Skip to main content

Home/ Indie Nation/ Group items tagged cyber

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
John Lemke

Kurt Eichenwald Claims Snowden Is A Chinese Spy And Leaks Are Just To Protect Their Cyb... - 0 views

www.techdirt.com/...tect-their-cyber-attacks.shtml

2013 chinese attacks cyber indienationnews Snowden Eichenwald

shared by John Lemke on 04 Nov 13 - No Cached
  • And the attempts to tar and feather Ed Snowden continue. The latest is that famed reporter Kurt Eichenwald, who started attacking Ed Snowden months ago, has written up a long speculative article for Newsweek arguing that Ed Snowden has "escalated the cyber war" by giving China the necessary cover it needs to avoid reining in its own cyber attacks
  • That is, if you follow the bizarre logic here, without Snowden, Eichenwald believes that the US would have somehow convinced the Chinese to stop their cyber attack program. And, now because of Snowden, the Chinese can ignore that effort, by pointing out that the US is doing a ton of online hacking too.
  • Again, nearly everything about that statement is ridiculous. He didn't "leave all of the documents in Hong Kong." He provided heavily encrypted versions to a very small number of journalists, and then got rid of the files himself. Eichenwald takes that to mean he "left" them in Hong Kong, based on nothing, and all of this apparently means that Snowden is working for the Chinese (even though he left China pretty quickly).
John Lemke

Destructive cyber attack inevitable: NSA chief - 0 views

www.physorg.com/...yber-inevitable-nsa-chief.html

2011 writeabout writeatlockergnome attack destructive cyber cyberattack malware security NSA USA threat wroteatindienation

shared by John Lemke on 01 Mar 11 - No Cached
  • John Lemke on 01 Mar 11
     
    The US National Security Agency (NSA) chief General Keith Alexander, pictured here in 2010, on Thursday urged top computer security specialists to harden the nation's critical infrastructure against inevitable destructive cyber attacks. LUMPY HAS NOTES BELOW THISQUOTE Ties in with Stuxnet and Anonymous and Antonymous having Stuxnet.  Might make a nice security and malware 30 news shows
John Lemke

Officials see Iran, not outrage over film, behind cyber attacks on US banks - Open Channel - 0 views

openchannel.nbcnews.com/...hind-cyber-attacks-on-us-banks

2012 attacks iran Cyberwarefare hacking banks cyber warfare

shared by John Lemke on 22 Sep 12 - No Cached
  • The attack is described by one source, a former U.S. official familiar with the attacks, as being "significant and ongoing" and looking to cause "functional and significant damage." Also, one source suggested the attacks were in response to U.S. sanctions on Iranian banks.
  • There was no report of an attack on the New York Stock Exchange.
John Lemke

FBI pushes for surveillance backdoors in Web 2.0 tools - 0 views

arstechnica.com/...-backdoors-in-web-20-tools.ars

fbi surveillance cyberattack 2011 writeabout writeatlockergnome privacy spying monitoring

shared by John Lemke on 01 Mar 11 - No Cached
  • John Lemke on 01 Mar 11
     
    The FBI pushed Thursday for more built-in backdoors for online communication, but beat a hasty retreat from its earlier proposal to require providers of encrypted communications services to include a backdoor for law enforcement wiretaps. LUMPY HAS NOTES BELOW ties in with securirty and cyber attack.. use it as excuse
John Lemke

US banks hit by more than a week of cyberattacks (Update) - 0 views

phys.org/...9-banks-week-cyberattacks.html

2012 banks Cyberwarefare cyber warfare cyberattack cyberwar USA Akamai Joe Lieberman

shared by John Lemke on 29 Sep 12 - No Cached
    • John Lemke
      John Lemke on 29 Sep 12
       
      They believe it was not a hacktivist attack because they are usually also associated with a rise in IRC and social network activity, those who would be joining the hacktivist event, and this even had no such spike.
  • Could a state actor be at play? U.S. Senator Joe Lieberman, without offering any proof, said he believed the assaults were carried out by Iran in retaliation for tightened economic sanctions imposed by the United States and its allies.
  • only a handful of groups out there that have the technical ability or incentive
  • ...3 more annotations...
  • at least half a dozen banks—including the Bank of America, JPMorgan Chase, and Citigroup—have witnessed traffic surges and disruptions. Not all have confirmed they were the victims of an online onslaught, but such surges are a hallmark of denial-of-service attacks, which work by drowning target websites with streams of junk data.
  • Such attacks are fairly common and generally don't compromise sensitive data or do any lasting damage. Still, they can be a huge headache for companies that rely on their websites to interact with customers.
  • Most say the recent spate of attacks has been unusually powerful. PNC bank, which was hit on Thursday, has never seen such a strong surge in traffic, spokesman Fred Solomon said in a telephone interview. Smith said he estimated the flow of data at 60 to 65 gigabits per second.
John Lemke

How Covert Agents Infiltrate the Internet to Manipulate, Deceive, and Destroy Reputatio... - 0 views

firstlook.org/...jtrig-manipulation

NSA GCHQ 2014 misinformation psyops surveillance spying espinoge yourrights indienationnews law

shared by John Lemke on 25 Feb 14 - No Cached
  • “The Art of Deception: Training for Online Covert Operations.”
  • Among the core self-identified purposes of JTRIG are two tactics: (1) to inject all sorts of false material onto the internet in order to destroy the reputation of its targets; and (2) to use social sciences and other techniques to manipulate online discourse and activism to generate outcomes it considers desirable. To see how extremist these programs are, just consider the tactics they boast of using to achieve those ends: “false flag operations” (posting material to the internet and falsely attributing it to someone else), fake victim blog posts (pretending to be a victim of the individual whose reputation they want to destroy), and posting “negative information” on various forums. 
  • Critically, the “targets” for this deceit and reputation-destruction extend far beyond the customary roster of normal spycraft: hostile nations and their leaders, military agencies, and intelligence services. In fact, the discussion of many of these techniques occurs in the context of using them in lieu of “traditional law enforcement” against people suspected (but not charged or convicted) of ordinary crimes or, more broadly still, “hacktivism”, meaning those who use online protest activity for political ends. The title page of one of these documents reflects the agency’s own awareness that it is “pushing the boundaries” by using “cyber offensive” techniques against people who have nothing to do with terrorism or national security threats, and indeed, centrally involves law enforcement agents who investigate ordinary crimes:
    • John Lemke
      John Lemke on 25 Feb 14
       
      Wow, how is not changing pictures and creating false victims not identity theft and conspiracy?  
  • ...4 more annotations...
  • it is not difficult to see how dangerous it is to have secret government agencies being able to target any individuals they want – who have never been charged with, let alone convicted of, any crimes – with these sorts of online, deception-based tactics of reputation destruction and disruption.
    • John Lemke
      John Lemke on 25 Feb 14
       
      Not only are you now guilty until proven innocent but, if you are guilty enough, we shall create a situation so that you are.
  • Government plans to monitor and influence internet communications, and covertly infiltrate online communities in order to sow dissension and disseminate false information, have long been the source of speculation. Harvard Law Professor Cass Sunstein, a close Obama adviser and the White House’s former head of the Office of Information and Regulatory Affairs, wrote a controversial paper in 2008 proposing that the US government employ teams of covert agents and pseudo-”independent” advocates to “cognitively infiltrate” online groups and websites, as well as other activist groups. Sunstein also proposed sending covert agents into “chat rooms, online social networks, or even real-space groups” which spread what he views as false and damaging “conspiracy theories” about the government. Ironically, the very same Sunstein was recently named by Obama to serve as a member of the NSA review panel created by the White House, one that – while disputing key NSA claims – proceeded to propose many cosmetic reforms to the agency’s powers (most of which were ignored by the President who appointed them).
    • John Lemke
      John Lemke on 25 Feb 14
       
      So one of the guys who advocates this and approves of it, gets to be on the NSA review committee?  Isn't that like Ted Kennedy on the Ethics Review Committee or the Warren Commission?
  • Whatever else is true, no government should be able to engage in these tactics: what justification is there for having government agencies target people – who have been charged with no crime – for reputation-destruction, infiltrate online political communities, and develop techniques for manipulating online discourse? But to allow those actions with no public knowledge or accountability is particularly unjustifiable.
John Lemke

Uroburos Rootkit: Most sophisticated 3-year-old Russian Cyber Espionage Campaign - The ... - 0 views

thehackernews.com/...tkit-most-sophisticated-3.html

rootkit russian espionage 2014 indienationnews hacker technology tech security malware

shared by John Lemke on 05 Mar 14 - No Cached
  • The researchers claimed that the malware may have been active for as long as three years before being discovered and appears to have been created by Russian developers.
  • The two main components of Uroburos are - a driver and an encrypted virtual file system, used to disguise its nasty activities and to try to avoid detection. Its driver part is extremely complex and is designed to be very discrete and very difficult to identify.
  • The virtual file system can’t be decrypted without the presence of drivers, according to the Gdata’s analysis explained in the PDF.
  • ...2 more annotations...
  • we assume that the group behind Uroburos is the same group that performed a cyberattack against the United States of America in 2008 with a malware called Agent.BTZ
  • The attacks carried out with Uroburos are targeting government institutions, research institutions, intelligence agencies, nation states, research institutions or companies dealing with sensitive information as well as similar high-profile targets. The oldest drivers identified by the researchers was compiled in 2011 is the evidence that the malware was created around three years ago and was undetected.
John Lemke

The NSA Uses Powerful Toolbox in Effort to Spy on Global Networks - SPIEGEL ONLINE - 0 views

www.spiegel.de/...-global-networks-a-940969.html

2013 nsa spy yourrights surveillance spying IN-Pub

shared by John Lemke on 30 Dec 13 - No Cached
  • According to internal NSA documents viewed by SPIEGEL, these on-call digital plumbers are involved in many sensitive operations conducted by American intelligence agencies. TAO's area of operations ranges from counterterrorism to cyber attacks to traditional espionage. The documents reveal just how diversified the tools at TAO's disposal have become -- and also how it exploits the technical weaknesses of the IT industry, from Microsoft to Cisco and Huawei, to carry out its discreet and efficient attacks. The unit is "akin to the wunderkind of the US intelligence community," says Matthew Aid, a historian who specializes in the history of the NSA. "Getting the ungettable" is the NSA's own description of its duties. "It is not about the quantity produced but the quality of intelligence that is important," one former TAO chief wrote, describing her work in a document. The paper seen by SPIEGEL quotes the former unit head stating that TAO has contributed "some of the most significant intelligence our country has ever seen." The unit, it goes on, has "access to our very hardest targets."
  • John Lemke on 30 Dec 13
     
    Page One of a good three page read on just how extensive the government's illegal spying operations actually are... the worst part is it is just how extensive the portions of it we know about are!
John Lemke

Leaked Snowden documents detail NSA's plans for 'millions' of malware attacks | The Verge - 0 views

www.theverge.com/...or-millions-of-malware-attacks

2014 leaked documents nsa malware attacks security privacy yourroights surveillance spying indienationnews law legal

shared by John Lemke on 12 Mar 14 - No Cached
  • A program known as TURBINE, first revealed last year, is meant to dramatically speed the process: one document says it will "allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually."
  • The scaling process, according to Greenwald, started in 2004, when the NSA operated only 100 to 150 software implants. The number of implants used in the years between 2010 to 2012, by contrast, is described as numbering in the tens of thousands.
John Lemke

New Zealand Launched Mass Surveillance Project While Publicly Denying It - The Intercept - 0 views

firstlook.org/...csb-speargun-mass-surveillance

2014 indienationnews law legal tech technology spying surveillance

shared by John Lemke on 15 Sep 14 - No Cached
  • Documents provided by NSA whistleblower Edward Snowden show that the government worked in secret to exploit a new internet surveillance law enacted in the wake of revelations of illegal domestic spying to initiate a new metadata collection program that appeared designed to collect information about the communications of New Zealanders.
  • Those actions are in direct conflict with the assurances given to the public by Prime Minister John Key (pictured above), who said the law was merely designed to fix “an ambiguous legal framework” by expressly allowing the agency to do what it had done for years, that it “isn’t and will never be wholesale spying on New Zealanders,” and the law “isn’t a revolution in the way New Zealand conducts its intelligence operations.”
  • Snowden explained that “at the NSA, I routinely came across the communications of New Zealanders in my work with a mass surveillance tool we share with GCSB, called ‘X KEYSCORE.”" He further detailed that “the GCSB provides mass surveillance data into XKEYSCORE. They also provide access to the communications of millions of New Zealanders to the NSA at facilities such as the GCSB facility in Waihopai, and the Prime Minister is personally aware of this fact.”
  • ...4 more annotations...
  • Top secret documents provided by the whistleblower demonstrate that the GCSB, with ongoing NSA cooperation, implemented Phase I of the mass surveillance program code-named “Speargun” at some point in 2012
  • Over the weekend, in anticipation of this report, Key admitted for the first time that the GCSB did plan a program of mass surveillance aimed at his own citizens, but claimed that he ultimately rejected the program before implementation. Yesterday, after The Intercept sought comment from the NSA, the Prime Minister told reporters in Auckland that this reporting was referring merely to “a proposed widespread cyber protection programme that never got off the ground.” He vowed to declassify documents confirming his decision.
  • That legislation arose after it was revealed in 2012 that the GCSB illegally surveilled the communications of Megaupload founder Kim Dotcom, a legal resident of New Zealand. New Zealand law at the time forbade the GCSB from using its surveillance apparatus against citizens or legal residents. That illegal GCSB surveillance of Dotcom was followed by a massive military-style police raid by New Zealand authorities on his home in connection with Dotcom’s criminal prosecution in the United States for copyright violations. A subsequent government investigation found that the GCSB not only illegally spied on Dotcom but also dozens of other citizens and legal residents. The deputy director of GCSB resigned. The government’s response to these revelations was to refuse to prosecute those who ordered the illegal spying and, instead, to propose a new law that would allow domestic electronic surveillance.
    • John Lemke
      John Lemke on 15 Sep 14
       
      The Dotcom raid was ruled illegal.  Yet the Dotcom spying was exactly the type of activity of this plan.
  • n high-level discussions between the Key government and the NSA, the new law was clearly viewed as the crucial means to empower the GCSB to engage in metadata surveillance. On more than one occasion, the NSA noted internally that Project Speargun, in the process of being implemented, could not and would not be completed until the new law was enacted.
John Lemke

Stepson of Stuxnet stalked Kaspersky for months, tapped Iran nuke talks | Ars Technica - 0 views

arstechnica.com/...-months-tapped-iran-nuke-talks

2015 kaspersky iran ars stuxnet malware cyber warfare espionage blackhat attack virus zero-day

shared by John Lemke on 10 Jun 15 - No Cached
  • Since some time in the second half of 2014, a different state-sponsored group had been casing their corporate network using malware derived from Stuxnet, the highly sophisticated computer worm reportedly created by the US and Israel to sabotage Iran’s nuclear program.
  • the malware was more advanced than the malicious programs developed by the NSA-tied Equation Group that Kaspersky just exposed. More intriguing still, Kaspersky antivirus products showed the same malware has infected one or more venues that hosted recent diplomatic negotiations the US and five other countries have convened with Iran over its nuclear program.
  • We see this battle or arms race emerging and now it involves some kind of confrontation between the security industry and nation-state sponsored spies
  • ...3 more annotations...
  • Kaspersky officials first became suspicious their network might be infected in the weeks following February's Security Analyst Summit, where company researchers exposed a state-sponsored hacking operation that had ties to some of the developers of Stuxnet. Kaspersky dubbed the highly sophisticated group behind the 14-year campaign Equation Group. Now back in Moscow, a company engineer was testing a software prototype for detecting so-called advanced persistent threats (APTs), the type of well-organized and highly sophisticated attack campaigns launched by well-funded hacking groups. Strangely enough, the developer's computer itself was having unusual interactions with the Kaspersky network. The new APT technology under development, it seemed, was one of several things of interest to the Duqu attackers penetrating the Kaspersky fortress. "For the developer it was important to find out why" his PC was acting oddly, Kamluk said. "Of course, he did not consider that machine could be infected by real malware. We eventually found an alien module that should not be there that tried to mask behind legitimate looking modules from Microsoft. That was the point of discovery."
  • What they found was a vastly overhauled malware operation that made huge leaps in stealth, operational security, and software design. The Duqu actors also grew much more ambitious, infecting an estimated 100 or so targets, about twice as many as were hit by the 2011 version.
  • So the Duqu 2.0 attackers pulled an audacious feat that Kaspersky researchers had never seen before. Virtually all of the malware resided solely in the memory of the compromised computers or servers. When one of them was restarted, the infection would be purged, but as the rebooted machine reconnected to the network, it would be infected all over again by another compromised computer in the corporate network. The secret lynchpin making this untraceable reinfection scheme possible was the Windows vulnerability Microsoft patched only Tuesday, which has been designated
1 - 13 of 13
Showing 20 items per page