Posts

NSA Scandal Sparks Hacker Rebellion

/3 Comments/in , /by

Many of the computer hackers the federal government has relied upon for national cyber-security are now turning away, irate over revelations the National Security Agency has been actively spying on Americans.

“The NSA and other intelligence agencies had made major inroads in recent years, in hiring some of the best and brightest,” reported Reuters’ Joseph Menn from a pair of hacker conventions held in Las Vegas last week. “Much of that goodwill has been erased after the NSA’s classified programs to monitor phone records and Internet activity were exposed by former NSA contractor Edward Snowden.”

Glyn Moody of the technology news website Techdirt further noted tensions over what he called “the increasing demonization of hackers (not to be confused with crackers that break into systems for criminal purposes), for example by trying to add an extra layer of punishment on other crimes if they were done ‘on a computer.’”

The result, Menn notes, is that U.S. efforts to recruit hackers may have taken a substantial blow, and Moody suggests it may now be much harder to “keep up the pace of technological development within the spying program.”

“We’ve gone backwards about 10 years in the relations between the good guys and the U.S. government,” said Alex Stamos, a veteran security researcher who was speaking at one of the Vegas conventions.

Read more from this story HERE.

FBI Can Hack Your Android to Remotely Activate Cell Phone Microphones

/0 Comments/in , /by

Photo Credit: Getty ImagesLaw-enforcement officials in the U.S. are expanding the use of tools routinely used by computer hackers to gather information on suspects, bringing the criminal wiretap into the cyber age.

Federal agencies have largely kept quiet about these capabilities, but court documents and interviews with people involved in the programs provide new details about the hacking tools, including spyware delivered to computers and phones through email or Web links—techniques more commonly associated with attacks by criminals.

People familiar with the Federal Bureau of Investigation’s programs say that the use of hacking tools under court orders has grown as agents seek to keep up with suspects who use new communications technology, including some types of online chat and encryption tools. The use of such communications, which can’t be wiretapped like a phone, is called “going dark” among law enforcement.

A spokeswoman for the FBI declined to comment.

The FBI develops some hacking tools internally and purchases others from the private sector. With such technology, the bureau can remotely activate the microphones in phones running Google Inc.’s GOOG -0.17% Android software to record conversations, one former U.S. official said. It can do the same to microphones in laptops without the user knowing, the person said. Google declined to comment.

Read more from this story HERE.

Hacker’s Untimely Death Mourned at Las Vegas Black Hat Convention

/2 Comments/in , /by

Photo Credit: Isaac Brekken/APBarnaby Jack, the hackers’ hacker, was once again the toast of the Black Hat convention in Las Vegas.

He won an award. He drew packed crowds. His face adorned buttons and posters. His name was on everyone’s lips.

Except this time Jack was dead, the honours were posthumous and the gatherings were memorials. There were eulogies and questions: how did he die? What will happen to his work?

…The 35-year-old New Zealander was due to show how cyber criminals could remotely attack people with pacemakers and other implanted medical devices, but on July 25 was found dead at his home in San Francisco…

Friends said intellectual curiosity drove Jack to see if a villain could remotely hijack technology to steal, in the case of ATMs, or even kill, in the case of insulin pumps and pacemakers. He showed that a scene in which a terrorist kills a character in the TV series Homeland was not necessarily outlandish. “He had a flair for doing this that almost no one in our industry has,” said Chris Wysopol, a longtime friend and chief technical officer of Veracode. “Barnaby liked the excitement, the thrill of the hunt.”

Banks and medical equipment manufacturers shuddered when he probed their technology. “They always groaned. When someone outside your company does this it’s scary,” said Wysopol…

Read more from this story HERE.

Hacker Publishes “Very Personal” Emails, Bikini Photos, Forces Colin Powell To Deny Affair with Foreign Diplomat

/12 Comments/in , /by

As a notorious hacker seeks to distribute “very personal” e-mails sent to Colin Powell by a female Romanian diplomat, the retired general is denying that he engaged in an extramarital affair with the woman while he served as Secretary of State, though he recently advised her to delete all their online exchanges, The Smoking Gun has learned.

In a statement addressing his relationship with Corina Cretu, a member of the European Parliament who previously held a series of senior posts in the Romanian government, Powell, 76, wrote that he has known Cretu for about 10 years, having first met her “when I was the Secretary of State and she was an assistant to the President of Romania. We occasionally attended the same diplomatic and international meetings.”

Powell, who served in President George W. Bush’s cabinet for four years, said that he kept in touch with Cretu, 45, by e-mail after leaving the State Department in January 2005. “Over time the emails became of a very personal nature, but did not result in an affair. Those type of emails ended a few years ago. There was no affair then and there is not one now,” Powell added…

In the “very personal” correspondence cited by Powell, Cretu calls him the love of her life and describes a relationship that spanned more than a decade. The 2010-2011 e-mails would leave most readers with the clear impression that the forlorn Cretu is writing about the twilight of a lengthy romance…

Early this morning, “Guccifer” added a second update to the general’s Facebook page. It contained a new Google Drive link that led to e-mails and photos–some dating back eight years–that were lifted from Cretu’s newly hacked Yahoo e-mail account.

Read more from this story HERE.

Anonymous Hacked into Official Congressional Email, Threatens to Compromise Accounts if Congress Doesn’t Act to End Surveillance State

/2 Comments/in , /by

Photo Credit: GettyHacker posts email addresses, passwords of House and Senate staffers online

By Alex Pappas. A hacktivist associated with Anonymous claims to have posted online thousands of email addresses and passwords for Capitol Hill staffers.

According to a Twitter account that posted a link to the hacked information, House and Senate staffers were targeted in protest of the National Security Agency’s domestic spying program.

“Dear #Congress: We are paying very, very close attention to how you handle #NSA #FISA & #PRISM Don’t.. F**k.. Up….,” Twitter user OpLastResort wrote before posting a link to the email addresses and passwords.

PRISM is the government’s secret data mining program recently revealed by NSA leaker Edward Snowden. FISA refers to the Foreign Intelligence Surveillance Act which deals with electronic surveillance. Read more from this story HERE.

__________________________________________________________________

Photo Credit: AFPWhite House stays silent on renewal of NSA data collection order

By Spencer Ackerman. The Obama administration is refusing to say whether it will seek to renew a court order that permits the National Security Agency’s bulk collection of phone records on millions of Verizon customers when it expires at the end of this week.

Officials declined to discuss what action they intend to take about the order at the center of the current surveillance scandal, which formally expires at 5pm Friday.

The looming expiration of the order, issued by the secretive Fisa court, provides an early test of Barack Obama’s claim to welcome debate over “how to strike this balance” between liberty and security. Beyond the question of the phone records collection, the court order authorizing it is a state secret.

On Thursday, the administration would not answer a question first posed by the Guardian six days ago about its intentions to continue, modify or discontinue the Verizon bulk-collection order. The White House referred queries to the Justice Department. “We have no announcement at this time,” said Justice Department spokesman Brian Fallon. The NSA and office of the Director of National Intelligence did not respond to questions.

A spokesman for the Fisa court, Sheldon Snook, said the court “respectfully declines to comment”. Read more from this story HERE.

__________________________________________________________________

NSA chief says leak damage ‘irresponsible and irreversible’

By Catherine Herridge. National Security Agency chief Keith Alexander said Thursday the damage from recently leaked information is “irresponsible and irreversible” because it has given terrorist groups the intelligence community’s “playbook.”

He also described the leaks as “crazy.”

Addressing the Aspen Security Forum, Alexander said the NSA was secretive about its programs out of necessity because the “operatives are among us.”

He added that, based on damage assessments, there is “concrete proof” terrorists now have changed their tactics. Read more from this story HERE.

__________________________________________________________________

Photo Credit: gaelxCongress: Anonymous Hack Got Only Old Emails and Passwords

By Ginger Gibson. The hacking group Anonymous published the login information for a constituent contact system used by thousands of congressional staffers, posting addresses and passwords on an online message board, according to a memo sent to Hill staffers.

Anonymous presented the information — when it on Thursday posted more than 2,100 email addresses and passwords, as login data for official congressional email accounts. But in a memo to staff from the Office of the Chief Administrator of the House, officials said the information was actually old login data for iConstituent, which is an online system used to contact voters.

“While this incident did not compromise the House email system, out of an abundance of caution, iConstituent Gateway eNewsletter account holders will be required to change their House network login,” said the memo, which was obtained by POLITICO.

The passwords, some of which belonged to individuals who no longer work for Congress, were expired, according to the memo.

“Earlier today, hackers disclosed expired login information (email addresses and passwords) of numerous iConstituent Gateway eNewsletter accounts outside of the House network,” the memo stated. “These passwords have expired and can no longer be used to access the external iConstituent service.” Read more from this story HERE.

Computer Security Vanishing: Hackers Exploit Vulnerabilities for NSA, Governments

/1 Comment/in , /by

Photo Credit: Gianni CiprianoOn the tiny Mediterranean island of Malta, two Italian hackers have been searching for bugs — not the island’s many beetle varieties, but secret flaws in computer code that governments pay hundreds of thousands of dollars to learn about and exploit.

The hackers, Luigi Auriemma, 32, and Donato Ferrante, 28, sell technical details of such vulnerabilities to countries that want to break into the computer systems of foreign adversaries. The two will not reveal the clients of their company, ReVuln, but big buyers of services like theirs include the National Security Agency — which seeks the flaws for America’s growing arsenal of cyberweapons — and American adversaries like the Revolutionary Guards of Iran.

All over the world, from South Africa to South Korea, business is booming in what hackers call “zero days,” the coding flaws in software like Microsoft Windows that can give a buyer unfettered access to a computer and any business, agency or individual dependent on one.

Just a few years ago, hackers like Mr. Auriemma and Mr. Ferrante would have sold the knowledge of coding flaws to companies like Microsoft and Apple, which would fix them. Last month, Microsoft sharply increased the amount it was willing to pay for such flaws, raising its top offer to $150,000.

But increasingly the businesses are being outbid by countries with the goal of exploiting the flaws in pursuit of the kind of success, albeit temporary, that the United States and Israel achieved three summers ago when they attacked Iran’s nuclear enrichment program with a computer worm that became known as “Stuxnet.”

Read more from this story HERE.

China Hacked Into Obama, McCain Campaigns

/1 Comment/in , /by

Photo Credit: ALAMY

Hackers, who penetrated the 2008 presidential campaigns of President Barack Obama and his GOP challenger Sen. John McCain, were not the work of a dirty tricks brigade, but rather sophisticated computer spies employed by the Chinese government.

NBC’s “Nightly News” reported the revelation on Thursday’s broadcast, including the fact that the McCain campaign had been “spooked” by a surprising call from a top Chinese diplomat at the time about a letter McCain had written on a campaign computer to the new president of Taiwan.

“The problem was that letter had not yet been delivered,” reported NBC’s Michael Isikoff.

Meanwhile, in Chicago at then Sen. Obama’s campaign headquarters, a “phony” meeting agenda email had been circulated among top campaign staffers with a hidden computer virus.

Obama told reporters at the time: “Hackers gained access to emails and a range of campaign files from policy position papers to travel plans.”

Read more from this story HERE.

Chinese Hackers Compromise Dozens of US Major Weapons Platforms

/4 Comments/in , /by

Photo Credit: APBy Ellen Nakashima. Designs for many of the nation’s most sensitive advanced weapons systems have been compromised by Chinese hackers, according to a report prepared for the Pentagon and to officials from government and the defense industry.

Among more than two dozen major weapons systems whose designs were breached were programs critical to U.S. missile defenses and combat aircraft and ships, according to a previously undisclosed section of a confidential report prepared for Pentagon leaders by the Defense Science Board.

Experts warn that the electronic intrusions gave China access to advanced technology that could accelerate the development of its weapons systems and weaken the U.S. military advantage in a future conflict.

The Defense Science Board, a senior advisory group made up of government and civilian experts, did not accuse the Chinese of stealing the designs. But senior military and industry officials with knowledge of the breaches said the vast majority were part of a widening Chinese campaign of espionage against U.S. defense contractors and government agencies.

The significance and extent of the targets help explain why the Obama administration has escalated its warnings to the Chinese government to stop what Washington sees as rampant cyber­theft. Read more from this story HERE.

_____________________________________________________

Best frenemies: U.S. wants closer military ties with China

By Shaun Waterman. White House National Security Adviser Thomas Donilon called Tuesday for strengthening U.S. military ties with China, despite growing tensions between the two over Beijing’s state-sponsored hacking and maritime territorial claims.

Donilon pushed for increased military cooperation in peacekeeping, fighting piracy and disaster relief.

“An essential part of building a new model for relations between great powers is ensuring we have a healthy, stable and reliable military-to-military relationship,” Mr. Donilon said in brief comments to reporters, Reuters reported.

He added the two countries should work to face “non-traditional security challenges” like peacekeeping and stability operations, emergency disaster relief and naval counter-piracy operations ensuring freedom of navigation.

Mr. Donilon is visiting Beijing this week ahead of a summit next week in California between President Obama and Chinese President Xi Jinping. He spoke at a meeting with Gen. Fan Changlong, vice chairman of China’s Central Military Commission, after being received by Mr. Xi on Monday. Read more from this story HERE.