2, 2014

Image from

Image from


Syrian computer hacker conglomerate, the Syrian Electronic Army (SEA), has kicked off the New Year with a number of cyber-attacks, compromising Skype’s Twitter, Facebook accounts, and its official blog.

Social media accounts belonging to Skype, Microsoft’s  voice-over-IP service, were hacked around 19:30 GMT. SEA posted  on Skype’s Twitter account a rogue message saying “Stop  spying on people! via Syrian Electronic Army.” The hacker  group also urged people not to use Microsoft accounts because the  company is “selling the data to the governments.”

SEA later re-tweeted the message using its own twitter page.


A similar message was posted on Skype’s Facebook page, but was  quickly deleted, according to TheNextWeb. The link to it, which  the SEA posted on its Twitter account, leads to a removed page.

Screenshot from facebook.comScreenshot from


Attacks were also generated on Skype’s official blog with posts  calling on the US to stop its global spying activity.

SEA continued to attack Microsoft via its twitter account  posting, “You can thank Microsoft for monitoring your  accounts/emails using these details.”


Since SEA’s inception in 2011, the organization has denied any  association with the Syrian government. They claim to be  self-motivated patriotic supporters of the government, but are  not acting on its behalf.

In 2013, SEA claimed responsibility for hacking a number of  Western media outlets including the New York Times, The  Washington Post, The Huffington Post and Thomson Reuters.  Arguably, their biggest success was the penetration of the  Associated Press twitter account that posted President Barack  Obama had been injured in a White House attack.

Skype has now fully regained control and deleted the false tweets  from the compromised social media channels. Its blog is being  automatically redirected to Skype’s homepage.

“We recently became aware of a targeted cyber-attack that led  to access to Skype’s social media properties, but these  credentials were quickly reset. No user information was  compromised,” a Skype spokesman responded to TheNextWeb  query.

Skype also tweeted that no accounts of its other users had been  compromised.


The latest attacks by the SEA follow Edward Snowden’s revelations  of NSA eavesdrop outreach, including Microsoft.
In November Microsoft and its Skype division were cleared of data  protection violations relating to the NSA scandal by the  Luxembourg data protection regulator, CNPD.

The probe into Microsoft’s collaboration on data sharing with the  NSA found that the transfer of some data to affiliate companies  in the US appears “to take place lawfully” under a  so-called Safe Harbor agreement.


Last November,

The hacktivist pro-Assad group known as the “Syrian Electronic Army” (SEA) briefly hijacked the Twitter feeds of TIME magazine in response to a critical description of President Assad’s candidacy for its ‘Person of the year’ award.

The SEA has tweeted from TIME’s official account: “Syrian  Electronic Army was here via @Official_SEA16. Next time write a  better word about the Syrian president #SEA”.
That tweet was soon deleted.

The group referred to TIME’s list of people – politicians and  celebrities – selected as potential winners for “Person of the  Year,” the magazine’s annual award.

Syrian President Bashar Assad is one of the candidates, while the  magazine describes him as: “Syria’s ruler presided over a bloody  year, shrugging off international concerns over the use of  chemical weapons as the death toll of his country’s civil war  eclipsed 100,000.”

The voting closes on December, 4, with TIME’s Person of the Year  to be announced on December 11.

The SEA also claimed interfering with the vote on the US  magazine’s webpage.

NSA Had Helpers Around The Globe: Spying Partners Included Denmark, Sweden, Norway, Belgium, France, Germany, Italy, the Netherlands and Spain

December 20, 2013

AFP Photo / DPA / Peter Steffen Germany out

AFP Photo / DPA / Peter Steffen

Denmark, Belgium, the Netherlands and several other EU countries were named among “third party partners” in the NSA-led global signal intelligence program, a new leak submitted by journalist Glenn Greenwald to Danish TV reveals.

According to the document, obtained by Swedish TV program ‘Mission: Investigate’, that has been probing Sweden’s participation in global spying operations, nine European countries were added to the list of NSA accomplices.

The “third party partners” to the Five Eyes nations has now grown  to include nine states – Denmark, Sweden, Norway, Belgium,  France, Germany, Italy, the Netherlands and Spain.

The newly-leaked document from Edward Snowden is the first  written confirmation of Denmark’s formal agreement with the NSA,  the Copenhagen Post writes.

Denmark’s role in US spying scheme was labeled “very  worrying” by Enhedslisten’s Pernille Skipper, Danish  parliamentarian.

“When Denmark is one of the US intelligence services’ close  allies, one must ask themselves what it is we are giving in  return,” Skipper told public broadcaster DR.

“When you consider this along with the other revelations that  have come out, which insinuate that the US systematically spies  on residents throughout Europe in violation of very basic rights,  then you can naturally fear that the collaboration between  Denmark and the US means that Danes have been spied upon.”

The list of new NSA partners was made public last week as part of  the new batch of NSA-documents from the Snowden-Greenwald  collection. The ‘14-Eyes’ group, the document also revealed, send  their staff for training to the US. The group is also known as  the SIGINT Seniors Europe or SSEUR.

Image from documentcloud.orgImage from

On its website the NSA writes that foreign Signals Intelligence  (SIGINT) is “specifically limited to gathering information  about international terrorists and foreign powers, organizations,  or persons.”

It adds “SIGINT provides a vital window for our [USA] nation  into foreign adversaries’ capabilities, actions, and intentions.”      Until the recent wire, the trickling of NSA leaks suggested that  a number of countries were involved. France, Germany, Norway,  Italy, Belgium and allegedly Spain were perceived to be the NSA’s  3rd party partners.

Sweden, Denmark and especially the Netherlands were not listed as  such, but SVT’s earlier episodes revealed the Swedish signals  intelligence agency (FRA)  spied on Russian leaders and businesses and shared the data  collected with the US.

The third party “partners” need to worry about being “victims  of NSA surveillance,” because of negative “trust”   relationships they will have with the US based on economic  interests, whistleblower Jesselyn Radack, of the Government  Accountability Project told RT.

“The NSA has not only violated the trust of its own citizens  by conducting mass dragnet surveillance on innocent people but  doing it to the innocent populations of the allied nations.”

NSA’s global reach is “completely unnecessary”, because  it destroys diplomacy and undermines economic relations with  other countries. Radack argues the NSA is just gathering  intelligence on people that are suspected of doing   “absolutely nothing.”     “I think we see these reverberations not just among the 5 eyes  countries, some of whom have been colluding in helping the NSA  gather this data, but we see reverberations worldwide and they  are far reaching, because again, NSA tentacles have been far  reaching” she added.



China Moves Ahead With Drone Technology Using Theft, Espionage, Hacking

September 21, 2013

China displayed what looked like copied American drones at the Paris Air Show

By Edward Wong
The New York Times

BEIJING — For almost two years, hackers based in Shanghai went after one foreign defense contractor after another, at least 20 in all. Their target, according to an American cybersecurity company that monitored the attacks, was the technology behind the United States’ clear lead in military drones.

“I believe this is the largest campaign we’ve seen that has been focused on drone technology,” said Darien Kindlund, manager of threat intelligence at the company, FireEye, based in California. “It seems to align pretty well with the focus of the Chinese government to build up their own drone technology capabilities.”

The hacking operation, conducted by a group called “Comment Crew,” was one of the most recent signs of the ambitions of China’s drone development program. The government and military are striving to put China at the forefront of drone manufacturing, for their own use and for export, and have made an all-out push to gather domestic and international technology to support the program.

Foreign Ministry officials have said China does not sanction hacking, and is itself a victim, but another American cybersecurity company has tracked members of Comment Crew to a building of the People’s Liberation Army outside Shanghai.

China is now dispatching its own drones into potential combat arenas. Every major arms manufacturer in China has a research center devoted to drones, according to Chinese and foreign military analysts. Those companies have shown off dozens of models to potential foreign buyers at international air shows.

Read the rest:


After Snowden Leaks, China Starts Looking Hard At IBM, Oracle and Others With Possible Ties to Surveillance

August 17, 2013

'Assume that your adversary is capable of a trillion guesses per second': While saying media has dropped the ball, Snowden warns that they, too, are being watched

SHANGHAI (Reuters) – China’s Ministry of Public Security and a cabinet-level research center are preparing to investigate IBM Corp, Oracle Corp and EMC Corp over security issues, the official Shanghai Securities News said on Friday.

The report follows revelations by former U.S. spy agency contractor Edward Snowden of widespread surveillance by the National Security Agency. It also comes as Beijing probes Western drugmakers over allegations of bribery and over-pricing.

Watchdog? Edward Snowden gave his first interview since outing himself famously as the NSA leaker. In it, he called out the American media for being complacent toward government power grabs

Documents leaked by Snowden revealed that the NSA has had access to vast amounts of Internet data such as emails, chat rooms and video from companies including Facebook Inc and Google Inc, under a government program known as Prism.

“At present, thanks to their technological superiority, many of our core information technology systems are basically dominated by foreign hardware and software firms, but the Prism scandal implies security problems,” the newspaper quoted an anonymous source as saying.

Officials with EMC, IBM and Oracle declined to comment.

China’s Ministry of Public Security also declined to comment. The State Council’s Development Research Centre, one of the groups reportedly involved, told Reuters they were not carrying out such an investigation.

China has been a focal point for the Snowden case since he stopped in Hong Kong en route to Moscow. He also claimed that the NSA hacked into critical network infrastructure at universities in China and in Hong Kong.

Daniel Castro, a senior analyst with the Information Technology & Information Foundation, said he was concerned that a Chinese government probe could result in demands for U.S. companies to provide authorities with the blueprints to their technology so that Beijing can screen them for potential security threats.

China, repeatedly accused by the United States of hacking, was given considerable ammunition by Snowden’s allegations, which Beijing has used to point the finger at Washington for hypocrisy.

Chinese regulators and the police have begun a series of investigations in recent weeks into how foreign and domestic companies do business in the world’s second-biggest economy.

“The Prism scandal certainly provides ample material for real concern,” said Mark Natkin, managing director of Beijing-based market intelligence firm Marbridge Consulting.

“What the scandal has done is make it increasingly difficult to ascertain what is being done out of legitimate concern and what may be being done for any sort of political reasons,” said Natkin.

Some experts have warned that Snowden’s leaks could hurt the sales of U.S. technology companies in Asia and Europe, as reports of their complicity with NSA spying programs may lead foreign businesses and governments to purchase equipment and services from non-U.S. suppliers.

The foundation, a think tank, last week projected that U.S. cloud computing firms could lose $21.5 billion in sales over the next three years, eventually ceding 10 percent of the foreign market to European and Asian competitors.

A spokesperson for the Ministry of Industry and Information Technology (MIIT), which oversees China’s IT industry, said it could not confirm anything because of the matter’s sensitivity. Another MIIT official told Reuters they were unaware of the reported probe.

(Reporting by Pete Sweeney in Shanghai and Paul Carsten in Beijing. Additional reporting by Jim Finkle in Boston; Editing by Robert Birsel, Tiffany Wu and Leslie Gevirtz)


Hacking: Syrian Electronic Army Steps Up To Punish Media Outlets it Says are Critical of Syrian President Bashar al-Assad

August 14, 2013

You might want to change your Twitter password. On Tuesday, the Syrian Electronic Army hacked Twitter accounts belonging to SocialFlow and The New York Post, writes Brian Ries.

It seems no one’s safe from the Syrian Electronic Army. The online activists claimed credit on Tuesday for hacking the Facebook page of the New York Post and the Twitter feeds of some of the paper’s reporters. It also hacked into the Facebook page, Twitter account, and blog of SocialFlow, a social media optimization service used by scores of media outlets, including The Daily Beast, to manage their Twitter and Facebook pages.

The first hint that something was wrong came when SocialFlow’s own Twitter feed starting sounding funky. Its usual trickle of dry marketing-speak (“Are influencers actually that important to your social media strategy?”), suddenly changed tone at 3 p.m.

“Syrian Electronic Army Was Here,” read the tweet, which also mentioned a Twitter account belonging to the hackers, along with the hashtags #SEA and #SyrianElectronicArmy. A second tweet appeared shortly thereafter: “Fuck you @twitter,” it read, with a “:P” emoticon (that’s a guy sticking his tongue out, for all you non-emoticon users out there), and a picture of Twitter’s “fail whale.”

Moments later, similar tweets appeared on the Twitter accounts of the New York Post’s business section, the New York Mets beat reporter Mike Puma, the New York Post’s Brian Lewis, Page Six’s Richard Johnson, and the Washington Post’s sports columnist Jason Reid—all five of which appeared to be posted via HootSuite, a competitor to SocialFlow.

The New York Post’s Facebook page, too, was a victim of the hack, with the message, “Syrian Electronic Army Was Here” appearing on the page (which quickly got 4 “likes” and 7 “comments”). The Twitter account associated with the Syrian Electronic Army claimed this as one of theirs, too, posting a screenshot of the view from within the Post’s SocialFlow dashboard—indicating they had somehow a hold of that user-password data as well.


Twitter users, myself included, quickly spotlighted the rapid series of attacks—which were particularly frightening because of the scope of major media accounts that are managed by SocialFlow.

The company, reacting quickly to secure its clients’ accounts, pulled the plug. Its website was inaccessible for much of the hour after the first tweet.

But without initial communication from SocialFlow, which, admittedly, had its hands full, many in the media who use the service were left to wonder if more hacks were on the horizon.

“.@SocialFlow was hacked. Is your social client safe?!” wondered Mia Aquino, social media lead at This Is Fusion, a digital marketing company.

“Unhelpfully, @SocialFlow doesn’t mention a thing about user accounts currently being compromised,” added Circa’s Anthony De Rosa.

“Have asked for info and haven’t heard,” added The Guardian’s Katie Rogers.

When initially reached by The Daily Beast through its support services, the company apologized for the hack and said it was “working to bring all systems back online as quickly as possible.”

SocialFlow later issued a statement from its Twitter account explaining how it was compromised by the Syrian Electronic Army.

“Update: today an employee’s email account was compromised in a phishing attack. As a result, our Twitter and [Facebook] accounts were compromised. No customer access or data was compromised in this attack. As part of our security controls, we immediately took our service offline. We are following security protocols to restore service and are communicating with customers directly.”

Mike Puma, the New York Post Mets writer, after regaining control of his account also reacted to the hack. “Going to try and get the Syrian Electronic Army to write my story tonight so I can stay poolside,” he tweeted. “Changing my password.”

Jason Reid, the Post’s sports columnist, cleared things up too. “Got hacked,” he wrote. “Sorry.”

The group, which has hacked a variety of major Twitter accounts in the past ranging from the Associated Press to The Onion, has used the tactic to punish media outlets it says is critical of Syrian President Bashar al-Assad. In a New York Times interview following the AP hack, a hacker with the handle Th3 Pr0 said it was “because the Syrian Electronic Army believed the United States was ‘supporting the terrorist groups in Syria’.”

In an interview, SocialFlow CEO Jim Anderson said he sees the attack as a “sign of the times that highlights the importance of everybody being vigilant about email security.” Anderson says being aware of hacking threats is “part of being on the Internet and a tech professional in 2013.”

Nearly two hours after the initial hack on Tuesday, the Twitter account associated with the hackers remained on the site, proudly tweeting a link to a tech site documenting its exploits.

Update: An earlier version of this story erroneously described the group as anti-Bashar al-Assad. They are in fact pro-Assad.

Despite Snowden Leaks and Criticism, NSA Surveillance Data Highly Valued By Many U.S. Government Agencies

August 4, 2013

WASHINGTON — The National Security Agency’s dominant role as the nation’s spy warehouse has spurred frequent tensions and turf fights with other federal intelligence agencies that want to use its surveillance tools for their own investigations, officials say.

By  and
The New York Times

Agencies working to curb drug trafficking, cyberattacks, money laundering, counterfeiting and even copyright infringement complain that their attempts to exploit the security agency’s vast resources have often been turned down because their own investigations are not considered a high enough priority, current and former government officials say.

NSA Director Gen. Keith Alexander

Intelligence officials say they have been careful to limit the use of the security agency’s troves of data and eavesdropping spyware for fear they could be misused in ways that violate Americans’ privacy rights.

The recent disclosures of agency activities by its former contractor Edward J. Snowden have led to widespread criticism that its surveillance operations go too far and have prompted lawmakers in Washington to talk of reining them in. But out of public view, the intelligence community has been agitated in recent years for the opposite reason: frustrated officials outside the security agency say the spy tools are not used widely enough.

“It’s a very common complaint about N.S.A.,” said Timothy H. Edgar, a former senior intelligence official at the White House and at the office of the director of national intelligence. “They collect all this information, but it’s difficult for the other agencies to get access to what they want.”

“The other agencies feel they should be bigger players,” said Mr. Edgar, who heard many of the disputes before leaving government this year to become a visiting fellow at Brown University. “They view the N.S.A. — incorrectly, I think — as this big pot of data that they could go get if they were just able to pry it out of them.”

Smaller intelligence units within the Drug Enforcement Administration, the Secret Service, the Pentagon and the Department of Homeland Security have sometimes been given access to the security agency’s surveillance tools for particular cases, intelligence officials say.

But more often, their requests have been rejected because the links to terrorism or foreign intelligence, usually required by law or policy, are considered tenuous. Officials at some agencies see another motive — protecting the security agency’s turf — and have grown resentful over what they see as a second-tier status that has undermined their own investigations into security matters.

At the drug agency, for example, officials complained that they were blocked from using the security agency’s surveillance tools for several drug-trafficking cases in Latin America, which they said might be connected to financing terrorist groups in the Middle East and elsewhere.

At the Homeland Security Department, officials have repeatedly sought to use the security agency’s Internet and telephone databases and other resources to trace cyberattacks on American targets that are believed to have stemmed from China, Russia and Eastern Europe, according to officials. They have often been rebuffed.

Officials at the other agencies, speaking only on the condition of anonymity because they were not authorized to discuss the tensions, say the National Security Agency’s reluctance to allow access to data has been particularly frustrating because of post-Sept. 11 measures that were intended to encourage information-sharing among federal agencies.

In fact, a change made in 2008 in the executive order governing intelligence was intended to make it easier for the security agency to share surveillance information with other agencies if it was considered “relevant” to their own investigations. It has often been left to the national intelligence director’s office to referee the frequent disputes over how and when the security agency’s spy tools can be used. The director’s office declined to comment for this article.

Typically, the agencies request that the N.S.A. target individuals or groups for surveillance, search its databases for information about them, or share raw intelligence, rather than edited summaries, with them. If those under scrutiny are Americans, approval from the secret Foreign Intelligence Surveillance Court is required.

The security agency, whose mission is to spy overseas, and the F.B.I., its main partner in surveillance operations, dominate the process as the Justice Department’s main “customers” in seeking warrants from the intelligence court, with nearly 1,800 approved by the court last year.

In a statement, the security agency said that it “works closely with all intelligence community partners, and embeds liaison officers and other personnel at those agencies for the express purpose of ensuring N.S.A. is meeting their requirements and providing support to their missions.”

The security agency’s spy tools are attractive to other agencies for many reasons. Unlike traditional, narrowly tailored search warrants, those granted by the intelligence court often allow searches through records and data that are vast in scope. The standard of evidence needed to acquire them may be lower than in other courts, and the government may not be required to disclose for years, if ever, that someone was the focus of secret surveillance operations.

Decisions on using the security agency’s powers rest on many complicated variables, including a link to terrorism or “foreign intelligence,” the type of surveillance or data collection that is being conducted, the involvement of American targets, and the priority of the issue.

“Every agency wants to think that their mission has to be the highest priority,” said a former senior White House intelligence official involved in recent turf issues.

Other intelligence shops usually have quick access to N.S.A. tools and data on pressing matters of national security, like investigating a terrorism threat, planning battlefield operations or providing security for a presidential trip, officials say. But the conflicts arise during longer-term investigations with unclear foreign connections.

In pressing for greater access, a number of smaller agencies maintain that their cases involve legitimate national security threats and could be helped significantly by the N.S.A.’s ability to trace e-mails and Internet activity or other tools.

Drug agency officials, for instance, have sought a higher place for global drug trafficking on the intelligence community’s classified list of surveillance priorities, according to two officials.

Dawn Dearden, a drug agency spokeswoman, said it was comfortable allowing the N.S.A. and the F.B.I. to take the lead in seeking surveillance warrants. “We don’t have the authority, and we don’t want it, and that comes from the top down,” she said.

But privately, intelligence officials at the drug agency and elsewhere have complained that they feel shut out of the process by the N.S.A. and the F.B.I. from start to finish, with little input on what groups are targeted with surveillance and only sporadic access to the classified material that is ultimately collected.

Sometimes, security agency and bureau officials accuse the smaller agencies of exaggerating links to national security threats in their own cases when pushing for access to the security agency’s surveillance capabilities. Officials from the other agencies say that if a link to national security is considered legitimate, the F.B.I. will at times simply take over the case itself and work it with the N.S.A.

In one such case, the bureau took control of a Secret Service investigation after a hacker was linked to a foreign government, one law enforcement official said. Similarly, the bureau became more interested in investigating smuggled cigarettes as a means of financing terrorist groups after the case was developed by the Bureau of Alcohol, Tobacco, Firearms and Explosives.

Mr. Edgar said officials in the national intelligence director’s office occasionally allow other agencies a role in identifying surveillance targets and seeing the results when it is relevant to their own inquiries. But more often, he acknowledged, the office has come down on the side of keeping the process held to an “exclusive club” at the N.S.A., the F.B.I. and the Justice Department, with help from the Central Intelligence Agency on foreign issues.

Officials in the national intelligence director’s office worry about opening the surveillance too widely beyond the security agency and the F.B.I. for fear of abuse, Mr. Edgar said. The two intelligence giants have been “burned” by past wiretapping controversies and know the political consequences if they venture too far afield, he added.

“I would have been very uncomfortable if we had let these other agencies get access to the raw N.S.A. data,” he said.

As furious as the public criticism of the security agency’s programs has been in the two months since Mr. Snowden’s disclosures, “it could have been much, much worse, if we had let these other agencies loose and we had real abuses,” Mr. Edgar said. “That was the nightmare scenario we were worried about, and that hasn’t happened.”

Russia’s Putin creating “cyber security doctrine” and suggets special international body to manage the web

August 2, 2013

Photo RIA Novosti / Mikhail Fomichev

The new cyber security doctrine signed by President Vladimir Putin outlines cyber attacks as a major threat to international security and suggests to fight it with a special international body to manage the web.

The document that was signed by the president last week had been  prepared by a panel of specialists from state agencies and  ministries, including the Ministries for Interior Affairs,  Defense, Justice and Communications, the Kommersant daily  reported. The newspaper also quoted its unnamed sources as saying  that the doctrine was prepared, at least partially, in reply to  the International Strategy for Cyberspace approved by the United  States in 2011.

The main threats mentioned in the doctrine were internet  technology as an “informational weapon used for  military-political, terrorist and criminal ends” as well as  attempts of “intervention into other nations’ internal  affairs”.

The last threat is Russia’s own input into the international  discussion over the issue. According to Kommersant’s sources, the  authorities focused on this problem after the Arab Spring events  that again demonstrated the potential of the internet and  especially the social networks in launching and directing mass  actions and street protests.

According to Kommersant’s sources, the Russian doctrine is much  more peaceful than the US strategy that equaled cyber attacks to  conventional warfare and declared the US military would react to  them accordingly, using all means, including nuclear weapons.

Moscow’s approach emphasizes the strengthening of international  cooperation and preventive regulative measures that would stop  the attacks from happening. The proposed measures include the  approval of the UN convention on international cyber security and  developing “internationally accepted rules of behavior in  cyber space”. Russia also wants to develop an international  system of managing the internet and impose an international law  that would “prevent the proliferation of the informational  weapons”.

The two latter initiatives replicate the earlier suggestions to  make the control of the world wide web accessible to all nations,  contrary to the current situation when it is managed mainly by  the US-based Internet Corporation for Assigned Names and Numbers  (ICANN). The doctrine stresses that Moscow is not pursuing  tougher government intervention, but instead relies on a dialogue  and gradual developing of mutual trust.

The recently signed Russia-US bilateral agreement on prevention  of cyber-incidents developing into interstate conflict is  described as a typical example of such positive cooperation. Now  Russia intends to sign similar agreements with other  countries.

The Russian doctrine also states that the initial stages of  international cooperation should be started together with allied  nations – members of the CSTO and SCO as well as the BRICS  countries.

Russia’s top strategic body – the Security Council – and main  security agencies are now expected to provide the president with  their suggestions on particular measures to enforce the doctrine.


Get every new post delivered to your Inbox.

Join 716 other followers