Posts Tagged ‘National Security Agency’

Uber Breach and Response Draw Global Government Scrutiny

November 23, 2017

Senator criticizes ‘inexplicable delay’ in announcing the breach, while the FTC and several countries are looking into the issue

An FTC spokesman said the agency is “closely evaluating the serious issues raised.”
An FTC spokesman said the agency is “closely evaluating the serious issues raised.” PHOTO: ERIC RISBERG/ASSOCIATED PRESS
.

Government officials world-wide said they would look at Uber Technologies Inc.’s handling of a major data breach last year.

Uber said Tuesday that it paid hackers $100,000 in an effort to conceal a data breach that affected 57 million accounts. In addition to the names, emails and phone numbers of riders, about 600,000 U.S. drivers’ license numbers were accessed, Uber said.

A Federal Trade Commission spokesman said the agency is “closely evaluating the serious issues raised,” while Sen. Richard Blumenthal (D., Conn) said on Twitter that the Senate Commerce Committee should hold a hearing to “demand Uber explain their outrageous breach—and inexplicable delay in informing its consumers and drivers.”

San Francisco-based Uber said it would notify owners of the affected accounts in coming days. It fired its chief security officer and a deputy for their role in the breach and covering it up, and Chief Executive Dara Khosrowshahi apologized.

At least three European government agencies are looking into Uber’s handling of the breach, and the New York State Attorney General’s office has opened an investigation.

Uber said in a statement that “we’ve been in touch with several state attorney general offices and the FTC to discuss this issue, and we stand ready to cooperate with them going forward.”

New Mexico’s Attorney General said in a letter to Uber that the company’s reaction to the breach was “gravely concerning” and requested that the company provide more information within 10 days.

Britain’s Information Commissioner’s Office will assess what steps Uber would need to take to better comply with data-protection requirements.
Britain’s Information Commissioner’s Office will assess what steps Uber would need to take to better comply with data-protection requirements. PHOTO: SIMON DAWSON/REUTERS

Uber hasn’t disclosed a geographic breakdown of the compromised accounts. Uber said Wednesday it was in the process of notifying regulatory and government authorities about the breach. “We expect to have ongoing discussions with them,” an Uber spokesman said. “Until we complete that process we aren’t in a position to get into any more details.”

The FTC has the authority to examine Uber’s cybersecurity efforts and its response to the breach, including any communication, or lack thereof, with the public.

The commission has undertaken at least preliminary investigations, and sometimes very detailed probes, of this nature during past large-scale hacks, looking at whether a hacked company had reasonable data protection practices in place that were in line with industry best practices. The FTC also has examined how companies have responded to any known security weaknesses before a breach took place.

The FTC has pursued enforcement actions when it believed companies weren’t vigilant in following appropriate safeguards.

In September, the FTC said it was investigating a breach at Equifax Inc .

Britain’s Information Commissioner’s Office, which oversees data protection in the country, said it would assess how the breach affected people in the U.K. and what steps Uber would need to take to better comply with data-protection requirements. The office has the power to fine Uber, up to £500,000 ($665,000), for any wrongdoing.

“Deliberately concealing breaches from regulators and citizens could attract higher fines for companies,” said James Dipple-Johnstone, the British agency’s deputy commissioner, in a statement.

In addition to Britain—where Uber also faces a separate legal challenge over drivers’ compensation and a potential ban on operating in London—Italian and Dutch authorities said they also planned to evaluate how Uber handled the data breach.

“We are dismayed by the poor transparency shown towards users, which we intend to investigate,” said Antonello Soro, the Italian Data Protection Authority’s president, in a statement.

A spokesman for the data protection agency in the Netherlands, where Uber bases its European operations, said the agency would examine the reports of the data breach.

Most EU-member authorities don’t currently have the power to impose fines on companies in the case of personal data breaches. This will change under a new regulation taking effect in May 2018.

The National Privacy Commission of the Philippines said it has summoned Uber to a Nov. 23 meeting to discuss the incident and to comply with the formal breach notification procedure under the Data Privacy Act of 2012.

The coverup is another challenge for Uber, which is valued at $68 billion. Mr. Khosrowshahi has tried to bring stability after a year of controversies that took place under CEO Travis Kalanick.

Mr. Khosrowshahi has inherited several federal probes of the company over programs targeting rivals and regulators, as a well as a possible violation of the Foreign Corrupt Practices Act.

Uber is in a heated legal battle with Google parent Alphabet Inc., which filed suit in February alleging the company stole trade secrets related to self-driving cars. And it is trying to recover from claims by a former female engineer that management ignored complaints from her and other women of sexism and harassment.

The company has said it is cooperating with federal regulators in their investigations. It disputes the allegations made by Alphabet and is contesting the lawsuit.

Write to Stu Woo at Stu.Woo@wsj.com

https://www.wsj.com/articles/european-regulators-look-into-uber-handling-of-data-breach-1511378731

Related:

Advertisements

Uber Paid Hackers to Delete Stolen Data on 57 Million People

November 22, 2017

Bloomberg

By Eric Newcomer

 Updated on 
  • Company paid hackers $100,000 to delete info, keep quiet
  • Chief Security Officer Joe Sullivan and another exec ousted

Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers.

Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers was accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card information, trip location details or other data were taken, Uber said.

At the time of the incident, Uber was negotiating with U.S. regulators investigating separate claims of privacy violations. Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken. Instead, the company paid hackers to delete the data and keep the breach quiet. Uber said it believes the information was never used but declined to disclose the identities of the attackers.

Dara Khosrowshahi

Photographer: Matthew Lloyd/Bloomberg

“None of this should have happened, and I will not make excuses for it,” Dara Khosrowshahi, who took over as chief executive officer in September, said in an emailed statement. “We are changing the way we do business.”

Read more: Uber Pushed the Limits of the Law. Now Comes the Reckoning

After Uber’s disclosure Tuesday, New York Attorney General Eric Schneiderman launched an investigation into the hack, his spokeswoman Amy Spitalnick said. The company was also sued for negligence over the breach by a customer seeking class-action status.

Hackers have successfully infiltrated numerous companies in recent years. The Uber breach, while large, is dwarfed by those at Yahoo, MySpace, Target Corp., Anthem Inc.and Equifax Inc. What’s more alarming are the extreme measures Uber took to hide the attack. The breach is the latest scandal Khosrowshahi inherits from his predecessor, Travis Kalanick.

Read more: Gadfly’s Shira Ovide says Kalanick must speak

QuicktakeCybersecurity

Kalanick, Uber’s co-founder and former CEO, learned of the hack in November 2016, a month after it took place, the company said. Uber had just settled a lawsuit with the New York attorney general over data security disclosures and was in the process of negotiating with the Federal Trade Commission over the handling of consumer data. Kalanick declined to comment on the hack.

Joe Sullivan, the outgoing security chief, spearheaded the response to the hack last year, a spokesman told Bloomberg. Sullivan, a onetime federal prosecutor who joined Uber in 2015 from Facebook Inc., has been at the center of much of the decision-making that has come back to bite Uber this year. Bloomberg reported last month that the board commissioned an investigation into the activities of Sullivan’s security team. This project, conducted by an outside law firm, discovered the hack and the failure to disclose, Uber said.

Image result for Uber, signage, photos

Here’s how the hack went down: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information. Later, they emailed Uber asking for money, according to the company.

A patchwork of state and federal laws require companies to alert people and government agencies when sensitive data breaches occur. Uber said it was obligated to report the hack of driver’s license information and failed to do so.

“At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals,” Khosrowshahi said. “We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts.”

Uber has earned a reputation for flouting regulations in areas where it has operated since its founding in 2009. The U.S. has opened at least five criminal probes into possible bribes, illicit software, questionable pricing schemes and theft of a competitor’s intellectual property, people familiar with the matters have said. The San Francisco-based company also faces dozens of civil suits. London and other governments have taken steps toward banning the service, citing what they say is reckless behavior by Uber.

In January 2016, the New York attorney general fined Uber $20,000 for failing to promptly disclose an earlier data breach in 2014. After last year’s cyberattack, the company was negotiating with the FTC on a privacy settlement even as it haggled with the hackers on containing the breach, Uber said. The company finally agreed to the FTC settlement three months ago, without admitting wrongdoing and before telling the agency about last year’s attack.

The new CEO said his goal is to change Uber’s ways. Uber said it informed New York’s attorney general and the FTC about the October 2016 hack for the first time on Tuesday. Khosrowshahi asked for the resignation of Sullivan and fired Craig Clark, a senior lawyer who reported to Sullivan. The men didn’t immediately respond to requests for comment.

Khosrowshahi said in his emailed statement: “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”

The company said its investigation found that Salle Yoo, the outgoing chief legal officer who has been scrutinized for her responses to other matters, hadn’t been told about the incident. Her replacement, Tony West, will start at Uber on Wednesday and has been briefed on the cyberattack.

Travis Kalanick

Photographer: Scott Eells/Bloomberg

Kalanick was ousted as CEO in June under pressure from investors, who said he put the company at legal risk. He remains on the board and recently filled two seats he controlled.

Uber said it has hired Matt Olsen, a former general counsel at the National Security Agency and director of the National Counterterrorism Center, as an adviser. He will help the company restructure its security teams. Uber hired Mandiant, a cybersecurity firm owned by FireEye Inc., to investigate the hack.

The company plans to release a statement to customers saying it has seen “no evidence of fraud or misuse tied to the incident.” Uber said it will provide drivers whose licenses were compromised with free credit protection monitoring and identity theft protection.

— With assistance by Erik Larson

Includes Video:

https://www.bloomberg.com/news/articles/2017-11-21/uber-concealed-cyberattack-that-exposed-57-million-people-s-data

Related:

U.S. Flagged Russian Firm Kaspersky as Potential Threat as Early as 2004

November 18, 2017

Intelligence agencies have expressed concern about the cybersecurity company’s software

WASHINGTON—A Russian cybersecurity firm whose products current and former U.S. officials suspect Moscow has used as a tool for spying was flagged by U.S. military intelligence as a potential security threat as early as 2004, according to new information the Defense Department provided to Congress.

In 2013, the Defense Intelligence Agency, the U.S. military spy service, also issued a Pentagon-wide threat assessment about products made by the company, Kaspersky Lab, according to an email this week from the Pentagon to the House Committee on Science, Space and Technology. The contents of the assessment weren’t disclosed.

The DIA “began producing threat reporting referencing Kaspersky Lab as a threat actor as early as 2004,” according to the email, reviewed by The Wall Street Journal, raising questions about why other federal agencies continued to use the firm’s products.

The Journal reported in October that hackers suspected of working for the Russian government targeted a National Security Agency contractor through the contractor’s use of Kaspersky Lab antivirus software and stole details of how the U.S. penetrates foreign computer networks.

Kaspersky has long said it doesn’t assist the Russian government with spying on other countries.

The revelation about Kaspersky comes as concern over Russian infiltration of American computer networks and social-media platforms is growing after the U.S. intelligence assessment that the Russian government worked to help President Donald Trump’s 2016 campaign. Russia has denied meddling in the election.

Kaspersky published a report on Thursday saying that the computer it believes may have belonged to the NSA contractor in question was infected with other malware that could have been responsible for ex-filtrating information.

The company said in a separate statement, in response to the revelation that U.S. military intelligence flagged the firm as a threat actor, that it remains “ready to work with the U.S. government to address any and all concerns and further collaborate to mitigate against cyber threats, regardless of their origin or purpose.” It added: “we maintain that there has yet to be any credible evidence of the risks presented by the company’s products.”

The DIA’s threat analysis center, established in 2009, circulated analysis regarding Kaspersky Lab to various acquisition programs within the Pentagon, according to the email. It also made its views about the potential threat posed by Kaspersky Lab known to other agencies as early as 2012, the email said.

The email the Pentagon official sent this week was a follow-up to questions posed by the committee chairman, Rep. Lamar Smith (R., Texas), about why the Pentagon had decided not to use Kaspersky products while other U.S. federal agencies felt safe to do so.

A top Pentagon cybersecurity official, Essye Miller, told the committee at a hearing this week that the Defense Department hadn’t used Kaspersky products because of intelligence information regarding the firm.

Still, other federal agencies didn’t follow the same precautions and used Kaspersky products. Jeanette Manfra, a top Department of Homeland Security official, said at the hearing that roughly 15% of the federal agencies that checked to see if Kaspersky was operating on their systems found the company’s products. DHS has set a Dec. 12 deadline for all U.S. government agencies to remove the firm’s software.

“We expect to continue to get more information and also get those basic questions answered—like why did they ever start using Kaspersky Lab products?” Rep. Smith said.

Write to Paul Sonne at paul.sonne@wsj.com

 https://www.wsj.com/articles/u-s-flagged-russian-firm-kaspersky-as-potential-threat-in-2004-1510957459

American Intelligence Horror Story

November 13, 2017

Are U.S. spies losing their technological edge?

The National Security Agency campus in Fort Meade, Maryland in 2013.
The National Security Agency campus in Fort Meade, Maryland in 2013. PHOTO: PATRICK SEMANSKY/ASSOCIATED PRESS
.

NSA, sometimes said to stand for Never Say Anything, does not want to talk about this. But it’s a momentous crisis for the largest US intelligence agency. https://nyti.ms/2jlglTa 

The N.S.A.’s headquarters at Fort Meade in Maryland. Cybertools the agency developed have been picked up by hackers from North Korea to Russia and shot back at the United States and its allies.

Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core

A serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide.

nytimes.com

For years technologists have been warning about the possibility of a sort of digital Pearl Harbor in which a hostile foreign power launches a devastating cyber-attack on the United States. Is it already happening?

A disturbing report in the New York Timesdescribes the damage that has been done—and is still being done—by a mysterious group called the Shawdow Brokers, which managed to steal the hacking tools the U.S. National Security Agency has used to spy on other countries. The Times describes an “earthquake that has shaken the N.S.A. to its core” and adds:

Current and former agency officials say the Shadow Brokers disclosures, which began in August 2016, have been catastrophic for the N.S.A., calling into question its ability to protect potent cyberweapons and its very value to national security. The agency regarded as the world’s leader in breaking into adversaries’ computer networks failed to protect its own.

A reported breach of the NSA has been described as “catastrophic” and even worse than Edward Snowden’s massive data leak. CBS News Senior National Security Contributor @MichaelJMorelljoins @CBSThisMorning to discuss

Among the most disturbing aspects of the case is the fact that, long after the theft of critical data was detected, our government still doesn’t know how it happened. The Times writes:

Fifteen months into a wide-ranging investigation by the agency’s counterintelligence arm, known as Q Group, and the F.B.I., officials still do not know whether the N.S.A. is the victim of a brilliantly executed hack, with Russia as the most likely perpetrator, an insider’s leak, or both. Three employees have been arrested since 2015 for taking classified files, but there is fear that one or more leakers may still be in place. And there is broad agreement that the damage from the Shadow Brokers already far exceeds the harm to American intelligence done by Edward J. Snowden, the former N.S.A. contractor who fled with four laptops of classified material in 2013.

Mr. Snowden’s cascade of disclosures to journalists and his defiant public stance drew far more media coverage than this new breach. But Mr. Snowden released code words, while the Shadow Brokers have released the actual code; if he shared what might be described as battle plans, they have loosed the weapons themselves. Created at huge expense to American taxpayers, those cyberweapons have now been picked up by hackers from North Korea to Russia and shot back at the United States and its allies.

15 mos intensive investigation & FBI still can’t solve catastrophic NSA hack … but surprised people question certainty of conclusions on DNC hack where it never examined server. https://www.nytimes.com/2017/11/12/us/nsa-shadow-brokers.html 

The N.S.A.’s headquarters at Fort Meade in Maryland. Cybertools the agency developed have been picked up by hackers from North Korea to Russia and shot back at the United States and its allies.

Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core

A serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide.

nytimes.com

This NSA disaster occurred on President Obama’s watch and the Times report suggests that Mr. Obama ignored advice from top officials in his national security team to address the management failure because he prioritized the effort to search for potential 2016 Trump campaign links to Russia:

One N.S.A. official who almost saw his career ended by the Shadow Brokers is at the very top of the organization: Adm. Michael S. Rogers, director of the N.S.A. and commander of its sister military organization, United States Cyber Command. President Barack Obama’s director of national intelligence, James R. Clapper Jr., and defense secretary, Ashton B. Carter, recommended removing Admiral Rogers from his post to create accountability for the breaches.

But Mr. Obama did not act on the advice, in part because Admiral Rogers’s agency was at the center of the investigation into Russia’s interference in the 2016 election.

As for President Trump, the question is why he has not initiated a house-cleaning at the top of the NSA.

For all Americans, the question is whether the technological edge that the United States has enjoyed in defense and intelligence for essentially all of our lifetimes is now in jeopardy.

***

Bottom Stories of the Day

Why would Kim Jong-un insult me by calling me “old,” when I would NEVER call him “short and fat?” Oh well, I try so hard to be his friend – and maybe someday that will happen!

Does This Tweet Make Me Look Apophatic?
“Trump mocks North Korea’s Kim, says he would never call him ‘short and fat’,” Fox News, Nov. 12

Annals of Single-Payer Health Care
“Canadian Patients And Doctors Are Sharing ‘Excruciating’ Wait Times On Twitter,” Huff Post, Nov. 3

So Much for the War on Drugs
“GOP Tax Plan Could Deal Blow to Seniors Paying for Long-Term Care,” ElderLawAnswers,” Nov. 10

Hypothesis and Proof

  • “Without Humans, Artificial Intelligence Is Still Pretty Stupid,” The Wall Street Journal, Nov. 12
  • “How to Survive a Robot Apocalypse: Just Close the Door,” The Wall Street Journal, Nov. 10

***

Follow James Freeman on Twitter.

Subscribe to the Best of the Web email with one click.

To suggest items, please email best@wsj.com.

https://www.wsj.com/articles/american-intelligence-horror-story-1510594127

(Carol Muller helps compile Best of the Web. Thanks to Irene DeBlasio, Myles Pollin, Jordan Bruneau, Rod Pennington and Paul Wood.)

Related:

Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core

November 13, 2017

A serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide.

Trump Creates Twitter Storm — Slams ‘haters’ over Russia — Snipes at North Korea’s Kim Jong-un — I would NEVER call him “short and fat”

November 12, 2017

US President Donald Trump unleashed a twitter storm from his Asia tour on Sunday, slamming “haters and fools” playing politics with US-Russia ties and declaring that he would never describe North Korean leader Kim Jong-un as “short and fat”.

Currently on the Vietnam leg of a five-nation sweep through the region, the US president, who has been relatively quiet on Twitter since leaving Washington, put out half-a-dozen tweets in quick succession ahead of his official welcoming ceremony in Hanoi.

The missives covered a range of subjects from Mr Trump’s relations with Russian President Vladimir Putin, China’s efforts to rein in Pyongyang’s nuclear weapons programme, and a sarcastic tweet about his efforts to make “a friend” of North Korean leader Kim Jong-un.

The US president, who met with Mr Putin several times on the margins of the just-concluded APEC summit in the Vietnamese resort of Danang, took a fresh swipe at critics of his efforts to forge a close working relationship with the Russian leader.

When will all the haters and fools out there realize that having a good relationship with Russia is a good thing, not a bad thing. There always playing politics – bad for our country. I want to solve North Korea, Syria, Ukraine, terrorism, and Russia can greatly help!

“When will all the haters and fools out there realise that having a good relationship with Russia is a good thing, not a bad thing,” he tweeted.

“There (sic) always playing politics – bad for our country. I want to solve North Korea, Syria, Ukraine, terrorism, and Russia can greatly help!” he added.

Speaking to reporters on Air Force One while flying to Hanoi on Saturday, Mr Trump said he believed Vladimir Putin was being sincere when he denied meddling in the 2016 US presidential election.

Mr Trump, whose key former aides are under US investigation for possible collaboration with the Kremlin, said he had repeatedly asked Putin about the claims during their chats in Danang.

“He (Putin) said he didn’t meddle. I asked him again,” Mr Trump, who is marking one year since his shock election victory, told the reporters.

“I really believe that when he tells me that, he means it,” he added.

Why would Kim Jong-un insult me by calling me “old,” when I would NEVER call him “short and fat?” Oh well, I try so hard to be his friend – and maybe someday that will happen!

Mr Trump’s Sunday morning tweets also focused on North Korea and its nuclear weapons ambitions that have been a dominant theme on each leg of his Asia tour.

Taking exception to descriptions by North Korean officials and state media of him as an “old” man, Mr Trump declared himself disappointed by what he took to be a personal attack from the North’s young leader.

“Why would Kim Jong-un insult me by calling me “old,” when I would NEVER call him “short and fat?” Mr Trump said.

“Oh well, I try so hard to be his friend – and maybe someday that will happen!” he added.

North Korea is extremely sensitive to any remarks – even if not meant seriously – that it sees as disrespectful of the country’ ruling Kim dynasty, whose members are revered as near deities.

Does the Fake News Media remember when Crooked Hillary Clinton, as Secretary of State, was begging Russia to be our friend with the misspelled reset button? Obama tried also, but he had zero chemistry with Putin.

Since becoming president, Mr Trump has engaged in an escalating war of words with Kim, trading personal insults and threats of military strikes and raising concerns about an outbreak of hostilities.

Over the past week, Mr Trump has urged Asian leaders to take a united front against the threat posed by the isolated North, warning at APEC that the region “must not be held hostage to a dictator’s twisted fantasies”.

Late Saturday, Pyongyang hit back, calling his Asia trip “a warmonger’s visit for confrontation” and saying it would only serve to accelerate Pyongyang’s push for nuclear statehood.

In another tweet Sunday, Mr Trump said Chinese leader Xi Jinping had agreed to toughen sanctions against North Korea, whose impoverished economy is hugely reliant on trade with China.

“President Xi of China has stated that he is upping the sanctions against (North Korea). Said he wants them to denuclearise. Progress is being made,” he wrote.

The US administration thinks China’s economic leverage over North Korea is the key to strong-arming Pyongyang into halting its nuclear weapons and missile programmes.

China has made no sanctions announcement in recent days, and it was unclear if Mr Trump was referring to statements Xi may have made during their summit in Beijing on Thursday, or when they met at APEC.

Related:

Trump Says Putin ‘Means It’ About Not Meddling — Gets A Firestorm From U.S. Intelligence Community, John McCain

November 12, 2017

DANANG, Vietnam — President Trump said on Saturday that he believed President Vladimir V. Putin was sincere in his denials of interference in the 2016 presidential elections, calling questions about Moscow’s meddling a politically motivated “hit job” that was hindering cooperation with Russia on life-or-death issues.

Speaking after meeting privately with Mr. Putin on the sideline of the Asia Pacific Economic Cooperation summit meeting in Danang, Vietnam, Mr. Trump said that he had again asked whether Russia had meddled in the contest, but that the continued focus on the issue was insulting to Mr. Putin.

Mr. Trump said it was time to move past the issue so that the United States and Russia could cooperate on confronting the nuclear threat from North Korea, solving the Syrian civil war and working together on Ukraine.

“He said he didn’t meddle — I asked him again,” Mr. Trump told reporters traveling with him aboard Air Force One as he flew to Hanoi for more meetings. “You can only ask so many times. I just asked him again. He said he absolutely did not meddle in our election. He did not do what they are saying he did.”

Mr. Trump did not answer a direct question about whether he believed Mr. Putin’s denials, but his account of the conversation indicated he was far more inclined to accept the Russian president’s assertions than those of his own intelligence agencies, which have concluded that Mr. Putin directed an elaborate effort to interfere in the vote. The C.I.A., the National Security Agency, the F.B.I. and the Office of the Director of National Intelligence all determined that Russia meddled in the election.

Image may contain: 1 person, smiling, closeup

“Every time he sees me he says, ‘I didn’t do that,’ and I really believe that when he tells me that, he means it,” Mr. Trump said of Mr. Putin. “I think he is very insulted by it, which is not a good thing for our country.”

His remarks came as the investigation into the Trump campaign’s ties to Russia deepened, with disclosures over the past two weeks showing that there were more contacts between Trump campaign advisers and Russians than were previously known, and that senior campaign officials were aware of them.

On Sunday, Mr. Trump seemed to walk his comments back a bit, saying that he did not dispute the assessment of the nation’s key intelligence agencies that Russia had intervened in the 2016 presidential election.

“As to whether I believe it or not, I’m with our agencies, especially as currently constituted with their leadership,” Mr. Trump said at a news conference in Hanoi alongside Vietnam’s president, Tran Dai Quang. “I believe in our agencies. I’ve worked with them very strongly.”

Mr. Trump’s earlier comments inspired immediate ridicule from Democratic lawmakers, including Representative Adam B. Schiff of California, the top Democrat on the House Intelligence Committee, which is investigating Russian interference in the election.

Read the rest:https://www.nytimes.com/2017/11/11/world/asia/trump-putin-election.html?hp&action=click&pgtype=Homepage&clickSource=story-heading&module=first-column-region&region=top-news&WT.nav=top-news

********************************

McCain slams Trump over siding with Putin on Russia meddling

STORY HIGHLIGHTS

  • McCain is a strong critic of Trump
  • This isn’t the first time he criticized Trump on Saturday

Washington (CNN) — Sen. John McCain slammed President Donald Trump on Saturday for saying he believes Russian President Vladimir Putin over senior US intelligence officials when he says his country didn’t interfere in the 2016 election.

“President Trump today stated that he believed Vladimir Putin is being sincere when he denies Russian interference in the 2016 presidential election and reiterated that he hopes to cooperate with Russia in Syria,” McCain, a strong critic of the President, said in a statement. “There’s nothing ‘America First’ about taking the word of a KGB colonel over that of the American intelligence community. There’s no ‘principled realism’ in cooperating with Russia to prop up the murderous Assad regime, which remains the greatest obstacle to a political solution that would bring an end to the bloodshed in Syria. Vladimir Putin does not have America’s interests at heart. To believe otherwise is not only naive but also places our national security at risk.”
.
Image may contain: 1 person, suit and indoor
.
John McCain, July 25, 2017. Credit Shawn Thew – European Pressphoto Agency
.
McCain was referencing remarks Trump made while describing his relationship with Putin and the ongoing investigations into 2016 meddling on Saturday. The president seemed to indicate to reporters aboard Air Force One on Saturday that he trusts Putin’s denials more than the comments of former intelligence officials, like former high-ranking intelligence officials James Comey, John Brennan and James Clapper.
“I mean, give me a break, they are political hacks,” Trump said. “So you look at it, I mean, you have Brennan, you have Clapper and you have Comey. Comey is proven now to be a liar and he is proven now to be a leaker. So you look at that and you have President Putin very strongly, vehemently says he had nothing to do with them.”
.
Trump told reporters as he flew from Da Nang to Hanoi in Vietnam that he’s done confronting Putin over the issue and took him at his word that Russia did not seek to interfere in the election.
.
“He said he didn’t meddle. He said he didn’t meddle. I asked him again. You can only ask so many times,” Trump said.
.
Trump spoke to Putin three times on the sidelines of summit when the Russia meddling issue arose.
.
“Every time he sees me, he says, ‘I didn’t do that,'” Trump said. “And I believe, I really believe, that when he tells me that, he means it.”
.
“I think he is very insulted by it,” Trump added.
.
McCain also criticized Trump’s performance earlier Saturday, calling it “sad” — a favorite word of Trump’s on Twitter — that the President didn’t address human rights during a stop in Vietnam.
.
“.@POTUS in #Danang & no mention of human rights – Sad,” McCain tweeted.
Trump defended his decision on the plane with reporters, saying he is addressing human rights but also “many other things.”
.
“Well, I do do it. But I also raise issues on many other things,” he said. “I mean I have an obligation — we lost last year with China, depending on the way you do your numbers, because you can do them a number of ways, anywhere from $350 to $504 billion. That’s with one country.”
.
McCain has stepped up his criticism of Trump in recent weeks. Last month, he warned against “half-baked, spurious nationalism” while accepting the Liberty Medal from former Vice President Joe Biden.
.
The Vietnam veteran, who was tortured during his more than five years as a prisoner of war, also appeared to mock Trump’s draft deferments when he criticized people from “the highest income level” who avoided the draft by finding a doctor who “would say that they had a bone spur.” He later said the comment was not specifically about Trump.

Trump Says Putin Feels Insulted by Repeated Questions on Election Meddling

November 11, 2017

Leaders finalize aligned positions on Syria after meeting at APEC summit in Vietnam

U.S. President Donald Trump said he and Russian President Vladimir Putin had several conversations on Saturday in which they aligned their positions on Syria, and appeared to share skepticism about Russia’s meddling in the 2016 presidential election.

Speaking to reporters for nearly 30 minutes on Air Force One, Mr. Trump said that Mr. Putin is becoming irritated by repeated questions about Russia’s interference in his electoral victory.

“Every time he sees me he says, ‘I didn’t do that,’ and I really believe that when he tells me that, he means it,” Mr. Trump said on the flight from Da Nang to Hanoi. “I think he is very insulted by it, which is not a good thing for our country.”

“There is nothing to investigate here,” Russian news agency Interfax quoted Mr. Putin as saying in Da Nang. “You can dig deeper in search of some sensation, but it’s not there.”

A report from the U.S. intelligence community in January concluded that Russia attempted to interfere in the presidential election through a campaign of disinformation, data thefts and leaks. The report concluded that the effort was aimed at boosting Mr. Trump and damaging his Democratic opponent, Hillary Clinton.

Top intelligence officials in the Trump administration—the heads of the Central Intelligence Agency, Federal Bureau of Investigation and National Security Agency—all testified in May that they accepted the conclusion of the report. Mr. Trump, meanwhile, has questioned the findings.

Related Coverage

  • Pacific-Rim Countries Move Closer to TPP Deal Without U.S.
  • Trump, Xi Push Opposing Views on Trade
  • New U.S. Skepticism on Multilateral Trade Jars Pacific Rim Summit
  • In China, Trump Employs Tough Talk, Flattery With Xi
  • $250 Billion in U.S.-China Deals Don’t Add Up
  • Trump Warns North Korea Not to Underestimate U.S.
  • Trump Urges Japan to Buy More U.S. Military Equipment

Messrs. Trump and Putin met briefly at the Asia Pacific Economic Cooperation plenary session when the U.S. president entered the room and walked to his Russian counterpart. The two stood shaking hands and spoke briefly before taking their respective seats.

Mr. Trump said he and Mr. Putin had “two or three conversations” during the summit in which they discussed the situation in Syria. The two countries later issued a joint statement that underscored how close Moscow and Washington’s positions have grown around the war-torn country.

“It’s going to save a tremendous numbers of lives and we did it very quickly, we agreed very quickly,” Mr. Trump said. “We seem to have a very good feeling for each other, a good relationship considering we don’t know each other well. I think it’s a very good relationship.”

Interfax reported the statement as saying, “The presidents agreed there is no military solution to the conflict in Syria.”

World leader at the 21-country summit in Da Nang, Vietnam, on Saturday. Photo: Klimentyev Mikhail/Zuma Press

Though the statement reiterated Washington and Moscow’s broad policies on the country, Syria appears to be one of the few arenas in which Messrs. Putin and Trump, both of whom have advocated better ties between Moscow and Washington, can make a show of cooperation. Mr. Trump is largely limited in expanding ties with Russia as Congress has expanded sanctions against the country for meddling in the election.

Russian news agencies quoted Kremlin spokesman Dmitry Peskov as saying the agreement had been finalized in talks between the two leaders on the sidelines of the conference.

Mr. Peskov said the text of the statement had been worked out between U.S. Secretary of State Rex Tillerson and Russian Foreign Minister Sergei Lavrov earlier in the day.

In the sharpest break with the U.S.’s traditional tone on Syria, the statement noted the adherence of Syrian President Bashar al-Assad to the Geneva peace process, including constitutional reform and conditions for free and fair elections.

Unlike the previous U.S. administration, Mr. Trump has said Mr. Assad’s departure isn’t a precondition for starting peace talks. However, Mr. Trump personally authorized a volley of cruise missiles to strike a Syrian government base in April following a chemical weapons attack earlier this year.

Mr. Tillerson said last month that the reign of Mr. Assad’s family is coming to an end, adding “the only issue is how that should be brought about.

“He’s easy to talk to regarding cooperation.”

Mr. Trump, who returns to Washington on Wednesday after 10 days in Asia, said he believed it was a “great trip” so far. He touted his stamina—the entire trip, which started with a stop in Hawaii, will include 12 days away from Washington—and said he has improved relationships for the U.S. across Asia.

He said that Japan and South Korea, the first two countries he visited, are “now getting along much, much better.” He touted his relationship with Chinese President Xi Jinping, whom he met with on his third stop, and said the leader was “a strong person” and “very smart.”

Mr. Trump said he would like to see Mr. Xi put more pressure on North Korea to dismantle its nuclear program

“I’d like to have [Mr. Xi] ratchet it up,” Mr. Trump said. “And I think he’s doing that. We had a long talk about it.”

But Mr. Trump said he has great relationships with leaders around the world. Noting the 21-country summit in Da Nang that he participated in, Mr. Trump said he has “a great relationship with every single one of them.”

He said he has the “potential” to be as close to Mr. Putin as he is with Mr. Xi.

“I don’t know him like I know President Xi because I spent a lot of time with President Xi,” Mr. Trump said. “I think we have the potential to have a very, very good relationship.”

Mr. Putin said he and Mr. Trump had much to talk about regarding their bilateral relations and that opportunities must be found for dialogue.

“We don’t know each other well, but the president of the United States behaves highly appropriately,” Mr. Putin said. “He’s easy to talk to regarding cooperation.”

He also said that time for a separate meeting with Mr. Trump hadn’t been found because of protocol issues the teams of the two presidents failed to solve.

“They’ll be punished,” he said, referring to those responsible.

Write to Michael C. Bender at Mike.Bender@wsj.com and Thomas Grove at thomas.grove@wsj.com

https://www.wsj.com/articles/trump-putin-take-joint-stance-on-syria-1510394190

Russian Hackers Stole NSA Data on U.S. Cyber Defense

October 5, 2017

The breach, considered the most serious in years, could enable Russia to evade NSA surveillance and more easily infiltrate U.S. networks

The National Security Agency campus in Fort Meade, Md. An NSA contractor took highly sensitive data from the complex and put it on his home computer, from which it was stolen by hackers working for the Russian government, people familiar with the matter said.
The National Security Agency campus in Fort Meade, Md. An NSA contractor took highly sensitive data from the complex and put it on his home computer, from which it was stolen by hackers working for the Russian government, people familiar with the matter said.PHOTO: PATRICK SEMANSKY/ASSOCIATED PRESS
.

WASHINGTON—Hackers working for the Russian government stole details of how the U.S. penetrates foreign computer networks and defends against cyberattacks after a National Security Agency contractor removed the highly classified material and put it on his home computer, according to multiple people with knowledge of the matter.

The hackers appear to have targeted the contractor after identifying the files through the contractor’s use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said.

The theft, which hasn’t been disclosed, is considered by experts to be one of the most significant security breaches in recent years. It offers a rare glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S.

The incident occurred in 2015 but wasn’t discovered until spring of last year, said the people familiar with the matter.

The stolen material included details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying and how it defends networks inside the U.S., these people said.

Having such information could give the Russian government information on how to protect its own networks, making it more difficult for the NSA to conduct its work. It also could give the Russians methods to infiltrate the networks of the U.S. and other nations, these people said.

The breach is the first known incident in which Kaspersky software is believed to have been exploited by Russian hackers to conduct espionage against the U.S. government. The company, which sells its antivirus products in the U.S., had revenue of more than half a billion dollars in Western Europe and the Americas in 2016, according to International Data Corp. By Kaspersky’s own account it has more than 400 million users world-wide.

The revelation comes as concern over Russian infiltration of American computer networks and social media platforms is growing amid a U.S. special counsel’s investigation into whether Donald Trump’s presidential campaign sought or received assistance from the Russian government. Mr. Trump denies any impropriety and has called the matter a “witch hunt.”

Intelligence officials have concluded that a campaign authorized by the highest levels of the Russian government hacked into state election-board systems and the email networks of political organizations to damage the candidacy of Democratic presidential nominee Hillary Clinton.

A spokesman for the NSA didn’t comment on the security breach. “Whether the information is credible or not, NSA’s policy is never to comment on affiliate or personnel matters,” he said. He noted that the Defense Department, of which the NSA is a part, has a contract for antivirus software with another company, not Kaspersky.

In a statement, Kaspersky Lab said it “has not been provided any information or evidence substantiating this alleged incident, and as a result, we must assume that this is another example of a false accusation.”

Kremlin spokesman Dmitry Peskov in a statement didn’t address whether the Russian government stole materials from the NSA using Kaspersky software. But he criticized the U.S. government’s decision to ban the software from use by U.S. agencies as “undermining the competitive positions of Russian companies on the world arena.”

The Kaspersky incident is the third publicly known breach at the NSA involving a contractor’s access to a huge trove of highly classified materials. It prompted an official letter of reprimand to the agency’s director, Adm. Michael Rogers, by his superiors, people familiar with the situation said.

National Security Agency Director Michael Rogers.
National Security Agency Director Michael Rogers. PHOTO: SAUL LOEB/AGENCE FRANCE-PRESSE/GETTY IMAGES

Adm. Rogers came into his post in 2014 promising to staunch leaks after the disclosure that NSA contractor Edward Snowden the year before gave classified documents to journalists that revealed surveillance programs run by the U.S. and allied nations.

The Kaspersky-linked incident predates the arrest last year of another NSA contractor, Harold Martin, who allegedly removed massive amounts of classified information from the agency’s headquarters and kept it at his home, but wasn’t thought to have shared the data.

Mr. Martin pleaded not guilty to charges that include stealing classified information. His lawyer has said he took the information home only to get better at his job and never intended to reveal secrets.

The name of the NSA contractor in the Kaspersky-related incident and the company he worked for aren’t publicly known. People familiar with the matter said he is thought to have purposely taken home numerous documents and other materials from NSA headquarters, possibly to continue working beyond his normal office hours.

The man isn’t believed to have wittingly worked for a foreign government, but knew that removing classified information without authorization is a violation of NSA policies and potentially a criminal act, said people with knowledge of the breach.

It is unclear whether he has been dismissed from his job or faces charges. The incident remains under federal investigation, said people familiar with the matter.

Kaspersky software once was authorized for use by nearly two dozen U.S. government agencies, including the Army, Navy and Air Force, and the departments of Defense, State, Homeland Security, Energy, Veterans Affairs, Justice and Treasury.

The headquarters of the Russian cybersecurity company Kaspersky Lab.
The headquarters of the Russian cybersecurity company Kaspersky Lab. PHOTO: SAVOSTYANOV SERGEI/TASS/ZUMA PRESS

NSA employees and contractors never had been authorized to use Kaspersky software at work. While there was no prohibition against these employees or contractors using it at home, they were advised not to before the 2015 incident, said people with knowledge of the guidance the agency gave.

For years, U.S. national security officials have suspected that Kaspersky Lab, founded by a computer scientist who was trained at a KGB-sponsored technical school, is a proxy of the Russian government, which under Russian law can compel the company’s assistance in intercepting communications as they move through Russian computer networks.

Kaspersky said in its statement: “As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the company has never helped, nor will help, any government in the world with its cyberespionage efforts.”

Suspicions about the company prompted the Department of Homeland Security last month to take the extraordinary step of banning all U.S. government departments and agencies from using Kaspersky products and services. Officials determined that “malicious cyber actors” could use the company’s antivirus software to gain access to a computer’s files, said people familiar with the matter.

The government’s decision came after months of intensive discussions inside the intelligence community, as well as a study of how the software works and the company’s suspected connections to the Russian government, said people familiar with the events. They said intelligence officials also were concerned that given the prevalence of Kaspersky on the commercial market, countless people could be targeted, including family members of senior government officials, or that Russia could use the software to steal information for competitive economic advantage.

“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security,” the DHS said Sept. 13 in announcing the government ban.

All antivirus software scans computers looking for malicious code, comparing what is on the machine to a master list housed at the software company. But that scanning also gives makers of the software an inventory of what is on the computer, experts say.

“It’s basically the equivalent of digital dumpster diving,” said Blake Darché, a former NSA employee who worked in the agency’s elite hacking group that targets foreign computer systems.

Kaspersky is “aggressive” in its methods of hunting for malware, Mr. Darché said, “in that they will make copies of files on a computer, anything that they think is interesting.” He said the product’s user license agreement, which few customers probably read, allows this.

“You’re basically surrendering your right to privacy by using Kaspersky software,” said Mr. Darché, who is chief security officer for Area 1, a computer security company.

“We aggressively detect and mitigate malware infections no matter the source and we have been proudly doing it for 20 years,” the company said in its statement. “We make no apologies for being aggressive in the battle against malware and cybercriminals.”

U.S. investigators believe the contractor’s use of the software alerted Russian hackers to the presence of files that may have been taken from the NSA, according to people with knowledge of the investigation. Experts said the software, in searching for malicious code, may have found samples of it in the data the contractor removed from the NSA.

But how the antivirus system made that determination is unclear, such as whether Kaspersky technicians programed the software to look for specific parameters that indicated NSA material. Also unclear is whether Kaspersky employees alerted the Russian government to the finding.

Kaspersky Lab Chief Executive Eugene Kaspersky. The company said it never would help ‘any government in the world with its cyberespionage efforts.’
Kaspersky Lab Chief Executive Eugene Kaspersky. The company said it never would help ‘any government in the world with its cyberespionage efforts.’ PHOTO: SHARIFULIN VALERY/TASS/ZUMA PRESS

Investigators did determine that, armed with the knowledge that Kaspersky’s software provided of what files were suspected on the contractor’s computer, hackers working for Russia homed in on the machine and obtained a large amount of information, according to the people familiar with the matter.

The breach illustrates the chronic problem the NSA has had with keeping highly classified secrets from spilling out, former intelligence personnel say. They say they were rarely searched while entering or leaving their workplaces to see if they were carrying classified documents or removable storage media, such as a thumb drive.

The incident was considered so serious that it was given a classified code name and set off alarms among top national security officials because it demonstrated how the software could be used for spying. Members of Congress also were informed, said people familiar with the matter.

Then-Defense Secretary Ash Carter and then-Director of National Intelligence James Clapper pushed President Barack Obama to remove Adm. Rogers as NSA head, due in part to the number of data breaches on his watch, according to several officials familiar with the matter.

The NSA director had fallen out of White House favor when he traveled to Bedminster, N.J., last November to meet with president-elect Donald Trump about taking a job in his administration, said people familiar with the matter. Adm. Rogers didn’t notify his superiors, an extraordinary step for a senior military officer, U.S. officials said.

Adm. Rogers wasn’t fired for a number of reasons, including a pending restructuring of the NSA that would have been further complicated by his departure, according to people with knowledge of internal deliberations. An NSA spokesman didn’t comment on efforts to remove Adm. Rogers.

Write to Gordon Lubold at Gordon.Lubold@wsj.com and Shane Harris at shane.harris@wsj.com

https://www.wsj.com/articles/russian-hackers-stole-nsa-data-on-u-s-cyber-defense-1507222108

U.S. lawmakers want to restrict internet surveillance on Americans

October 5, 2017

By Dustin Volz

Reuters

(Reuters) – A bipartisan group of U.S. lawmakers unveiled legislation on Wednesday that would overhaul aspects of the National Security Agency’s warrantless internet surveillance program in an effort to install additional privacy protections.

The bill, which will be formally introduced as soon as Thursday, is likely to revive debate in Washington over the balance between security and privacy, amid concerns among some lawmakers in both parties that the U.S. government may be too eager to spy on its own citizens.

The legislation, written by the House of Representatives Judiciary Committee, is seen by civil liberties groups as the best chance in Congress to reform the law, known as Section 702 of the  Foreign Intelligence Surveillance Act, before its expiration on Dec. 31.

 Image may contain: sky and outdoor

Senior U.S. intelligence officials consider Section 702 to be among the most vital tools they have to thwart threats to national security and American allies.

It allows U.S. intelligence agencies to eavesdrop on and store vast amounts of digital communications from foreign suspects living outside the United States.

But the program, classified details of which were exposed in 2013 by former NSA contractor Edward Snowden, also incidentally scoops up communications of Americans, including if they communicate with a foreign target living overseas. Those communications can then be subject to searches without a warrant by the Federal Bureau of Investigation.

A discussion draft of the legislation, a copy of which was seen by Reuters, partially restricts the FBI’s ability to access American data collected under Section 702 by requiring the agency to obtain a warrant when seeking evidence of a crime.

That limit would not apply, however, to requests of data that involve counterterrorism or counter-espionage.

The narrower restriction on what some have called a “backdoor search loophole” has disappointed some civil liberties groups. Several organizations sent a letter this week saying they would not support legislation that did not require a warrant for all queries of American data collected under Section 702.

The legislation would also renew the program for six years and codify the National Security Agency’s decision earlier this year to halt the collection of communications that merely mentioned a foreign intelligence target. But that codification would end in six years as well, meaning NSA could potentially resume the activity in 2023.

The spy agency has said it lost some operational capability by ending so-called “about” collection due to privacy compliance issues and has lobbied against a law that would make its termination permanent.

Republican senators introduced a bill earlier this year to renew Section 702 without changes and make it permanent, a position backed by the White House and

(Reuters) – A bipartisan group of U.S. lawmakers unveiled legislation on Wednesday that would overhaul aspects of the National Security Agency’s warrantless internet surveillance program in an effort to install additional privacy protections.

The bill, which will be formally introduced as soon as Thursday, is likely to revive debate in Washington over the balance between security and privacy, amid concerns among some lawmakers in both parties that the U.S. government may be too eager to spy on its own citizens.

The legislation, written by the House of Representatives Judiciary Committee, is seen by civil liberties groups as the best chance in Congress to reform the law, known as Section 702 of the Foreign Intelligence Surveillance Act, before its expiration on Dec. 31.

Senior U.S. intelligence officials consider Section 702 to be among the most vital tools they have to thwart threats to national security and American allies.

It allows U.S. intelligence agencies to eavesdrop on and store vast amounts of digital communications from foreign suspects living outside the United States.

But the program, classified details of which were exposed in 2013 by former NSA contractor Edward Snowden, also incidentally scoops up communications of Americans, including if they communicate with a foreign target living overseas. Those communications can then be subject to searches without a warrant by the Federal Bureau of Investigation.

A discussion draft of the legislation, a copy of which was seen by Reuters, partially restricts the FBI’s ability to access American data collected under Section 702 by requiring the agency to obtain a warrant when seeking evidence of a crime.

That limit would not apply, however, to requests of data that involve counterterrorism or counter-espionage.

The narrower restriction on what some have called a “backdoor search loophole” has disappointed some civil liberties groups. Several organizations sent a letter this week saying they would not support legislation that did not require a warrant for all queries of American data collected under Section 702.

The legislation would also renew the program for six years and codify the National Security Agency’s decision earlier this year to halt the collection of communications that merely mentioned a foreign intelligence target. But that codification would end in six years as well, meaning NSA could potentially resume the activity in 2023.

The spy agency has said it lost some operational capability by ending so-called “about” collection due to privacy compliance issues and has lobbied against a law that would make its termination permanent.

Republican senators introduced a bill earlier this year to renew Section 702 without changes and make it permanent, a position backed by the White House and intelligence agencies.

.