Posts Tagged ‘National Security Agency’

Amid Nuclear Talks With Iran, U.S.-Iran Cyber War Escalates

February 23, 2015

By Lauren Webster
Huffington Post

U.S.-IRAN CYBER WAR ESCALATES DESPITE TALKS “A newly disclosed National Security Agency document illustrates the striking acceleration of the use of cyberweapons by the United States and Iran against each other, both for spying and sabotage, even as Secretary of State John Kerry and his Iranian counterpart met in Geneva to try to break a stalemate in the talks over Iran’s disputed nuclear program.”

Iranian Foreign Minister Mohammad Javad Zarif shakes hands on January 14, 2015 with US State Secretary John Kerry in Geneva. AFP/Getty Images


Cyber war heating up between Iran, US

The Hill

By Elise Viebeck – 02/23/15 09:27 AM EST

The United States and Iran are battling online in an increasingly intense cyber war that is taking place against the backdrop of high-level talks on Iran’s nuclear program.

An internal National Security Agency document revealed new details of the conflict, including the acknowledgment that U.S-led cyber attacks on Iran’s nuclear facilities were the catalyst for the online war.

Starting in 2012, the United States and Britain began working together to defend against Iranian cyberattacks, including offensives launched against U.S. banks. The cyberattacks had overwhelmed the websites of Bank of America and JPMorgan Chase with traffic, preventing users from accessing their accounts.

Iran had never been officially confirmed as being behind those attacks, according to The New York Times, which covered the NSA document in a story on Sunday. The document also stated that Iran was behind a cyberattack on Saudi Aramco, the oil company, in 2012.

The NSA memo was originally published by The Intercept this month, and revealed the degree to which Iran might have gained knowledge of cyber warfare after becoming the target of repeated hacks, presumably by the United States.

The document illustrates the day-to-day warfare that is taking place online between the United States and Iran, even as Secretary of State John Kerry works to negotiate an agreement with Tehran to accept limits on its nuclear program.

The talks resumed Monday in Geneva, as parties seek to meet a March 31 deadline for a preliminary deal.


Secretary of State John Kerry walked along Lake Geneva before talks on Iran’s disputed nuclear program. Credit Salvatore Di Nolfi/European Pressphoto Agency

Document Reveals Growth of Cyberwarfare Between the U.S. and Iran

WASHINGTON — A newly disclosed National Security Agency document illustrates the striking acceleration of the use of cyberweapons by the United States and Iran against each other, both for spying and sabotage, even as Secretary of State John Kerry and his Iranian counterpart met in Geneva to try to break a stalemate in the talks over Iran’s disputed nuclear program.

The document, which was written in April 2013 for Gen. Keith B. Alexander, then the director of the National Security Agency, described how Iranian officials had discovered new evidence the year before that the United States was preparing computer surveillance or cyberattacks on their networks.

It detailed how the United States and Britain had worked together to contain the damage from “Iran’s discovery of computer network exploitation tools” — the building blocks of cyberweapons. That was more than two years after the Stuxnet worm attack by the United States and Israel severely damaged the computer networks at Tehran’s nuclear enrichment plant.

Read the rest:


Australia and Terrorism: Attorney General Says Trust Spies and Police on Metadata to Fight Terrorism and Crime

February 22, 2015

By Ben Grubb
Sydney Morning Herald

George Brandis says data retention will come into force in Australia.

George Brandis says data retention will come into force in Australia. Photo: ABC TV

George Brandis has dismissed evidence disputing the usefulness of mandatory internet, email and phone metadata retention, saying he trusts Australian intelligence and policing agencies when they say they need the data stored for two years in order to fight terrorism and crime.

It comes as a police whistleblower told ABC Radio National’s Download This Show program that the proposed regime would be easily abused and more oversight was needed. It also comes despite mounting evidence showing little evidence to support similar schemes overseas.

Speaking on ABC TV’s 7.30 program on Friday night, the federal Attorney-General also dismissed criticism by Richard Clarke — of US President Barack Obama’s National Security Agency review panel — who said after the Edward Snowden leaks that the US government didn’t need to be retaining data when it came to fighting terrorism.

“There’s absolutely no point in quoting to me a number of random individuals because as I’ve … acknowledged, there is a variety of views about this,” Senator Brandis said, speaking from Washington, DC, where he attended the White House summit to counter violent-extremism.

“The views the Australian government will be taking most seriously are the views of our own intelligence community and policing agencies, and their advice to government … is unambiguous and it is emphatic.”

Senator Brandis also dismissed others who have raised concerns about the regime, saying that there was “a lot of special pleading going on here by people who don’t want to see this reform”.

“But the … Abbott government and I as the Attorney-General, are absolutely determined to do what we need to do to keep Australians safe…,” Senator Brandis said.

Overseas examples of how data retention had been proven ineffective were then put to Senator Brandis by Friday’s 7.30 host Steve Cannane. In one example, Senator Brandis was told that the Dutch Data Protection Authority said this week that in the 4.5 years of having data retention in place, law-enforcement authorities there had not been able to demonstrate why they needed it.

In another example, before the laws were ruled to be unconstitutional, a Germany parliamentary study found that crime clearance rates due to data retention increased by just 0.006 per cent.

And in Denmark, Mr Cannane told Senator Brandis that a Ministry of Justice report found that five years of data retention had proven to be almost of no use to the police. “Where is the hard evidence that data retention helps reduce crime and fights terrorism?” Cannane asked.

But Senator Brandis was having none of it, instead asking the Australian public to trust him and Australian agencies.

“There are a variety of views about this, but I can assure you … that the overwhelming view of the policing and law-enforcement authorities is that this [metadata] is an essential tool in relation to crime, in relation to particularly ugly crimes like paedophilia,” Senator Brandis said.

“Data retention was an essential tool in a major Europol paedophile investigation the year before last and in tracking down and breaking down terrorist networks,” Senator Brandis added, before quoting former ASIO director-general David Irvine, who, shortly before he retired last year, described the capacity of intelligence agencies to access metadata as “absolutely crucial”.

“Now any responsible government is going to take the advice of its policing authorities, is going to take the advice of its national security authorities [seriously],” Senator Brandis said.


It was also pointed out by the 7.30 host that in a recent Senate inquiry, Attorney-General’s Department officials acknowledged that data retention could be circumvented just by using offshore-based email providers like Gmail, or by using public Wi-Fi and overseas messaging apps.

“Doesn’t that mean there are lot of loopholes in this legislation?” Mr Cannane asked.

“Well our job is to have a suite of measures in place which will be as effective as possible in identifying and breaking down terrorism networks and it is absolutely no answer to that proposition that it may be possible in some circumstances that measures can be avoided,” Senator Brandis said.

Senator Brandis said he expected bipartisan support from Labor in supporting the passage of the Data Retention Bill in order “to do what is necessary to fill that gaping hole in our intelligence and policing capability”.

Prime Minister Tony Abbott has indicated he wants the bill passed by March 19, and recently revealed that the scheme would cost about $400 million to set up. There has been no word on how much money the Abbott government will reimburse of the industry’s costs, although Fairfax Media has been told a 50-50 cost-sharing arrangement is being contemplated.

But whether there remains bipartisan support between the Coalition and Labor on national security remains unclear, with Fairfax revealing on Monday that Opposition Leader Bill Shorten told the Prime Minister he was disappointed with the way the Abbott government had sought to politicise debate about national security and data retention legislation.

Senator Brandis’ comments on 7.30 came as a police insider who spoke on the condition of anonymity told ABC Radio National’s Download This Show program on Thursday afternoon that Australian people were “being sleep walked into a system the attorney general cannot even articulate”.

“Right now it would be so easy for me to slip my ex-girlfriend’s number in the current process under any investigation,” the insider said. “No one would pick it up because there is no detail.”

Phone call data retained under the scheme would include who you have called, who has called you, the start and finish time of the call, and the duration – but not the content. The IP address allocated to your internet connection would also be stored so that agencies can trace those who breach laws.

Prominent people and organisations who have raised concerns about the data retention regime include Australia’s Privacy Commissioner Timothy Pilgrim, Human Rights Commissioner Gillian Triggs, the Law Council of Australia, telecommunications industry bodies the Communications Alliance and the Australian Mobile Telecommunications Association, media organisations including Fairfax Media and News Corp Australia, councils for civil liberties across Australia, Blueprint for Free Speech, Australian Lawyers for Human Rights, the Institute of Public Affairs, the Australian Privacy Foundation, online rights groups Electronic Frontiers Australia and Privacy International, and University of New South Wales professor George Williams and Dr Keiran Hardy to name just a few.

Their concerns centre on there being no judicial oversight to access the data, exactly what data is stored, the length of time the data is stored, which agencies have access, the secure storage of the data so that it isn’t hacked, journalists’ sources potentially being revealed by it, and the shadow attorney-general Mark Dreyfus’ own belief that the attorney-general of the day should not be allowed to alter without parliament’s approval what data is stored.


After Paris attacks, questions about intelligence failures — How do we stop human ticking time bombs?

January 10, 2015

The Washington Post

French security services are likely to face intense pressure to explain how known militants — including one trained by an al-Qaeda affiliate in Yemen — faced no apparent scrutiny before they launched this week’s terrorist attacks in Paris, including the daytime assault on a a satirical newspaper, a long-declared Islamist target.

The search for answers is likely to focus on a three-year period preceding this week’s shooting during which two of the alleged gunmen, Said and Chérif Kouachi, seemingly dropped out of the view of French intelligence services as well as their U.S. counterparts.

In this image taken from a video provided by PFMTV, police officers storm a kosher grocery to end a hostage situation in Paris, Friday, Jan. 9, 2015. Two sets of attackers seized hostages and locked down hundreds of French security forces around the capital on Friday, sending the city into fear and turmoil for a third day in a series of linked attacks that began with the deadly newspaper terror attack that left 12 people dead. (AP Photo /BFMTV)

U.S. counterterrorism officials said they have spent the days since the attack on the newspaper Charlie Hebdo scouring databases maintained by the CIA and National Security Agency, among others, for clues to whether the Kouachis kept in communication with al-Qaeda in the Arabian Peninsula (AQAP) during what one official described as a “dark period” in a decade-long chronology.

Chérif Kouachi, speaking to a French journalist shortly before he was killed by security forces Friday, said he and his brother were acting on behalf of “al-Qaeda in Yemen,” and that the U.S.-born cleric and operative Anwar al-Awlaki had played a role in the training received by Said Kouachi during his trip to Yemen in 2011.

U.S.-born Awlaki was prominent in spreading al Qaeda’s militant message to European and English-speaking audiences and was an influential leader of Al Qaeda in the Arabian Peninsula (AQAP), the group’s most active affiliate. He was killed in September 2011 in a drone strike widely attributed to the CIA.

A member of AQAP said in a statement that the group directed the Paris attack, but U.S. intelligence officials said they had found no evidence to support the claim. They said the Yemeni group, which has been overshadowed in the past year by the Islamic State in Syria and Iraq, may simply have seized on the opportunity to associate itself with the attack.

But security officials said the Paris attack has raised anxiety beyond concern over a re-emergence of AQAP.

A senior U.S. official noted that more than 3,000 European citizens, including at least 1,000 from France, have flocked to Syria to fight with the Islamic State and other militant groups. Some have returned to Europe and could perhaps go for years without drawing attention — much as the Kouachis did — before it is clear whether they pose a threat.

“They are potential time bombs,” the official said.

If so, the fuse leading up to the Paris attack often seemed to burn in plain view.

The target, Charlie Hebdo, had long been in the sights of Islamist groups angered by the publication’s mocking of Islam. Its offices had been firebombed in 2011, and it was listed among AQAP’s priority targets last year in the group’s “Inspire” magazine.

French President Francois Hollande after terrorists killed on January 9, 2015.

The Kouachis had been under the scrutiny of French authorities at least as early as 2005, when the younger brother, Chérif, was arrested as he attempted to leave for Syria as part of an alleged plan to join insurgents in Iraq. He also appeared in a French television documentary on jihadist networks.

During three years in detention, French officials said, Chérif Kouachi became acquainted with another radical, Djamel Beghal, accused of planning an attack on the U.S. Embassy in Paris. Kouachi was released in 2008.

Three years later, Said Kouachi traveled to Yemen, apparently to seek training from AQAP, a group that had already set in motion a series of plots, including the failed attempt to blow up a U.S.-bound airliner on Christmas Day, 2009, with a bomb sewn into an operative’s underwear.

The brothers had also surfaced on counterterrorism screens in the United States. Lauren C. Anderson, the FBI’s top agent in Paris when Chérif Kouachi was arrested in early 2005, said he and others were placed on U.S. counterterrorism databases shortly afterwards.

“There were indications they were trying to go to Syria to get into Iraq,” said Anderson, who later directed FBI counterterrorism operations in New York. “That’s how they got on the no-fly list.”

That list would also likely have prompted the NSA and other spy agencies to scour U.S. intelligence databases for intercepted communications or other intelligence fragments connecting Chérif Kouachi to terrorist groups.

U.S. officials said they are also seeking to determine whether the older Kouachi met with Awlaki in 2011. Officials said they see that as plausible because Awlaki was in charge of AQAP’s external operations and presumably would have been acutely interested in a recruit from Europe. But they have uncovered no evidence of such an encounter.

Awlaki was killed in a CIA drone strike shortly after Kouachi’s return to France, raising speculation that the cleric’s death may account for the brothers’ extended period of inactivity — that they shelved plans or cut off communications with AQAP as part of a broader effort to maintain a lower profile.

Either way, the brothers appear to have faced diminishing levels of scrutiny from French security services that over the past two years have become increasingly consumed with tracking an exodus of French citizens to Syria.

France is widely seen as the most aggressive country in Europe in its surveillance of Islamists, as well as its willingness to seize its own citizens’ passports and take other measures to prevent them from departing for Syria’s civil war.

But even before this week’s attack, France has been at the center of a series of apparent security lapses.

Last year, French citizen Mehdi Nemouche killed four people in a shooting at a Jewish museum in Brussels, even though French authorities knew he had gone to fight in Syria and had been told by German officials that he had returned to Europe.

In 2012, a French national, Mohammed Merah, killed three Jewish schoolchildren, a rabbi and three French soldiers in a series of shootings in southwestern France. He had been on a U.S. no-fly list since 2010 after he was detained in Afghanistan and sent back to France, where he had a criminal record and was known for his extremist views.

Merah was killed in a shootout with French commandos in Toulouse on March 22, 2012. At the time, the French interior minister, asked if the security services could have done more, said that “expressing opinions, showing Salafist opinions” — a reference to a fundamentalist strain of Islam — “is not enough to bring someone before justice.”

Julie Tate and Karen DeYoung contributed to this report.

Greg Miller covers the intelligence beat for The Washington Post.
Adam Goldman reports on terrorism and national security for The Washington Post.
In this Wednesday Jan. 7, 2015, file photo, French soldiers patrol at the Eiffel Tower after a shooting at a French satirical newspaper in Paris, France. Though it is impossible to gauge in any tangible way the effect the deadly attack on a Paris newspaper will have on recruitment by extremist groups – and there is no evidence so far that it is mobilizing large numbers of would-be jihadis – experts believe the perceived professionalism of the brothers’ assault and their subsequent showdown with police could rally more supporters to militant ranks. (AP Photo/Christophe Ena, File)
Why Reams of Intelligence Did Not Thwart the Paris Attacks
The New York Times

PARIS — The bloody denouement on Friday of two hostage crises at different ends of a traumatized Paris means attention will now shift to the gaping question facing the French government: How did several jihadists — and possibly a larger cell of co-conspirators — manage to evade surveillance and execute a bold attack despite being well known to the country’s police and intelligence services?

On its own, the Wednesday morning slaughter that left 12 people dead at the satirical newspaper Charlie Hebdo represented a major breakdown for French security and intelligence forces, especially after the authorities confirmed that the two suspects, the brothers Saïd and Chérif Kouachi, had known links to the militant group Al Qaeda in Yemen.

Read the rest:

Obama’s Response To North Korea Hacking of Sony Was ‘Saying Aloha And Getting On An Airplane To Hawaii’

December 21, 2014


House Intelligence Committee Chairman Mike Rogers speaks at the Reuters Cybersecurity Summit in Washington May 15, 2013. REUTERS/Yuri Gripas

House Intelligence Committee Chairman Mike Rogers speaks at the Reuters Cybersecurity Summit in Washington May 15, 2013. Credit: Reuters/Yuri Gripas

Republican Chairman of the House Intelligence Committee Mike Rogers said on “Fox News Sunday” that America needed a stronger response to North Korea’s cyber-attack on Sony than President Barack Obama gave in a lighthearted speech Friday afternoon.

“We kept warning, those of us that have been paying attention to this, this is coming to the United States, probably sooner than later. What you saw was a nation-state who engaged in trying to really destroy an American company and then took it to the broader level of using threats of violence in order to get their political will. This was a nation-state attack on the United States, and saying aloha and getting on an airplane going to Hawaii is not the answer that really the world needs, let alone America.”

Includes video:


Outgoing House Intelligence Committee Chairman Mike Rogers lambasted President Barack Obama for not taking quick action against North Korea following hackers’ cyber-attack on Sony Pictures Sunday, saying his reaction was not fast enough.

“Saying ‘aloha’ and getting on the plane to Hawaii is not the answer,” Rogers told “Fox News Sunday” host Chris Wallace Sunday. “This was a nation state attack on the United States.”

The Michigan Republican, who is leaving office at the end of the year, complained that while Obama promised a proportional response to the attacks on Friday, he “laid out a little of the playbook.”

Instead of Obama saying that the United States would respond, the press conference should have said “here are the actions,” said Rogers, noting that the United States has “the capability to make this very difficult for them in the future.”

In an interview recorded Friday and aired on CNN Sunday, President Barack Obama does not consider the cyber attack on Sony Pictures to be an act of war, but instead an “act of cyber-vandalism that was very costly, very expensive. We will respond proportionately.”

The hacking, which exposed Sony’s financial records and personal e-mails, also included threats of 9-11-style attacks on the United States unless the Japanese-owned studios withdrew its comedy, “The Interview.”

North Korea was outraged at the film which had been due to open on Christmas Day, because of its depiction of a fictional assassination of leader Kim Jong Un and its portrayal o the dictator as a buffoon.
The country has denied being involved in the cyber-attack and has said it will help with the investigation, an offer the United States has rejected.

Obama said that as a result of the incidents, his administration is considering putting North Korea back onto the United States’ list of countries that sponsor terrorism, after removing it from the list six years ago.

Rogers also made a final push Sunday for a bill that aids sharing cyber-security information between the National Security Agency and the private sector. His bill passed the Republican-controlled House, but was one of many other House bills that have stalled in the Senate this past year.

The NSA is limited in how it can protect private critical networks, said Rogers, and if passed, the measure will allow the agency to read “malicious source code,” not Americans’ emails.


German researchers discover a flaw that could let anyone listen to your cell calls.

December 19, 2014

By  Craig Timberg
The Washington Post

REUTERS/Kacper Pempel

German researchers have discovered security flaws that could let hackers, spies and criminals listen to private phone calls and intercept text messages on a potentially massive scale – even when cellular networks are using the most advanced encryption now available.

The flaws, to be reported at a hacker conference in Hamburg this month, are the latest evidence of widespread insecurity on SS7, the global network that allows the world’s cellular carriers to route calls, texts and other services to each other. Experts say it’s increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world’s billions of cellular customers.

The flaws discovered by the German researchers are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network.

Those skilled at the myriad functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption. There also is potential to defraud users and cellular carriers by using SS7 functions, the researchers say.

These vulnerabilities continue to exist even as cellular carriers invest billions of dollars to upgrade to advanced 3G technology aimed, in part, at securing communications against unauthorized eavesdropping. But even as individual carriers harden their systems, they still must communicate with each other over SS7, leaving them open to any of thousands of companies worldwide with access to the network. That means that a single carrier in Congo or Kazakhstan, for example, could be used to hack into cellular networks in the United States, Europe or anywhere else.

“It’s like you secure the front door of the house, but the back door is wide open,” said Tobias Engel, one of the German researchers.

Engel, founder of Sternraute, and Karsten Nohl, chief scientist for Security Research Labs, separately discovered these security weaknesses as they studied SS7 networks in recent months, after The Washington Post reported the widespread marketing of surveillance systems that use SS7 networks to locate callers anywhere in the world. The Post reported that dozens of nations had bought such systems to track surveillance targets and that skilled hackers or criminals could do the same using functions built into SS7. (The term is short for Signaling System 7 and replaced previous networks called SS6, SS5, etc.)

The researchers did not find evidence that their latest discoveries, which allow for the interception of calls and texts, have been marketed to governments on a widespread basis. But vulnerabilities publicly reported by security researchers often turn out to be tools long used by secretive intelligence services, such as the National Security Agency or Britain’s GCHQ, but not revealed to the public.

German Chancellor Angela Merkel. Photo: YVES HERMAN/REUTERS

“Many of the big intelligence agencies probably have teams that do nothing but SS7 research and exploitation,” said Christopher Soghoian, principal technologist for the ACLU and an expert on surveillance technology. “They’ve likely sat on these things and quietly exploited them.”

The GSMA, a global cellular industry group based in London, did not respond to queries seeking comment about the vulnerabilities that Nohl and Engel have found. For the Post’s article in August on location tracking systems that use SS7, GSMA officials acknowledged problems with the network and said it was due to be replaced over the next decade because of a growing list of security and technical issues.

The German researchers found two distinct ways to eavesdrop on calls using SS7 technology. In the first, commands sent over SS7 could be used to hijack a cell phone’s “forwarding” function — a service offered by many carriers. Hackers would redirect calls to themselves, for listening or recording, and then onward to the intended recipient of a call. Once that system was in place, the hackers could eavesdrop on all incoming and outgoing calls indefinitely, from anywhere in the world.

The second technique requires physical proximity but could be deployed on a much wider scale. Hackers would use radio antennas to collect all the calls and texts passing through the airwaves in an area. For calls or texts transmitted using strong encryption, such as is commonly used for advanced 3G connections, hackers could request through SS7 that each caller’s carrier release a temporary encryption key to unlock the communication after it has been recorded.

Nohl on Wednesday demonstrated the ability to collect and decrypt a text message using the phone of a German senator, who cooperated in the experiment. But Nohl said the process could be automated to allow massive decryption of calls and texts collected across an entire city or a large section of a country, using multiple antennas.

“It’s all automated, at the push of a button,” Nohl said. “It would strike me as a perfect spying capability, to record and decrypt pretty much any network… Any network we have tested, it works.”

Those tests have included more than 20 networks worldwide, including T-Mobile in the United States. The other major U.S. carriers have not been tested, though Nohl and Engel said it’s likely at least some of them have similar vulnerabilities. (Several smartphone-based text messaging systems, such as Apple’s iMessage and Whatsapp, use end-to-end encryption methods that sidestep traditional cellular text systems and likely would defeat the technique described by Nohl and Engel.)

In a statement, T-Mobile said: “T-Mobile remains vigilant in our work with other mobile operators, vendors and standards bodies to promote measures that can detect and prevent these attacks.”

The issue of cell phone interception is particularly sensitive in Germany because of news reports last year, based on documents provided by former NSA contractor Edward Snowden, that a phone belonging to Chancellor Angela Merkel was the subject of NSA surveillance. The techniques of that surveillance have not become public, though Nohl said that the SS7 hacking method that he and Engel discovered is one of several possibilities.

U.S. embassies and consulates in dozens of foreign cities, including Berlin, are outfitted with antennas for collecting cellular signals, according to reports by German magazine Der Spiegel, based on documents released by Snowden. Many cell phone conversations worldwide happen with either no encryption or weak encryption.

The move to 3G networks offers far better encryption and the prospect of private communications, but the hacking techniques revealed by Nohl and Engel undermine that possibility. Carriers can potentially guard their networks against efforts by hackers to collect encryption keys, but it’s unclear how many have done so. One network that operates in Germany, Vodafone, recently began blocking such requests after Nohl reported the problem to the company two weeks ago.

Nohl and Engel also have discovered new ways to track the locations of cell phone users through SS7. The Post story, in August, reported that several companies were offering governments worldwide the ability to find virtually any cell phone user, virtually anywhere in the world, by learning the location of their cell phones through an SS7 function called an “Any Time Interrogation” query.

Some carriers block such requests, and several began doing so after the Post’s report. But the researchers in recent months have found several other techniques that hackers could use to find the locations of callers by using different SS7 queries. All networks must track their customers in order to route calls to the nearest cellular towers, but they are not required to share that information with other networks or foreign governments.

Carriers everywhere must turn over location information and allow eavesdropping of calls when ordered to by government officials in whatever country they are operating in. But the techniques discovered by Nohl and Engel offer the possibility of much broader collection of caller locations and conversations, by anyone with access to SS7 and the required technical skills to send the appropriate queries.

“I doubt we are the first ones in the world who realize how open the SS7 network is,” Engel said.

Secretly eavesdropping on calls and texts would violate laws in many countries, including the United States, except when done with explicit court or other government authorization. Such restrictions likely do little to deter criminals or foreign spies, say surveillance experts, who say that embassies based in Washington likely collect cellular signals.

The researchers also found that it was possible to use SS7 to learn the phone numbers of people whose cellular signals are collected using surveillance devices. The calls transmit a temporary identification number which, by sending SS7 queries, can lead to the discovery of the phone number. That allows location tracking within a certain area, such as near government buildings.

The German senator who cooperated in Nohl’s demonstration of the technology, Thomas Jarzombek of Merkel’s Christian Democratic Union party, said that while many in that nation have been deeply angered by revelations about NSA spying, few are surprised that such intrusions are possible.

“After all the NSA and Snowden things we’ve heard, I guess nobody believes it’s possible to have a truly private conversation on a mobile phone,” he said. “When I really need a confidential conversation, I use a fixed-line” phone.

Craig Timberg is a national technology reporter for The Post.


Sharyl Attkisson’s Computer Was Hacked, Heavily Monitored By The Federal Government

October 28, 2014


Stonewalled: Ex-CBS reporter Sharyl Attkisson says that she encountered obstacles from the Obama administration and her own colleagues while reporting

Stonewalled: Ex-CBS reporter Sharyl Attkisson says that she encountered obstacles from the Obama administration and her own colleagues while reporting

Last year Former CBS News investigative reporter Sharyl Attkisson, who is known for incredible work on Operation Fast and Furious, Benghazi and other White House scandals, noticed her computers at work and at home were acting strange. She suspected someone had hacked into her computer, specifically into a desktop in her home due to the machine turning on and off by itself at all hours of the night. An initial review of the hard drive revealed that her computer had in fact been compromised, but it wasn’t known at the time who did it. The intruder into her system didn’t take any financial information and it was clear they were looking for something else.

The news of Attkisson’s computer problems came shortly after we found out the phones and emails of Fox News reporters James Rosen (and his parents) and William LaJeunesse were monitored. Rosen’s movements were also monitored by government officials and he was named as a criminal co-conspirator in an affidavit from the Department of Justice to a judge. All three reporters, LaJeunesse, Rosen and Attkisson work on stories typically unfavorable to the administration (and all three have also scrutinized former administrations, including those headed by a Republican).

Now, Attkisson is revealing in her new book Stonewalled: My Fight for Truth Against the Forces of Obstruction, Intimidation, and Harassment in Obama’s Washington that it was in fact the government that hacked into her computer, even installing software to track her information and every key she pushed. More from the New York Post:

In her new memoir, Sharyl Attkisson says a source who arranged to have her laptop checked for spyware in 2013 was “shocked” and “flabbergasted” at what the analysis revealed.

“This is outrageous. Worse than anything Nixon ever did. I wouldn’t have believed something like this could happen in the United States of America,” Attkisson quotes the source saying.

Attkisson says the source, who’s “connected to government three-letter agencies,” told her the computer was hacked into by “a sophisticated entity that used commercial, nonattributable spyware that’s proprietary to a government agency: either the CIA, FBI, the Defense Intelligence Agency or the National Security Agency.”

The breach was accomplished through an “otherwise innocuous e-mail” that Attkisson says she got in February 2012, then twice “redone” and “refreshed” through a satellite hookup and a Wi-Fi connection at a Ritz-Carlton hotel.

The spyware included programs that Attkisson says monitored her every keystroke and gave the snoops access to all her e-mails and the passwords to her financial accounts.

“The intruders discovered my Skype account handle, stole the password, activated the audio, and made heavy use of it, presumably as a listening tool,” she wrote in “Stonewalled: My Fight for Truth Against the Forces of Obstruction, Intimidation, and Harassment in Obama’s Washington.”

So what was the motive behind the hack? Attkisson believes the feds were trying to go after herself and her sources with legal charges. Keep in mind, President Obama has used the Espionage Act against more sources providing information to reporters, and ultimately the American public, than any other President in history. The fact that this administration gets away with these types of intrusions is incredibly alarming for all Americans, but particularly for reporters who shine a light on corruption. This news is incredibly unnerving for the pursuit of truth, in keeping trusted sources talking and in protecting the First Amendment.

Novel: Her revelations claim to show there is a liberal bias in the news media as a whole that excuses the Obama administration

Her revelations claim to show there is a liberal bias in the news media as a whole that excuses the Obama administration

Read more:
Follow us: @MailOnline on Twitter | DailyMail on Facebook

Edward Snowden Film Likely To Embarrass Obama Administration

October 11, 2014

Citizen Four is the shocking doc about Edward Snowden made by Glenn Greenwald and Laura Poitras. Just screened tonight was the two hour film will be released by the Weinstein Company this month. It doesn’t paint the Obama administration in a very good light as Snowden explains how the government has violated privacy rights on a massive scale.

Also the filmmakers clearly inducate that all roads lead to POTUS, a fairly serious accusation. There may be serious repercussions.

Then there’s the Hollywoodization of Snowden. The detail of how and why Snowden went about this is pretty surprising considering how the 29 year old former NSA employee says he wants his own privacy and not to be a celebrity. It’s instructive to see his evolution from eyeglass wearing nerd to contact lenses and moussed up hair sporting hero of his own thriller. It’s all very Tom Cruise. Even the beautiful girlfriend sets up housekeeping with him in Moscow. Nevertheless as the details of the NSA’s programs are revealed Snowden says, “This isn’t science fiction. It’s really happening.”.




At the end of the Laura Poitras doc, the famed informant registers shock over another who outranks him

By Seth Abramovitch, Chris O’Falt

The Hollywood Reporter

A second National Security Agency whistleblower exists within the ranks of government intelligence.

That bombshell comes toward the end of Citizenfour, a new documentary from filmmaker Laura Poitras about NSA informant Edward Snowden that had its world premiere on Friday at the New York Film Festival.

In the key scene, journalist Glenn Greenwald visits Snowden at a hotel room in Moscow. Fearing they are being taped, Greenwald communicates with Snowden via pen and paper.

While some of the exchanges are blurred for the camera, it becomes clear that Greenwald wants to convey that another government whistleblower — higher in rank than Snowden — has come forward.

The revelation clearly shocks Snowden, whose mouth drops open when he reads the details of the informant’s leak.

Also revealed by Greenwald is the fact that 1.2 million Americans are currently on a government watch-list. Among them is Poitras herself.

And the surprises don’t end there. Near the end of the film, which received a rousing standing ovation, it is revealed that Lindsay Mills, Snowden’s dancer girlfriend of 10 years, has been living with Snowden in Moscow.

When Poitras went to Moscow in July to show Snowden an early cut of the film, she shot footage of the two cooking dinner together, which appears in the final cut.

Snowden fled to Russia after the U.S. government revoked his passport and put pressure on other governments not to grant him asylum.

After spending 39 days in a Moscow airport, Snowden was granted a one-year asylum from President Vladimir Putin. He is now in the country on a three-year residency permit.

Poitras took the stage at Lincoln Center’s Alice Tully Hall following the screening, flanked by Greenwald, with whom she partnered on a pair of explosive stories in The Guardian and Washington Post about Snowden’s surveillance disclosures in June 2014.

Also joining them was Jeremy Scahill, their partner on the website The Intercept, and Snowden’s father and stepmother. Snowden’s father thanked Poitras for having made Citizenfour, which he deemed a “wonderful piece of work.”

Poitras kept her comments following the screening to a minimum, and thanked her crew and Snowden. Instead it was Greenwald and Scahill who did most of the talking, with Scahill at one point describing Poitras as “the most bad-ass director alive, period.”

Before the screening, Poitras told The Hollywood Reporter that she will never forget the moment when Snowden — who was so young Greenwald initially doubted his authenticity — said he was willing to go on the record with his allegations.

“One of the most intense moments was when Snowden told us his identity would not remain anonymous, and I knew that somebody was really, really putting their life on the line,” Poitras said.

A demonstrator holds a photograph of Edward Snowden

A demonstrator holds a sign with a photograph of Edward Snowden during 4 July celebrations in 2013 in Boston, Massachusetts. Photograph: Brian Snyder/REUTERS
From The Guardian
Lindsay Mills, girlfriend of Edward SnowdenLindsay Mills, the girlfriend of NSA whistleblower Edward Snowden, in Hawaii. Photograph: Splash/Luis Silos III

The mystery of the whereabouts of Edward Snowden’s long-time girlfriend is solved in a documentary that premiered in New York on Friday night: she has been living with the national security whistleblower in Russia since July.

The surprise revelation in the documentary, filmed by Laura Poitras, upends the widespread assumption that Snowden had deserted Lindsay Mills and that she, in a fit of pique, fled Hawaii where they had been living to stay with her parents in mainland US.

Since Snowden, a former NSA contractor, outed himself last year as being behind the biggest leak in US intelligence history, Mills has remained silent, giving no interviews or any hints of her feelings on the subject of her boyfriend or his actions.

The two-hour long documentary, Citizenfour, shows Mills living in Russia with Snowden.

When the Guardian met Snowden in Moscow in July, Snowden suggested the relationship was more complex than the view constantly recycled in the media of a woman abandoned and hinted that the two were not in fact estranged.

Citizenfour offers a fly-on-the wall account of Snowden. Poitras filmed him at the Mira hotel in Hong Kong last year during interviews with journalists that resulted in a series of stories in the Guardian about the extent of surveillance by the US and British intelligence agencies as well as the internet and telecom companies. The revelations started a worldwide debate about the balance between surveillance and privacy.

Poitras captures the tension in his room at the Mira – where then-Guardian columnist Glenn Greenwald and I interviewed him – and in his final minutes at the hotel before he fled after being tipped off that hordes of media were about to arrive. She also filmed at the Guardian in London ahead of publication of one of the most explosive of the stories arising from Snowden’s revelations, and in Moscow, where Snowden is now in exile.

Snowden has been reluctant to talk about his personal life, preferring the media focus to be on wider debate about surveillance rather than him. But Poitras’s portrayal is both personal and sympathetic.

In his first comment about the documentary, which Poitras had shown to him in advance, Snowden told the Guardian: “I hope people won’t see this as a story about heroism. It’s actually a story about what ordinary people can do in extraordinary circumstances.”

Snowden was working as an NSA contractor in Hawaii where Mills joined him. A dancer, she posted many details and photographs about herself and him on the web.

She was still in Hawaii when news broke from Hong Kong that he was the whistleblower. Days earlier, authorities, suspicious about his prolonged absence from work, had visited their home.

On her blog, subtitled, ‘Adventures of a world-travelling, pole-dancing superhero,’ she wrote that she felt “sick, exhausted and carrying the weight of the world”. Shortly afterwards, she took the blog down.

The two appear to have been together since at least 2009, living part of the time near Baltimore before moving to Hawaii in 2012.

Chinese Hacked U.S. Military Contractors, Senate Panel Says

September 17, 2014


Hackers Broke Into Computer Networks 20 Times in a Year, Armed Services Committee Report Finds

By Danny Yadron

The Wall Street Journal

A Senate investigation released Wednesday found that hackers linked to the Chinese government broke into U.S. military transportation companies’ computer networks 20 times in a year.

But the Senate Armed Services Committee says officials of the U.S. Transportation Command, responsible for moving troops across the globe in times of crisis, were told about just two of those incidents. If a system was compromised, they may not have known, the panel said.

The committee’s study covered June 2012 through June 2013.

“The security of our military operations are what is at stake,” Sen. Carl Levin, the panel’s chairman said at a news conference. “What we found is very disturbing.”

The Chinese embassy didn’t immediately return a call seeking comment.

In the past, China has denied such allegations and said that U.S. spies infiltrate its computer networks as well. Senate aides said the determination the cyberattacks came from China was made by the executive branch, which would cover the Defense Department and its National Security Agency, though they didn’t cite specific evidence.

Write to Danny Yadron at

Beheading: Former director of the National Security Agency and the Central Intelligence Agency, on the beheading of American Journalist James Foley

August 20, 2014

Gen. Michael Hayden, former director of the National Security Agency and the Central Intelligence Agency, said Tuesday that the alleged death of journalist James Foley has a “high emotional impact” across the nation and in the Oval Office.

“Our government, despite that kind of popular thought that it’s a black box — input in, output out — it’s comprised of human beings. They look at this video too, [and are] very emotionally affected by this,” Hayden said on Fox News’ “The Kelly File.” “It’s not that human lives have any different value, but this one is one of our own. This is someone from our own village.”

He continued, “This affects the people in the situation room and the Oval Office the way it affects you and me, this has high emotional impact.”

On Tuesday, men claiming to be members of the terrorist group Islamic State of Iraq and the Levant released a video that allegedly shows the beheading of Foley, an American journalist. Foley went missing in Syria in November 2012. The video also shows a man alleged to be American journalist Steven Joel Sotloff, who, his captors threaten, might be killed next, depending on President Barack Obama’s “next decision.” Intelligence officials have not yet confirmed the authenticity of the video. It was taken off YouTube about 20 minutes after it was posted.

Hayden said on “The Kelly File” that he understands that Americans might feel fighting back against ISIL could cause more harm to Americans, but he said a military response might be necessary.

“I know all about the war weariness here, I’m tired of war myself, but this may be a question of pay now or pay later, and paying later may actually be a much higher bill,” Hayden said.

Hayden said the recent events reminded him of the case of journalist Daniel Pearl, whose beheading by Al Qaeda’s Khalid Sheikh Mohammed was released on video in February 2002.

“It’s really important what the American government says, because there are a lot of audiences for the next American statement on this,” Hayden said. “Not just ISIS, but our Iraqi and Kurdish friends, as well. We’ve got to be careful with our messaging.”

Read more:



Get every new post delivered to your Inbox.

Join 983 other followers