NSA updates.....
http://rt.com/usa/nsa-cyber-operations-classified-247/
The US National Security Agency may have some of the most sophisticated cyber-surveillance programs in the world, but it was trivial for former NSA contractor Edward Snowden to walk off with sensitive data, sources say, owing to the agency's antiquated internal security.
"The [Defense Department] and especially NSA are known for awesome cyber security, but this seems somewhat misplaced," former US security official Jason Healey told NBC News on Thursday. "They are great at some sophisticated tasks but oddly bad at many of the simplest."
While some sources claimed that it was Snowden's genius for infiltrating electronic systems that allowed him to make off with a cache of at least 20,000 documents – "Every day, they are learning how brilliant [Snowden] was," one former US official said – other sources suggested that all he needed was a little determination and the right business card.
"It's 2013," an insider told NBC, "and the NSA is stuck in 2003 technology."
For example, the NSA policy prevents a typical worker from doing things like copying files to USB thumb drives or other external storage. But Snowden had an easy way around those restrictions, simply by virtue of being classified as a "systems administrator".
With that privilege, Snowden would have been able to move files around at will, sources claim. If higher-ups ever questioned him about it, he could have claimed he was doing so in order to repair a corrupted drive or some other maintenance operation.
Snowden's administrator account also gave him the ability to log into the accounts of other users of the agency's NSAnet computer systems – some of whom had higher security clearance than Snowden himself did.
In essence, Snowden was able to impersonate those NSA employees to gain access to highly sensitive documents, which he was then able to copy to thumb drives. This was so easy to do that one source described him as a "ghost user" of NSAnet, whose activities couldn't easily be traced.
The NSA is reportedly only now piecing together the exact steps Snowden took to infiltrate its systems, including identifying specific users whose accounts he used to access documents. But there's no clear paper trail – investigators are said to be looking for red-flag discrepancies, such as accounts that were accessed while their owners were on vacation.
Once he began collecting documents, Snowden was surely also emboldened by the fact that, as a contractor working for Booz Allen Hamilton in Hawaii, he never once needed to set foot in NSA headquarters. Instead, he could access the files he wanted from a computer terminal some 5,000 miles away.
The NSA reportedly employs around 40,000 people, roughly 1,000 of which are systems administrators. Like Snowden, most of those systems admins are contractors – or they were, at least.
Earlier this month, NSA director General Keith Alexander announced that the agency plans to reduce its total number of sysadmins by 90 per cent, specifically to reduce the number of staffers who have access to secret information.
Such measures come too late to reduce the impact of Snowden's leaks, however. As one former intelligence official described the aftermath of Snowden's disclosures to NBC News, "The damage, on a scale of 1 to 10, is a 12." ®
http://rt.com/usa/nsa-cyber-operations-classified-247/
Snowden leaks: NSA conducted 231 offensive cyber-ops in 2011, hailed as 'active defense'
US intelligence carried out 231 offensive cyber-ops in 2011, nearly three-quarters of them against key targets such as Iran, Russia, China and N. Korea, as well as nuclear proliferation, a classified report obtained by The Washington Post says.
The “most challenging targets” also include suspected terrorists“in Afghanistan, Pakistan, Yemen, Iraq, Somalia, and other extremist safe havens,” according to one list of priorities. US budget documents describe the attacks as “active defense.”
Some cyber-operations reportedly feature what one budget document calls “field operations” organized “to physically place hardware implants or software modifications” with the help of CIA operatives or clandestine military forces.
An implant is often coded in software by an NSA group called Tailored Access Operations, which builds attack tools that are custom-fitted to their targets, The Washington Post reports, adding that this year TAO is working on implants that “can identify select voice conversations of interest within a target network and exfiltrate select cuts,” one budget document says.
The reported US intelligence cyber-missions include the defense of military and other classified computer networks against foreign attack. These missions account for one-third of the total cyber-operations budget of $1.02 billion or 2013, according to the Cryptologic Program budget.
President Barack Obama's directive on cyber-operations, issued in October 2012 and leaked in June 2013 by Snowden, stated that military cyber-operations resulting in the disruption, destruction or manipulation of computers must be approved by the president himself. The document largely does not apply to US intelligence agencies, however.
According to the US intelligence budget, by the end of this year a $652 million program named GENIE, which reportedly helps the US break into foreign networks to plant sophisticated malware in computers, routers and firewalls in tens of thousands of machines every year, will control at least 85,000 implants in strategically chosen computers around the world - four times the number available in 2008.
The NSA appears to be planning a rapid expansion of those numbers, which were limited until recently by the need for human operators to take remote control of compromised computers. Affected by disclosures of the classified data by Snowden, the NSA announced earlier this month it would cut up to 90 percent of its system administrators to reduce the number of people with access to secret information. Snowden leaked documents to the Guardian and the Washington Post, revealing previously secret telephone and internet surveillance programs run by the US government.
According to an authoritative reference document, for GENIE’s next phase the NSA has brought online an automated system, code-named TURBINE, capable of managing “potentially millions of implants” for intelligence gathering “and active attack,” The Washington Post reported.
Given the “vast volumes of data” pulled in by the NSA, storage could be a problem. The NSA has nearly completed a large-scale new data center in Utah, which will manage “storage, analysis, and intelligence production.” This will allow intelligence agencies “to evaluate similarities among intrusions that could indicate the presence of a coordinated cyber-attack, whether from an organized criminal enterprise or a nation-state.”
Some cyber-operations reportedly feature what one budget document calls “field operations” organized “to physically place hardware implants or software modifications” with the help of CIA operatives or clandestine military forces.
An implant is often coded in software by an NSA group called Tailored Access Operations, which builds attack tools that are custom-fitted to their targets, The Washington Post reports, adding that this year TAO is working on implants that “can identify select voice conversations of interest within a target network and exfiltrate select cuts,” one budget document says.
The reported US intelligence cyber-missions include the defense of military and other classified computer networks against foreign attack. These missions account for one-third of the total cyber-operations budget of $1.02 billion or 2013, according to the Cryptologic Program budget.
President Barack Obama's directive on cyber-operations, issued in October 2012 and leaked in June 2013 by Snowden, stated that military cyber-operations resulting in the disruption, destruction or manipulation of computers must be approved by the president himself. The document largely does not apply to US intelligence agencies, however.
According to the US intelligence budget, by the end of this year a $652 million program named GENIE, which reportedly helps the US break into foreign networks to plant sophisticated malware in computers, routers and firewalls in tens of thousands of machines every year, will control at least 85,000 implants in strategically chosen computers around the world - four times the number available in 2008.
The NSA appears to be planning a rapid expansion of those numbers, which were limited until recently by the need for human operators to take remote control of compromised computers. Affected by disclosures of the classified data by Snowden, the NSA announced earlier this month it would cut up to 90 percent of its system administrators to reduce the number of people with access to secret information. Snowden leaked documents to the Guardian and the Washington Post, revealing previously secret telephone and internet surveillance programs run by the US government.
According to an authoritative reference document, for GENIE’s next phase the NSA has brought online an automated system, code-named TURBINE, capable of managing “potentially millions of implants” for intelligence gathering “and active attack,” The Washington Post reported.
Given the “vast volumes of data” pulled in by the NSA, storage could be a problem. The NSA has nearly completed a large-scale new data center in Utah, which will manage “storage, analysis, and intelligence production.” This will allow intelligence agencies “to evaluate similarities among intrusions that could indicate the presence of a coordinated cyber-attack, whether from an organized criminal enterprise or a nation-state.”
Friday, 30 August 2013 17:25
Surveillance Spending Vastly More Than Previously Thought
Written by Bob Adelmann
Thanks to the efforts of whistleblower Edward Snowden and the reluctant cooperation of the Washington Post, American citizens are now able to see just what their half-trillion dollars have bought them over the last 10 years: a vastly larger and more expensive and invasive surveillance state than most people even imagined. And the Post warned that the “black budget” provided to them by Snowden is only part of the picture, and that even what was exposed is dated.
For simplicity, the “black budget,” proposed to Congress and dated in February 2012 for the fiscal year 2013, funds the “black operations” of 16 spy agencies, not just the big ones capturing the headlines. The “big five” include the Central Intelligence Agency (CIA), the National Security Agency (NSA), the Defense Intelligence Agency (DIA), the National Geospatial-Intelligence Agency (NGA) and the National Reconnaissance Office (NRO).
The budget, estimated at more than $50 billion a year, fails to include another $23 billion for similar surveillance costs absorbed by the Defense Department, according to the Post. And after reviewing Snowden’s documents with various spy agency advisors, part of Snowden’s leaks were “redacted” or eliminated from publication altogether. So the Post’s revelations provide a brief but limited and dated peek behind the black spy curtain that has shielded their operations for years. And because part of that budget is now funding measures to keep other whistleblowers from parting that curtain in the future, this may be the last time such a limited look will be allowed.
Nevertheless, what is revealed is staggering. The agencies, in aggregate, have four tasks and five missions. They collect data, analyze it, process it, and act on it. The starting point is with the little-known NRO, which designs, builds, and operates the spy satellites that collect satellite intelligence, divides it into bite-size pieces, and sends the signal intelligence (SIGINT) to the NSA, the imagery intelligence (IMINT) to the NSA, and the measurement and signature intelligence (MASINT) to the DIA.
From there, more than 100,000 workers analyze, track, and follow where that intelligence leads, in accordance with their mission: warning U.S. leaders about potential threats, neutralizing those threats, stopping the spread of weaponry in the possession of those threats, hacking into their networks, and eliminating the threats. The Post was more diplomatic about those five missions, but essentially the entire spy structure is designed to be the blunt instrument of foreign policy which implements strategies that ambassadors wearing white tie and tails aren't able to.
The CIA, surprisingly, absorbs nearly $15 billion of the “official” $52.6 billion, an increase of 56 percent just since 2004 and twice what it spent in 2001. That dwarfs the $10.8 billion flowing to the NSA, the $10.3 billion funding the NRO, the $4.9 billion that pays for the NGA, and the $4.4 billion that funds the DIA.
The 178-page report published by the Post was analyzed and produced several notable findings:
The funding for the CIA not only exceeds that of the NSA by a factor of two, it is much larger than most insiders had estimated.
The CIA and the NSA have launched aggressive new attacks into foreign intelligence networks, friends and foes alike, often to sabotage them or limit their capabilities. These include China, Russia, Cuba, North Korea, Iran, Iraq, and Israel.
The agencies, despite their huge budgets, have failed in their mission to know everything about everybody all the time. For instance, the report reveals that Pakistan is especially opaque, calling it an “intractable target” — espionage-ese for impossible to crack — and little is known about North Korea or its leaders’ intentions despite having all manner of high-tech tracking gear virtually surrounding that unhappy communist dictatorship.
The spy conglomerate currently has more than 4,000 internal investigations going on in order to limit another “Snowden event” from happening, calling it instead an “anomalous behavior” by personnel with access to highly classified information.
Steven Aftergood, an expert at the Federation of American Scientists, expressed his delight at the Snowden leak published by thePost, noting its historic importance:
It was a titanic struggle just to get the top-line budget number disclosed, and that has only been done consistently since 2007. But a real grasp of the structure and operations of the intelligence bureaucracy has been totally beyond public reach [until now].
This kind of material, even on a historical basis, has simply not been available.
There was one other question that the report answered, at least in part: Where does all the money go? The Post explained:
The … resources … funded secret prisons, a controversial interrogation program, the deployment of lethal drones and a huge expansion of its counterterrorism center.
The CIA has devoted billions of dollars to recruiting and training a new generation of case officers … $2.3 billion for human intelligence operations and another $2.5 billion to cover the cost of supporting … those missions around the world.
[Part] was earmarked for creating and maintaining “cover” — the false identities employed by operatives overseas.
Part of the money is spent on blackmail and various paramilitary black operations:
A broad line item hints at the dimensions of the [CIA’s] expanded paramilitary role, providing more than $2.6 billion for “covert action programs” that would include drone operations in Pakistan and Yemen, payments to militias in Afghanistan and Africa, and attempts to sabotage Iran’s nuclear program.
Gus Hunt, the CIA’s technical officer, explained that there is, at present, more data coming into the network than can be analyzed, so it is just being stored until technology and manpower can catch up:
The value of any piece of information is only known when you can connect it with something else that arrives at a future point in time. Since you can’t connect dots you don’t have, it drives us into a mode of … we fundamentally try to collect everything and hang onto it forever.
The brief glimpse behind the black spy curtain allowed by Snowden and the Post, while dated and limited, is nevertheless useful to Americans who have had their suspicions about just how invasive and powerful the surveillance state is in America. They have just had their worst suspicions confirmed.
A graduate of Cornell University and a former investment advisor, Bob is a regular contributor to The New American magazine and blogs frequently at www.LightFromTheRight.com, primarily on economics and politics. He can be reached atbadelmann@thenewamerican.com
and....
http://www.theregister.co.uk/2013/08/30/snowden_sysadmin_access_to_nsa_docs/
"The [Defense Department] and especially NSA are known for awesome cyber security, but this seems somewhat misplaced," former US security official Jason Healey told NBC News on Thursday. "They are great at some sophisticated tasks but oddly bad at many of the simplest."
"It's 2013," an insider told NBC, "and the NSA is stuck in 2003 technology."
For example, the NSA policy prevents a typical worker from doing things like copying files to USB thumb drives or other external storage. But Snowden had an easy way around those restrictions, simply by virtue of being classified as a "systems administrator".
With that privilege, Snowden would have been able to move files around at will, sources claim. If higher-ups ever questioned him about it, he could have claimed he was doing so in order to repair a corrupted drive or some other maintenance operation.
Snowden's administrator account also gave him the ability to log into the accounts of other users of the agency's NSAnet computer systems – some of whom had higher security clearance than Snowden himself did.
In essence, Snowden was able to impersonate those NSA employees to gain access to highly sensitive documents, which he was then able to copy to thumb drives. This was so easy to do that one source described him as a "ghost user" of NSAnet, whose activities couldn't easily be traced.
The NSA is reportedly only now piecing together the exact steps Snowden took to infiltrate its systems, including identifying specific users whose accounts he used to access documents. But there's no clear paper trail – investigators are said to be looking for red-flag discrepancies, such as accounts that were accessed while their owners were on vacation.
Once he began collecting documents, Snowden was surely also emboldened by the fact that, as a contractor working for Booz Allen Hamilton in Hawaii, he never once needed to set foot in NSA headquarters. Instead, he could access the files he wanted from a computer terminal some 5,000 miles away.
The NSA reportedly employs around 40,000 people, roughly 1,000 of which are systems administrators. Like Snowden, most of those systems admins are contractors – or they were, at least.
Earlier this month, NSA director General Keith Alexander announced that the agency plans to reduce its total number of sysadmins by 90 per cent, specifically to reduce the number of staffers who have access to secret information.
Such measures come too late to reduce the impact of Snowden's leaks, however. As one former intelligence official described the aftermath of Snowden's disclosures to NBC News, "The damage, on a scale of 1 to 10, is a 12." ®
Recent news items ...... looking at the past week.
http://rt.com/usa/nsa-leak-snowden-live-updates-482/
Saturday, August 31
11:00 GMT: Snowden's lawyer, Anatoly Kucherena, said that former NSA contractor and whistleblower Edward Snowden did not stay at the Russian consulate in Hong Kong prior to his arrival in Moscow, as previously reported by Kommersant newspaper.
"Edward told me that he never visited any diplomatic missions and that all this is inaccurate. He never had any talks with our diplomats while in Hong Kong," Kucherena said.
On Monday, the same paper declared that Snowden had spent his 30th birthday at the consulate, citing a Western source as having provided confirmation.
However, Kucherena did say that "he and his friends stayed at a hotel there... He understood he was being chased, so he moved often." A Russian government source said that Snowden turned up uninvited for two days before leaving for Hong Kong.
"Edward told me that he never visited any diplomatic missions and that all this is inaccurate. He never had any talks with our diplomats while in Hong Kong," Kucherena said.
On Monday, the same paper declared that Snowden had spent his 30th birthday at the consulate, citing a Western source as having provided confirmation.
However, Kucherena did say that "he and his friends stayed at a hotel there... He understood he was being chased, so he moved often." A Russian government source said that Snowden turned up uninvited for two days before leaving for Hong Kong.
05:04 GMT: US intelligence agencies carried out 231 cyber-operations in 2011, The Washington Post reported in detailing a more aggressive, expanding cyber-attack architecture than was previously known. In addition, a $652 million program named GENIE helps the US break into foreign networks to plant sophisticated malware in computers, routers and firewalls in tens of thousands of machines every year. Almost three-quarters of the 231 attacks in 2011 were against top-priority targets including Iran, Russia, China and North Korea, and activities including nuclear proliferation. The disclosure of US cyber-ops, defined by the US “to manipulate, disrupt, deny, degrade, or destroy information resident in computers or computer networks, or the computers and networks themselves,” were provided by NSA whistleblower Edward Snowden.
Friday, August 30
21:00 GMT: Edward Snowden has refused to meet with American diplomats in Russia, his lawyer, Anatoly Kucherena said Friday.
“A few people approached trying to negotiating the meeting, including US diplomats. I related the message to Edward, but he refused to meet with them. His decision, he explained, was based on the campaign launched against him by the US State Department, which shows only a prejudice against him and his human rights stance. I passed this message on to the diplomats,” the lawyer said.
Kucherena, who is in constant contact with the whistleblower, said that his client was undergoing an adaptation period and is learning Russian. He also told the press that he will not violate client-attorney privilege, and would not disclose Snowden’s whereabouts. What Snowden might do next might be decided once his father arrives in Russia, Kucherena said.
“A few people approached trying to negotiating the meeting, including US diplomats. I related the message to Edward, but he refused to meet with them. His decision, he explained, was based on the campaign launched against him by the US State Department, which shows only a prejudice against him and his human rights stance. I passed this message on to the diplomats,” the lawyer said.
Kucherena, who is in constant contact with the whistleblower, said that his client was undergoing an adaptation period and is learning Russian. He also told the press that he will not violate client-attorney privilege, and would not disclose Snowden’s whereabouts. What Snowden might do next might be decided once his father arrives in Russia, Kucherena said.
The lawyer said that Snowden was still in danger. “The level of danger threatening him to this day remains high. While in the transit area, he knew he was being hunted by a huge country that can use any of its methods and tools to catch him,” Kucherena said.
Regarding the revelations of Snowden-leaked wires that appeared recently in Western publications, Kucherena said that the material was handed over to the editors before Snowden left Hong Kong. Therefore, he has not violated his pledge to President Putin not to harm US interests.
Regarding the revelations of Snowden-leaked wires that appeared recently in Western publications, Kucherena said that the material was handed over to the editors before Snowden left Hong Kong. Therefore, he has not violated his pledge to President Putin not to harm US interests.
18:58 GMT: The New York Times was asked by British authorities to destroy classified intelligence files leaked to the media by former national security contractor Edward Snowden.
Wednesday, August 28
19:27 GMT: President Obama has revealed the members of a new review panel that will assess how the US handles issues of technology in the realm of foreign policy and intelligence gathering.
The panel, originally announced on August 9 by Obama to be an independent check on federal government tech initiatives in the wake of the NSA spying revelations, will consist of four former White House and intelligence community staffers -- Michael Morell, Richard Clarke, Cass Sunstein and Peter Swire -- and academic Geoffrey Stone, who has close personal ties to Obama.
Tuesday, August 27
13:17 GMT: Mass tracking and collection of Americans' phone call data violates the US constitution, the American Civil Liberties Union said in a court motion. The National Security Agency’s surveillance program "permits the government to assemble a richly detailed profile of every person living in the United States and to draw a comprehensive map of their associations with one another," the motion says.
ACLU argues that part of the basis for the FISA court's approval of the NSA's mass collection of phone metadata involved Smith vs Maryland 1979 case, surveillance directed at a specific criminal which does not suggest “that the constitution allows the government's mass collection of sensitive information about every single phone call made or received by residents of the United States over a period of seven years."
The motion is part of a lawsuit filed by the ACLU on 11 June 2013, accusing NSA director Keith Alexander, the director of intelligence James Clapper, defence secretary Chuck Hagel, the attorney general Eric Holder and FBI director Robert Mueller of violating the first and fourth amendments.
ACLU argues that part of the basis for the FISA court's approval of the NSA's mass collection of phone metadata involved Smith vs Maryland 1979 case, surveillance directed at a specific criminal which does not suggest “that the constitution allows the government's mass collection of sensitive information about every single phone call made or received by residents of the United States over a period of seven years."
The motion is part of a lawsuit filed by the ACLU on 11 June 2013, accusing NSA director Keith Alexander, the director of intelligence James Clapper, defence secretary Chuck Hagel, the attorney general Eric Holder and FBI director Robert Mueller of violating the first and fourth amendments.
Monday, August 26
18:05 GMT: The United Nations said it plans to contact the US officials regarding the Der Spiegel report that the NSA bugged its New York headquarters. "We're aware of the reports and we intend to be in touch with the relevant authorities on this," UN spokesman Farhan Haq said, adding that “member states are expected to act accordingly to protect the inviolability of diplomatic missions."
11:00 GMT: On of Merkel's key rivals has threatened to scupper EU-US trade talks over the NSA spying program.
Peer Steinbruck, leader of the Social Democrats, says he will delay EU trade negotiations over the NSA bugging of German government offices.
Edward Snowden was forced to stay in Russia after the US threatened Cuba with “adverse consequences” should the NSA whistleblower get on board Aeroflot’s Moscow-Havana flight, Kommersant newspaper has learnt.
Under US pressure the Cuban authorities informed Moscow the Aeroflot plane would not be able to land in Havana, a source told the Russian newspaper.
The paper also pointed out that Russian authorities did not contact Snowden or issue an invitation to take refuge on its territory, however were aware that he would arrive to Moscow en route to Latin America.
Sunday, August 25
The United States was not just busy spying on the European Union, according to documents obtained by Der Spiegel, but had its surveillance apparatus trained on the international body as well. The US National Security Agency (NSA) successfully cracked the encryption code protecting the United Nations’ internal videoconferencing system.
Within three weeks of initially gaining access to the UN system, the NSA had increased the number of such decrypted communications from 12 to 458, the report revealed.
“NSA pickup lines” trended on Twitter worldwide. Posts sarcastically referenced NSA intrusions as they envisaged how the agency might flirt with an unsuspecting user.
No comments:
Post a Comment