Group items tagged

Filter: All | Bookmarks | Topics Simple Middle

Snowden document shows Canada set up spy posts for NSA - Politics - CBC News - 0 views

www.cbc.ca/...up-spy-posts-for-nsa-1.2456886

surveillance state Canada CSEC NSA Privacy-Act

shared by Paul Merrell on 11 Dec 13 - No Cached

A top secret document retrieved by American whistleblower Edward Snowden reveals Canada has set up covert spying posts around the world and conducted espionage against trading partners at the request of the U.S. National Security Agency. The leaked NSA document being reported exclusively by CBC News reveals Canada is involved with the huge American intelligence agency in clandestine surveillance activities in “approximately 20 high-priority countries."
...

Cancel
Sections of the document with the highest classification make it clear in some instances why American spymasters are particularly keen about enlisting their Canadian counterparts, the Communications Security Establishment Canada. "CSEC shares with the NSA their unique geographic access to areas unavailable to the U.S," the document says. The briefing paper describes a "close co-operative relationship" between the NSA and its Canadian counterpart, the Communications Security Establishment Canada, or CSEC — a relationship "both sides would like to see expanded and strengthened. "The intelligence exchange with CSEC covers worldwide national and transnational targets."
...

Cancel
The briefing notes make it clear that Canada plays a very robust role in intelligence-gathering around the world in a way that has won respect from its American equivalents.
...

Cancel
...5 more annotations...
The intimate Canada-U.S. electronic intelligence relationship dates back more than 60 years. Most recently, another Snowden document reported by CBC News showed the two agencies co-operated to allow the NSA to spy on the G20 summit of international leaders in Toronto in 2010. But what the latest secret document reveals for the first time is just how expansive Canada's international espionage activities have become.
...

Cancel
The NSA document depicts CSEC as a sophisticated, capable and highly respected intelligence partner involved in all manner of joint spying missions, including setting up listening posts at the request of the Americans. "CSEC offers resources for advanced collection, processing and analysis, and has opened covert sites at the request of NSA," the document states.
...

Cancel
Aside from compromising the actual intelligence operation, Wark says, an exposed spy mission can imperil Canada's other diplomatic operations — "the political contacts, the trade contacts, the generation of goodwill between the countries and any sense of co-operation." Wark says if a country feels targeted by a Canadian embassy, it can put everyone working there under a cloud of suspicion: “Are they really diplomats or are they spies?” As a result of those risks, Wark says, approval for CSEC to establish a covert spying post at the request of the NSA would have to come from the ministerial level of the Canadian government — or even from the prime minister himself.
...

Cancel
Canada and the U.S. have long shared security intelligence with sister agencies in the U.K., Australia and New Zealand – the so-called "Five Eyes" partnership. But the latest secret Snowden missive shows CSEC and the NSA becoming physically intertwined. "Co-operative efforts include the exchange of liaison officers and integrees," the document reveals, a reference to CSEC operatives working inside the NSA, and vice-versa. It notes the NSA also supplies much of the computer hardware and software CSEC uses for encryption, decoding and other state-of-the-art essentials of electronic spying needed for "collection, processing and analytic efforts."
...

Cancel
CSEC employs about 2,000 people, has an annual budget of roughly $450 million and will soon move into an architecturally spectacular new Ottawa headquarters costing Canadian taxpayers almost $1.2 billion. By comparison, the NSA employs an estimated 40,000 people plus thousands of private contractors, and spends over $40 billion a year NSA whistleblower Drake says the problem is that both CSEC and the NSA lack proper oversight, and without it, they have morphed into runaway surveillance. "There is a clear and compelling danger to democracy in Canada by virtue of how far these secret surveillance operations have gone."
...

Cancel

Paul Merrell on 11 Dec 13

"'Co-operative efforts include the exchange of liaison officers and integrees,'the document reveals, a reference to CSEC operatives working inside the NSA, and vice-versa." And that fact raises potential U.S. Privacy Act issues. Under the Privacy Act, all U.S. agencies are prohibited from sharing information containing personal identifiers of U.S. citizens with any foreign government and requires that agencies make full disclosure to all persons whose rights are thus violated. The Act also creates a cause of action for redress by the federal courts, with a minimum $1,500 damages plus attorney's fees and litigation expenses. Note that the other NSA documents show that NSA is sharing U.S. citizens' information that includes personal identifiers with Israeli intelligence. The NSA has been by another statute excused from compliance with some portions of the Privacy Act but not those discussed above.

<div class="cArrow"> </div><div class="cContentInner">"'Co-operative efforts include the exchange of liaison officers and integrees,'the document reveals, a reference to CSEC operatives working inside the NSA, and vice-versa." And that fact raises potential U.S. Privacy Act issues. Under the Privacy Act, all U.S. agencies are prohibited from sharing information containing personal identifiers of U.S. citizens with any foreign government and requires that agencies make full disclosure to all persons whose rights are thus violated. The Act also creates a cause of action for redress by the federal courts, with a minimum $1,500 damages plus attorney's fees and litigation expenses. Note that the other NSA documents show that NSA is sharing U.S. citizens' information that includes personal identifiers with Israeli intelligence. The NSA has been by another statute excused from compliance with some portions of the Privacy Act but not those discussed above.</div>

...

Cancel

Attention fliers: Canada's electronic spy agency is following you - new Snowden leaks -... - 0 views

rt.com/...snowden-spying-nsa-airport-442

surveillance state CSEC NSA NSA-targets wifi

shared by Paul Merrell on 15 Feb 14 - No Cached

Documents released by US whistleblower Edward Snowden show the Communications Security Establishment Canada (CSEC) used airport Wi-Fi to track passengers from around the world. Travelers passing through a major Canadian airport were potentially caught up in a vast electronic surveillance net, which allowed the nation’s electronic spy agency to track the wireless devices of thousands of airline passengers - even for days after they had departed the terminal, a document obtained by CBC News revealed. The document shows the spy agency was then able to track travelers for a week or more as the unwitting passengers, together with their wireless devices, visited other Wi-Fi "hot spots" in locations across Canada, and across the border at American airports.
...

Cancel
After reviewing details of the leaked information, one of Canada's leading authorities on internet security says the secret operation was almost certainly illegal. "I can't see any circumstance in which this would not be unlawful, under current Canadian law, under our Charter, under CSEC's mandates," Professor Ronald Deibert, an internet security expert at the University of Toronto, told CBC News. It remains unclear from the leaked data how CSEC was able to infiltrate so many wireless devices to see who was using them, both on Canadian territory and beyond.
...

Cancel
The CSEC is specifically tasked with gathering foreign intelligence by intercepting overseas phone and internet traffic, and is forbidden by law from collecting information on Canadians - or foreigners in Canada - without a court warrant. As CSEC Chief John Forster recently stated: "I can tell you that we do not target Canadians at home or abroad in our foreign intelligence activities, nor do we target anyone in Canada. "In fact, it's prohibited by law. Protecting the privacy of Canadians is our most important principle." However analysts who were privy to the document say that airline passengers in a Canadian airport were clearly on the territory of Canada. CSEC spokesperson Lauri Sullivan told the Star, an online Canadian news outlet, that the “classified document in question is a technical presentation between specialists exploring mathematical models built on everyday scenarios to identify and locate foreign terrorist threats.”
...

Cancel
...2 more annotations...
Early assessment of the leaked information indicates the passenger tracking operation was a trial run of a powerful new software program CSEC was developing with help from its American partner, the National Security Agency. The technology was to be shared with the so-called 'Five Eyes' surveillance bloc composed of Canada, the United States, Britain, New Zealand and Australia. In the document, CSEC described the new spy technology as "game-changing," saying it could be used for powerful surveillance on "any target that makes occasional forays into other cities/regions." Sources told CBC News the “technologies tested on Canadians in 2012 have since become fully operational.”
...

Cancel
Ontario's privacy commissioner Ann Cavoukian admitted she is "blown away" by news of the secret operation. "It is really unbelievable that CSEC would engage in that kind of surveillance of Canadians," Cavoukian told the Canadian news agency. "This resembles the activities of a totalitarian state, not a free and open society."
...

Cancel

CSIS asked foreign agencies to spy on Canadians, kept court in dark, judge says - 0 views

www.ottawacitizen.com/...story.html

surveillance state Canada CSIS courts blowback

shared by Paul Merrell on 27 Dec 13 - No Cached

OTTAWA — Canada’s foremost jurist on national security law has slammed CSIS for deliberately keeping the Federal Court of Canada “in the dark” about outsourcing its spying on Canadians abroad to foreign agencies, according to a redacted version of a classified court decision made public Friday.In a thundering rebuke, Federal Court Judge Richard Mosley said the Canadian Security Intelligence Service (CSIS) purposely misled him when he granted it numerous warrants beginning in 2009 to intercept the electronic communications of unidentified Canadians abroad suspected as domestic security threats.“This was a breach of the duty of candour owed by the service and their legal advisers to the court,” Mosley said in his Further Reasons for Order.CSIS also mistakenly assigned powers to the warrants that the court never authorized and which do not exist in law, he said.“It is clear that the exercise of the court’s warrant issuing authority has been used as protective cover for activities that it has not authorized,” Mosley wrote.Furthermore, tasking foreign security intelligence services to spy on Canadians overseas “carries the risk of the detention of or other harm to a Canadian person based on that information.“Given the unfortunate history of information sharing with foreign agencies over the past decade and the reviews conducted by several royal commissions, there can be no question that the Canadian agencies are aware of those hazards. It appears to me that they are using the warrants as authorization to assume those risks.”
...

Cancel
Legal observers say this case and Mosley’s scolding will harm CSIS’s credibility and raise questions about whether the service has broken Criminal Code provisions dealing with the invasion of privacy.“When a judge says the government breached its duty of candour that is a very big ‘ouch’ moment,” Craig Forcese, a national security law scholar at the University of Ottawa, wrote in a recent blog posting.At the time the first warrants were issued, CSIS told the court “on clearly stated grounds” that the electronic intercepts would be carried out from within Canada by the Communications Security Establishment Canada (CSEC), the country’s foreign signals intelligence spy service.CSIS is largely restricted to domestic spying operations. If an investigation involves the use of intrusive techniques, such as electronic intercepts, Section 21 of the CSIS Act requires it to obtain a warrant approved by a Federal Court judge to guard the Charter right to a reasonable expectation of privacy.CSEC, meanwhile, is not allowed to spy on Canadians anywhere unless it is to provide technical and operational assistance to federal law enforcement and security agencies such as CSIS.And the federal court only has jurisdiction to authorize warrants under the CSIS Act as long as the communications in question are intercepted within Canada.
...

Cancel
Yet once the so-called 30-08 warrants were approved by the court, CSEC, on behalf of CSIS, turned around and handed the jobs to one or more of its partners in the “Five Eyes” intelligence-gathering alliance between Canada, the United States, Great Britain, Australia and New Zealand.Mosley found out about the situation late this summer and summoned CSIS, CSEC and government officials and lawyers to court to explain themselves. The public version of his reasons for order was released Friday.
...

Cancel
...2 more annotations...
Some excerpts:• “I am satisfied that a decision was made by CSIS officials in consultation with their legal advisers to strategically omit information in applications for 30-08 warrants about their intention to seek the assistance of the foreign partners. As a result, the court was led to believe that all of the interception activity would take place in or under the control of Canada.”• “The principle of comity between nations that implies the acceptance of foreign laws and procedures when Canadian officials are operating abroad ends where clear violations of international law and human rights begin. In tasking the other members of the Five Eyes to intercept the communications of the Canadian targets, CSIS and CSEC officials knew ... this would involve the breach of international law by the requested second parties.”• “There is nothing in any of the material that I have read ... that persuades me that it was the intent of Parliament to give the service authority to engage the collection resources of the second party allies to intercept the private communications of Canadians.”• “It must be made clear, in any grant of a 30-08 warrant, that the warrant does not authorize the interception of the communications of a Canadian person by any foreign service on behalf of the service either directly or through the assistance of CSEC.”• “There must be no further suggestion in any reference to the use of second party assets by CSIS and CSEC, or their legal advisers, that it is being done under the authority of a (section) 21 warrant issued by this court.”
...

Cancel
Forcese, meanwhile, raises some intriguing questions:• If Five Eyes assistance was not authorized, and CSEC and CSIS nevertheless sought it, are they still protected from Criminal Code, Part VI (invasion of privacy) culpability? Culpability, he writes, is only avoided where the intercept is lawfully authorized. If the parameters of the warrant were disregarded, does that vitiate the lawful access?• If CSEC and CSIS called on Five Eyes agencies to intercept communications, was the intercept still territorial, thus satisfying the international law concerns raised in the two warrant applications?“Outsourcing an international violation does not diminish state responsibility for that international violation. In a different context, that would be like asking bounty hunters to do your kidnapping of fugitives on the territory of a foreign state. Still a violation of international law.”CSIS has a choice, Forcese concludes: “Conduct extraterritorial spying without recourse to the courts, at risk of ultimately being called to account under domestic law, or honour the federal court’s construal of international law — and CSIS’s jurisdiction — and pull in its truly international surveillance operations, potentially blinding the country’s chief security intelligence agency.
...

Cancel

Paul Merrell on 27 Dec 13

Canadian Security Intelligence Service is in politically explosive deep doo-doo.

<div class="cArrow"> </div><div class="cContentInner">Canadian Security Intelligence Service is in politically explosive deep doo-doo. </div>

...

Cancel

New Snowden docs show U.S. spied during G20 in Toronto - Politics - CBC News - 0 views

www.cbc.ca/...uring-g20-in-toronto-1.2442448

surveillance state NSA Canada CSEC G8 G20

shared by Paul Merrell on 29 Nov 13 - No Cached

Top secret documents retrieved by U.S. whistleblower Edward Snowden show that Prime Minister Stephen Harper's government allowed the largest American spy agency to conduct widespread surveillance in Canada during the 2010 G8 and G20 summits.
...

Cancel
The briefing notes, stamped "Top Secret," show the U.S. turned its Ottawa embassy into a security command post during a six-day spying operation by the National Security Agency while U.S. President Barack Obama and 25 other foreign heads of government were on Canadian soil in June of 2010. The covert U.S. operation was no secret to Canadian authorities.
...

Cancel
Notably, the secret NSA briefing document describes part of the U.S. eavesdropping agency's mandate at the Toronto summit as "providing support to policymakers." Documents previously released by Snowden, a former NSA contractor who has sought and received asylum in Russia, suggested that support at other international gatherings included spying on the foreign delegations to get an unfair advantage in any negotiations or policy debates at the summit. It was those documents that first exposed the spying on world leaders at the London summit. More recently, Snowden's trove of classified information revealed Canada's eavesdropping agency had hacked into phones and computers in the Brazilian government's department of mines, a story that touched off a political firestorm both in that country and in Ottawa.
...

Cancel
...5 more annotations...
The secret documents do not reveal the precise targets of so much espionage by the NSA — and possibly its Canadian partner — during the Toronto summit. But both the U.S. and Canadian intelligence agencies have been implicated with their British counterpart in hacking the phone calls and emails of foreign politicians and diplomats attending the G20 summit in London in 2009 — a scant few months before the Toronto gathering of the same world leaders.
...

Cancel
The spying at the Toronto summit in 2010 fits a pattern of economic and political espionage by the powerful U.S. intelligence agency and its partners such as Canada. That espionage was conducted to secure meeting sites and protect leaders against terrorist threats posed by al-Qaeda but also to forward the policy goals of the United States and Canada. The G20 summit in Toronto had a lot on its agenda that would have been of acute interest to the NSA and Canada.
...

Cancel
The world was still struggling to climb out of the great recession of 2008. Leaders were debating a wide array of possible measures including a global tax on banks, an idea strongly opposed by both the U.S. and Canadian governments. That notion was eventually scotched. The secret NSA documents list all the main agenda items for the G20 in Toronto — international development, banking reform, countering trade protectionism, and so on — with the U.S. snooping agency promising to support "U.S. policy goals." Whatever the intelligence goals of the NSA during the Toronto summit, international security experts question whether the NSA spying operation at the G20 in Toronto was even legal.
...

Cancel
"If CSEC tasked NSA to conduct spying activities on Canadians within Canada that CSEC itself was not authorized to take, then I am comfortable saying that would be an unlawful undertaking by CSEC," says Craig Forcese, an expert in national security at University of Ottawa's faculty of law. By law, CSEC cannot target anyone in Canada without a warrant, including world leaders and foreign diplomats at a G20 summit. But, the Canadian eavesdropping agency is also prohibited by international agreement from getting the NSA to do the spying or anything that would be illegal for CSEC.
...

Cancel
The NSA warns the more likely security threat would come from "issue-based extremists" conducting acts of vandalism. They got that right. Protest marches by about 10,000 turned the Toronto G20 into an historic melee of arrests by more than 20,000 police in what would become one of the largest and most expensive security operations in Canadian history. By the time the tear gas had cleared and the investigations were complete, law enforcement agencies stood accused of mass-violations of civil rights. Add to that dubious legacy illegal spying by an American intelligence agency with the blessing of the Canadian government.
...

Cancel

Civil liberties group sues Canada over spying - The China Post - 0 views

www.chinapost.com.tw/...Civil-liberties.htm

surveillance state CSEC location-data

shared by Paul Merrell on 25 Oct 13 - No Cached

A Canadian civil liberties group on Tuesday sued the government's electronic eavesdropping agency, claiming that its “broad and unchecked” surveillance is unconstitutional and an illegal invasion of privacy. The British Columbia Civil Liberties Association (BCCLA) alleges that the Communications Security Establishment Canada's (CSEC) interception of Canadians' private communications and sweeping collection of metadata are unconstitutional. These activities, it said in a statement, amount to unreasonable search and seizure, and infringe on free expression — as people who feel they are being watched may not speak freely. Furthermore, in its lawsuit filed in the British Columbia Supreme Court the group demands that the agency obtain warrants from a judge for individual operations, rather than simply a nod from the minister of defense.
...

Cancel
The BCCLA said metadata collected by the CSEC is automatically produced each time a Canadian uses a mobile phone or accesses the Internet. It includes the exact geographic location of the mobile phone user, records of phone calls and Internet browsing, and according to the BCCLA, can reveal “the most intimate details of Canadians' personal lives, including relationships, and political and personal beliefs.”
...

Cancel

Paul Merrell on 25 Oct 13

Note that the metadata gathered from mobile device communications allegedly includes location data for each call. I don't recall a disclosure that the NSA gets location data but if the Canooks are getting it, you can safely bet that NSA does too.

<div class="cArrow"> </div><div class="cContentInner">Note that the metadata gathered from mobile device communications allegedly includes location data for each call. I don't recall a disclosure that the NSA gets location data but if the Canooks are getting it, you can safely bet that NSA does too.</div>

...

Cancel

Canadian Spies Collect Domestic Emails in Secret Security Sweep - The Intercept - 0 views

firstlook.org/...ony-express-email-surveillance

surveillance state Canada CSE bulk-collection email

shared by Paul Merrell on 27 Feb 15 - No Cached

Canada’s electronic surveillance agency is covertly monitoring vast amounts of Canadians’ emails as part of a sweeping domestic cybersecurity operation, according to top-secret documents. The surveillance initiative, revealed Wednesday by CBC News in collaboration with The Intercept, is sifting through millions of emails sent to Canadian government agencies and departments, archiving details about them on a database for months or even years. The data mining operation is carried out by the Communications Security Establishment, or CSE, Canada’s equivalent of the National Security Agency. Its existence is disclosed in documents obtained by The Intercept from NSA whistleblower Edward Snowden. The emails are vacuumed up by the Canadian agency as part of its mandate to defend against hacking attacks and malware targeting government computers. It relies on a system codenamed PONY EXPRESS to analyze the messages in a bid to detect potential cyber threats.
...

Cancel
Last year, CSE acknowledged it collected some private communications as part of cybersecurity efforts. But it refused to divulge the number of communications being stored or to explain for how long any intercepted messages would be retained. Now, the Snowden documents shine a light for the first time on the huge scope of the operation — exposing the controversial details the government withheld from the public. Under Canada’s criminal code, CSE is not allowed to eavesdrop on Canadians’ communications. But the agency can be granted special ministerial exemptions if its efforts are linked to protecting government infrastructure — a loophole that the Snowden documents show is being used to monitor the emails. The latest revelations will trigger concerns about how Canadians’ private correspondence with government employees are being archived by the spy agency and potentially shared with police or allied surveillance agencies overseas, such as the NSA. Members of the public routinely communicate with government employees when, for instance, filing tax returns, writing a letter to a member of parliament, applying for employment insurance benefits or submitting a passport application.
...

Cancel
Chris Parsons, an internet security expert with the Toronto-based internet think tank Citizen Lab, told CBC News that “you should be able to communicate with your government without the fear that what you say … could come back to haunt you in unexpected ways.” Parsons said that there are legitimate cybersecurity purposes for the agency to keep tabs on communications with the government, but he added: “When we collect huge volumes, it’s not just used to track bad guys. It goes into data stores for years or months at a time and then it can be used at any point in the future.” In a top-secret CSE document on the security operation, dated from 2010, the agency says it “processes 400,000 emails per day” and admits that it is suffering from “information overload” because it is scooping up “too much data.” The document outlines how CSE built a system to handle a massive 400 terabytes of data from Internet networks each month — including Canadians’ emails — as part of the cyber operation. (A single terabyte of data can hold about a billion pages of text, or about 250,000 average-sized mp3 files.)
...

Cancel
...1 more annotation...
The agency notes in the document that it is storing large amounts of “passively tapped network traffic” for “days to months,” encompassing the contents of emails, attachments and other online activity. It adds that it stores some kinds of metadata — data showing who has contacted whom and when, but not the content of the message — for “months to years.” The document says that CSE has “excellent access to full take data” as part of its cyber operations and is receiving policy support on “use of intercepted private communications.” The term “full take” is surveillance-agency jargon that refers to the bulk collection of both content and metadata from Internet traffic. Another top-secret document on the surveillance dated from 2010 suggests the agency may be obtaining at least some of the data by covertly mining it directly from Canadian Internet cables. CSE notes in the document that it is “processing emails off the wire.”
...

Cancel

Paul Merrell on 27 Feb 15

" CANADIAN SPIES COLLECT DOMESTIC EMAILS IN SECRET SECURITY SWEEP BY RYAN GALLAGHER AND GLENN GREENWALD @rj_gallagher@ggreenwald YESTERDAY AT 2:02 AM SHARE TWITTER FACEBOOK GOOGLE EMAIL PRINT POPULAR EXCLUSIVE: TSA ISSUES SECRET WARNING ON 'CATASTROPHIC' THREAT TO AVIATION CHICAGO'S "BLACK SITE" DETAINEES SPEAK OUT WHY DOES THE FBI HAVE TO MANUFACTURE ITS OWN PLOTS IF TERRORISM AND ISIS ARE SUCH GRAVE THREATS? NET NEUTRALITY IS HERE - THANKS TO AN UNPRECEDENTED GUERRILLA ACTIVISM CAMPAIGN HOW SPIES STOLE THE KEYS TO THE ENCRYPTION CASTLE Canada's electronic surveillance agency is covertly monitoring vast amounts of Canadians' emails as part of a sweeping domestic cybersecurity operation, according to top-secret documents. The surveillance initiative, revealed Wednesday by CBC News in collaboration with The Intercept, is sifting through millions of emails sent to Canadian government agencies and departments, archiving details about them on a database for months or even years. The data mining operation is carried out by the Communications Security Establishment, or CSE, Canada's equivalent of the National Security Agency. Its existence is disclosed in documents obtained by The Intercept from NSA whistleblower Edward Snowden. The emails are vacuumed up by the Canadian agency as part of its mandate to defend against hacking attacks and malware targeting government computers. It relies on a system codenamed PONY EXPRESS to analyze the messages in a bid to detect potential cyber threats. Last year, CSE acknowledged it collected some private communications as part of cybersecurity efforts. But it refused to divulge the number of communications being stored or to explain for how long any intercepted messages would be retained. Now, the Snowden documents shine a light for the first time on the huge scope of the operation - exposing the controversial details the government withheld from the public. Under Canada's criminal code, CSE is no

<div class="cArrow"> </div><div class="cContentInner">" CANADIAN SPIES COLLECT DOMESTIC EMAILS IN SECRET SECURITY SWEEP BY RYAN GALLAGHER AND GLENN GREENWALD @rj_gallagher@ggreenwald YESTERDAY AT 2:02 AM SHARE TWITTER FACEBOOK GOOGLE EMAIL PRINT POPULAR EXCLUSIVE: TSA ISSUES SECRET WARNING ON 'CATASTROPHIC' THREAT TO AVIATION CHICAGO'S "BLACK SITE" DETAINEES SPEAK OUT WHY DOES THE FBI HAVE TO MANUFACTURE ITS OWN PLOTS IF TERRORISM AND ISIS ARE SUCH GRAVE THREATS? NET NEUTRALITY IS HERE - THANKS TO AN UNPRECEDENTED GUERRILLA ACTIVISM CAMPAIGN HOW SPIES STOLE THE KEYS TO THE ENCRYPTION CASTLE Canada's electronic surveillance agency is covertly monitoring vast amounts of Canadians' emails as part of a sweeping domestic cybersecurity operation, according to top-secret documents. The surveillance initiative, revealed Wednesday by CBC News in collaboration with The Intercept, is sifting through millions of emails sent to Canadian government agencies and departments, archiving details about them on a database for months or even years. The data mining operation is carried out by the Communications Security Establishment, or CSE, Canada's equivalent of the National Security Agency. Its existence is disclosed in documents obtained by The Intercept from NSA whistleblower Edward Snowden. The emails are vacuumed up by the Canadian agency as part of its mandate to defend against hacking attacks and malware targeting government computers. It relies on a system codenamed PONY EXPRESS to analyze the messages in a bid to detect potential cyber threats. Last year, CSE acknowledged it collected some private communications as part of cybersecurity efforts. But it refused to divulge the number of communications being stored or to explain for how long any intercepted messages would be retained. Now, the Snowden documents shine a light for the first time on the huge scope of the operation - exposing the controversial details the government withheld from the public. Under Canada's criminal code, CSE is no</div>

...

Cancel

Operation AURORAGOLD: How the NSA Hacks Cellphone Networks Worldwide - 0 views

firstlook.org/...nsa-auroragold-hack-cellphones

surveillance state NSA NSA-methods cell-network-penetration AURORAGOLD

shared by Paul Merrell on 06 Dec 14 - No Cached

In March 2011, two weeks before the Western intervention in Libya, a secret message was delivered to the National Security Agency. An intelligence unit within the U.S. military’s Africa Command needed help to hack into Libya’s cellphone networks and monitor text messages. For the NSA, the task was easy. The agency had already obtained technical information about the cellphone carriers’ internal systems by spying on documents sent among company employees, and these details would provide the perfect blueprint to help the military break into the networks. The NSA’s assistance in the Libya operation, however, was not an isolated case. It was part of a much larger surveillance program—global in its scope and ramifications—targeted not just at hostile countries.
...

Cancel
According to documents contained in the archive of material provided to The Intercept by whistleblower Edward Snowden, the NSA has spied on hundreds of companies and organizations internationally, including in countries closely allied to the United States, in an effort to find security weaknesses in cellphone technology that it can exploit for surveillance. The documents also reveal how the NSA plans to secretly introduce new flaws into communication systems so that they can be tapped into—a controversial tactic that security experts say could be exposing the general population to criminal hackers. Codenamed AURORAGOLD, the covert operation has monitored the content of messages sent and received by more than 1,200 email accounts associated with major cellphone network operators, intercepting confidential company planning papers that help the NSA hack into phone networks.
...

Cancel
Karsten Nohl, a leading cellphone security expert and cryptographer who was consulted by The Intercept about details contained in the AURORAGOLD documents, said that the broad scope of information swept up in the operation appears aimed at ensuring virtually every cellphone network in the world is NSA accessible.
...

Cancel
...11 more annotations...
“Collecting an inventory [like this] on world networks has big ramifications,” Nohl said, because it allows the NSA to track and circumvent upgrades in encryption technology used by cellphone companies to shield calls and texts from eavesdropping. Evidence that the agency has deliberately plotted to weaken the security of communication infrastructure, he added, was particularly alarming. “Even if you love the NSA and you say you have nothing to hide, you should be against a policy that introduces security vulnerabilities,” Nohl said, “because once NSA introduces a weakness, a vulnerability, it’s not only the NSA that can exploit it.”
...

Cancel
The AURORAGOLD operation is carried out by specialist NSA surveillance units whose existence has not been publicly disclosed: the Wireless Portfolio Management Office, which defines and carries out the NSA’s strategy for exploiting wireless communications, and the Target Technology Trends Center, which monitors the development of new communication technology to ensure that the NSA isn’t blindsided by innovations that could evade its surveillance reach. The center’s logo is a picture of the Earth overshadowed by a large telescope; its motto is “Predict – Plan – Prevent.”
...

Cancel
The NSA documents reveal that, as of May 2012, the agency had collected technical information on about 70 percent of cellphone networks worldwide—701 of an estimated 985—and was maintaining a list of 1,201 email “selectors” used to intercept internal company details from employees. (“Selector” is an agency term for a unique identifier like an email address or phone number.) From November 2011 to April 2012, between 363 and 1,354 selectors were “tasked” by the NSA for surveillance each month as part of AURORAGOLD, according to the documents. The secret operation appears to have been active since at least 2010.
...

Cancel
By covertly monitoring GSMA working groups in a bid to identify and exploit security vulnerabilities, the NSA has placed itself into direct conflict with the mission of the National Institute for Standards and Technology, or NIST, the U.S. government agency responsible for recommending cybersecurity standards in the United States. NIST recently handed out a grant of more than $800,000 to GSMA so that the organization could research ways to address “security and privacy challenges” faced by users of mobile devices. The revelation that the trade group has been targeted for surveillance may reignite deep-seated tensions between NIST and NSA that came to the fore following earlier Snowden disclosures. Last year, NIST was forced to urge people not to use an encryption standard it had previously approved after it emerged NSA had apparently covertly worked to deliberately weaken it.
...

Cancel
The NSA focuses on intercepting obscure but important technical documents circulated among the GSMA’s members known as “IR.21s.” Most cellphone network operators share IR.21 documents among each other as part of agreements that allow their customers to connect to foreign networks when they are “roaming” overseas on a vacation or a business trip. An IR.21, according to the NSA documents, contains information “necessary for targeting and exploitation.” The details in the IR.21s serve as a “warning mechanism” that flag new technology used by network operators, the NSA’s documents state. This allows the agency to identify security vulnerabilities in the latest communication systems that can be exploited, and helps efforts to introduce new vulnerabilities “where they do not yet exist.” The IR.21s also contain details about the encryption used by cellphone companies to protect the privacy of their customers’ communications as they are transmitted across networks. These details are highly sought after by the NSA, as they can aid its efforts to crack the encryption and eavesdrop on conversations.
...

Cancel
One of the prime targets monitored under the AURORAGOLD program is the London-headquartered trade group, the GSM Association, or the GSMA, which represents the interests of more than 800 major cellphone, software, and internet companies from 220 countries. The GSMA’s members include U.S.-based companies such as Verizon, AT&T, Sprint, Microsoft, Facebook, Intel, Cisco, and Oracle, as well as large international firms including Sony, Nokia, Samsung, Ericsson, and Vodafone. The trade organization brings together its members for regular meetings at which new technologies and policies are discussed among various “working groups.” The Snowden files reveal that the NSA specifically targeted the GSMA’s working groups for surveillance.
...

Cancel
Last year, the Washington Post reported that the NSA had already managed to break the most commonly used cellphone encryption algorithm in the world, known as A5/1. But the information collected under AURORAGOLD allows the agency to focus on circumventing newer and stronger versions of A5 cellphone encryption, such as A5/3. The documents note that the agency intercepts information from cellphone operators about “the type of A5 cipher algorithm version” they use, and monitors the development of new algorithms in order to find ways to bypass the encryption. In 2009, the British surveillance agency Government Communications Headquarters conducted a similar effort to subvert phone encryption under a project called OPULENT PUP, using powerful computers to perform a “crypt attack” to penetrate the A5/3 algorithm, secret memos reveal. By 2011, GCHQ was collaborating with the NSA on another operation, called WOLFRAMITE, to attack A5/3 encryption. (GCHQ declined to comment for this story, other than to say that it operates within legal parameters.)
...

Cancel
The extensive attempts to attack cellphone encryption have been replicated across the Five Eyes surveillance alliance. Australia’s top spy agency, for instance, infiltrated an Indonesian cellphone company and stole nearly 1.8 million encryption keys used to protect communications, the New York Times reported in February.
...

Cancel
The NSA’s documents show that it focuses on collecting details about virtually all technical standards used by cellphone operators, and the agency’s efforts to stay ahead of the technology curve occasionally yield significant results. In early 2010, for instance, its operatives had already found ways to penetrate a variant of the newest “fourth generation” smartphone-era technology for surveillance, years before it became widely adopted by millions of people in dozens of countries. The NSA says that its efforts are targeted at terrorists, weapons proliferators, and other foreign targets, not “ordinary people.” But the methods used by the agency and its partners to gain access to cellphone communications risk significant blowback. According to Mikko Hypponen, a security expert at Finland-based F-Secure, criminal hackers and foreign government adversaries could be among the inadvertent beneficiaries of any security vulnerabilities or encryption weaknesses inserted by the NSA into communication systems using data collected by the AURORAGOLD project.
...

Cancel
Vines, the NSA spokeswoman, told The Intercept that the agency was committed to ensuring an “open, interoperable, and secure global internet.” “NSA deeply values these principles and takes great care to honor them in the performance of its lawful foreign-intelligence mission,” Vines said.
...

Cancel
Documents published with this article: AURORAGOLD – Project Overview AURORAGOLD Working Group IR.21 – A Technology Warning Mechanism AURORAGOLD – Target Technology Trends Center support to WPMO NSA First-Ever Collect of High-Interest 4G Cellular Signal AURORAGOLD Working Aid WOLFRAMITE Encryption Attack OPULENT PUP Encryption Attack NSA/GCHQ/CSEC Network Tradecraft Advancement Team
...

Cancel

Paul Merrell on 06 Dec 14

Notice that they've cracked even 4G.

<div class="cArrow"> </div><div class="cContentInner">Notice that they've cracked even 4G.</div>

...

Cancel

Canada Casts Global Surveillance Dragnet Over File Downloads - The Intercept - 0 views

firstlook.org/...e-levitation-mass-surveillance

surveillance state Canada CSE NSA-targets downloads

shared by Paul Merrell on 29 Jan 15 - No Cached

Canada’s leading surveillance agency is monitoring millions of Internet users’ file downloads in a dragnet search to identify extremists, according to top-secret documents. The covert operation, revealed Wednesday by CBC News in collaboration with The Intercept, taps into Internet cables and analyzes records of up to 15 million downloads daily from popular websites commonly used to share videos, photographs, music, and other files. The revelations about the spying initiative, codenamed LEVITATION, are the first from the trove of files provided by National Security Agency whistleblower Edward Snowden to show that the Canadian government has launched its own globe-spanning Internet mass surveillance system. According to the documents, the LEVITATION program can monitor downloads in several countries across Europe, the Middle East, North Africa, and North America. It is led by the Communications Security Establishment, or CSE, Canada’s equivalent of the NSA. (The Canadian agency was formerly known as “CSEC” until a recent name change.)
...

Cancel
The latest disclosure sheds light on Canada’s broad existing surveillance capabilities at a time when the country’s government is pushing for a further expansion of security powers following attacks in Ottawa and Quebec last year. Ron Deibert, director of University of Toronto-based Internet security think tank Citizen Lab, said LEVITATION illustrates the “giant X-ray machine over all our digital lives.” “Every single thing that you do – in this case uploading/downloading files to these sites – that act is being archived, collected and analyzed,” Deibert said, after reviewing documents about the online spying operation for CBC News. David Christopher, a spokesman for Vancouver-based open Internet advocacy group OpenMedia.ca, said the surveillance showed “robust action” was needed to rein in the Canadian agency’s operations.
...

Cancel
In a top-secret PowerPoint presentation, dated from mid-2012, an analyst from the agency jokes about how, while hunting for extremists, the LEVITATION system gets clogged with information on innocuous downloads of the musical TV series Glee. CSE finds some 350 “interesting” downloads each month, the presentation notes, a number that amounts to less than 0.0001 per cent of the total collected data. The agency stores details about downloads and uploads to and from 102 different popular file-sharing websites, according to the 2012 document, which describes the collected records as “free file upload,” or FFU, “events.” Only three of the websites are named: RapidShare, SendSpace, and the now defunct MegaUpload.
...

Cancel
...3 more annotations...
LEVITATION does not rely on cooperation from any of the file-sharing companies. A separate secret CSE operation codenamed ATOMIC BANJO obtains the data directly from internet cables that it has tapped into, and the agency then sifts out the unique IP address of each computer that downloaded files from the targeted websites. The IP addresses are valuable pieces of information to CSE’s analysts, helping to identify people whose downloads have been flagged as suspicious. The analysts use the IP addresses as a kind of search term, entering them into other surveillance databases that they have access to, such as the vast repositories of intercepted Internet data shared with the Canadian agency by the NSA and its British counterpart Government Communications Headquarters. If successful, the searches will return a list of results showing other websites visited by the people downloading the files – in some cases revealing associations with Facebook or Google accounts. In turn, these accounts may reveal the names and the locations of individual downloaders, opening the door for further surveillance of their activities.
...

Cancel
“The specific uses that they talk about in this [counter-terrorism] context may not be the problem, but it’s what else they can do,” said Tamir Israel, a lawyer with the University of Ottawa’s Canadian Internet Policy and Public Interest Clinic. Picking which downloads to monitor is essentially “completely at the discretion of CSE,” Israel added. The file-sharing surveillance also raises questions about the number of Canadians whose downloading habits could have been swept up as part of LEVITATION’s dragnet. By law, CSE isn’t allowed to target Canadians. In the LEVITATION presentation, however, two Canadian IP addresses that trace back to a web server in Montreal appear on a list of suspicious downloads found across the world. The same list includes downloads that CSE monitored in closely allied countries, including the United Kingdom, United States, Spain, Brazil, Germany and Portugal. It is unclear from the document whether LEVITATION has ever prevented any terrorist attacks. The agency cites only two successes of the program in the 2012 presentation: the discovery of a hostage video through a previously unknown target, and an uploaded document that contained the hostage strategy of a terrorist organization. The hostage in the discovered video was ultimately killed, according to public reports.
...

Cancel
Canada’s leading surveillance agency is monitoring millions of Internet users’ file downloads in a dragnet search to identify extremists, according to top-secret documents. The covert operation, revealed Wednesday by CBC News in collaboration with The Intercept, taps into Internet cables and analyzes records of up to 15 million downloads daily from popular websites commonly used to share videos, photographs, music, and other files. The revelations about the spying initiative, codenamed LEVITATION, are the first from the trove of files provided by National Security Agency whistleblower Edward Snowden to show that the Canadian government has launched its own globe-spanning Internet mass surveillance system. According to the documents, the LEVITATION program can monitor downloads in several countries across Europe, the Middle East, North Africa, and North America. It is led by the Communications Security Establishment, or CSE, Canada’s equivalent of the NSA. (The Canadian agency was formerly known as “CSEC” until a recent name change.)
...

Cancel

New Snowden Docs Indicate Scope of NSA Preparations for Cyber Battle - SPIEGEL ONLINE - 0 views

www.spiegel.de/...or-cyber-battle-a-1013409.html

surveillance state war & peace cyberwar Snowden NSA-docs

shared by Paul Merrell on 20 Jan 15 - No Cached

The NSA's mass surveillance is just the beginning. Documents from Edward Snowden show that the intelligence agency is arming America for future digital wars -- a struggle for control of the Internet that is already well underway.
...

Cancel
The Birth of D Weapons According to top secret documents from the archive of NSA whistleblower Edward Snowden seen exclusively by SPIEGEL, they are planning for wars of the future in which the Internet will play a critical role, with the aim of being able to use the net to paralyze computer networks and, by doing so, potentially all the infrastructure they control, including power and water supplies, factories, airports or the flow of money.
...

Cancel
NSA Docs on Network Attacks and ExploitationExcerpt from the secret NSA budget on computer network operations / Code word GENIE Document about the expansion of the Remote Operations Center (ROC) on endpoint operations Document explaining the role of the Remote Operations Center (ROC) Interview with an employee of NSA's department for Tailored Access Operations about his field of work Supply-chain interdiction / Stealthy techniques can crack some of SIGINT's hardest targets Classification guide for computer network exploitation (CNE) NSA training course material on computer network operations Overview of methods for NSA integrated cyber operations NSA project description to recognize and process data that comes from third party attacks on computers Exploring and exploiting leaky mobile apps with BADASS Overview of projects of the TAO/ATO department such as the remote destruction of network cards iPhone target analysis and exploitation with Apple's unique device identifiers (UDID) Report of an NSA Employee about a Backdoor in the OpenSSH Daemon NSA document on QUANTUMSHOOTER, an implant to remote-control computers with good network connections from unknown third parties
...

Cancel
...5 more annotations...
From a military perspective, surveillance of the Internet is merely "Phase 0" in the US digital war strategy. Internal NSA documents indicate that it is the prerequisite for everything that follows. They show that the aim of the surveillance is to detect vulnerabilities in enemy systems. Once "stealthy implants" have been placed to infiltrate enemy systems, thus allowing "permanent accesses," then Phase Three has been achieved -- a phase headed by the word "dominate" in the documents. This enables them to "control/destroy critical systems & networks at will through pre-positioned accesses (laid in Phase 0)." Critical infrastructure is considered by the agency to be anything that is important in keeping a society running: energy, communications and transportation. The internal documents state that the ultimate goal is "real time controlled escalation". One NSA presentation proclaims that "the next major conflict will start in cyberspace." To that end, the US government is currently undertaking a massive effort to digitally arm itself for network warfare. For the 2013 secret intelligence budget, the NSA projected it would need around $1 billion in order to increase the strength of its computer network attack operations. The budget included an increase of some $32 million for "unconventional solutions" alone.
...

Cancel
Part 2: How the NSA Reads Over Shoulders of Other Spies
...

Cancel
NSA Docs on ExfiltrationExplanation of the APEX method of combining passive with active methods to exfiltrate data from networks attacked Explanation of APEX shaping to put exfiltrating network traffic into patterns that allow plausible deniability Presentation on the FASHIONCLEFT protocol that the NSA uses to exfiltrate data from trojans and implants to the NSA Methods to exfiltrate data even from devices which are supposed to be offline Document detailing SPINALTAP, an NSA project to combine data from active operations and passive signals intelligence Technical description of the FASHIONCLEFT protocol the NSA uses to exfiltrate data from Trojans and implants to the NSA
...

Cancel
NSA Docs on Malware and ImplantsCSEC document about the recognition of trojans and other "network based anomaly" The formalized process through which analysts choose their data requirement and then get to know the tools that can do the job QUANTUMTHEORY is a set of technologies allowing man-on-the-side interference attacks on TCP/IP connections (includes STRAIGHTBIZARRE and DAREDEVIL) Sample code of a malware program from the Five Eyes alliance
...

Cancel
According to top secret documents from the archive of NSA whistleblower Edward Snowden seen exclusively by SPIEGEL, they are planning for wars of the future in which the Internet will play a critical role, with the aim of being able to use the net to paralyze computer networks and, by doing so, potentially all the infrastructure they control, including power and water supplies, factories, airports or the flow of money. During the 20th century, scientists developed so-called ABC weapons -- atomic, biological and chemical. It took decades before their deployment could be regulated and, at least partly, outlawed. New digital weapons have now been developed for the war on the Internet. But there are almost no international conventions or supervisory authorities for these D weapons, and the only law that applies is the survival of the fittest. Canadian media theorist Marshall McLuhan foresaw these developments decades ago. In 1970, he wrote, "World War III is a guerrilla information war with no division between military and civilian participation." That's precisely the reality that spies are preparing for today.
...

Cancel

Paul Merrell on 20 Jan 15

Major dump of new Snowden NSA docs by Der Spiegel, with an article by a large team of reporters and computer security experts. Topic: Cyberwar capabilities, now and in the near future.

<div class="cArrow"> </div><div class="cContentInner">Major dump of new Snowden NSA docs by Der Spiegel, with an article by a large team of reporters and computer security experts. Topic: Cyberwar capabilities, now and in the near future. </div>

...

Cancel

Cash, Weapons and Surveillance: the U.S. is a Key Party to Every Israeli Attack - The I... - 0 views

firstlook.org/...cash-weapons-surveillance

surveillance state NSA Israel Unit-8200 collaboration must-read

shared by Paul Merrell on 05 Aug 14 - No Cached

The U.S. government has long lavished overwhelming aid on Israel, providing cash, weapons and surveillance technology that play a crucial role in Israel’s attacks on its neighbors. But top secret documents provided by NSA whistleblower Edward Snowden shed substantial new light on how the U.S. and its partners directly enable Israel’s military assaults – such as the one on Gaza. Over the last decade, the NSA has significantly increased the surveillance assistance it provides to its Israeli counterpart, the Israeli SIGINT National Unit (ISNU; also known as Unit 8200), including data used to monitor and target Palestinians. In many cases, the NSA and ISNU work cooperatively with the British and Canadian spy agencies, the GCHQ and CSEC. The relationship has, on at least one occasion, entailed the covert payment of a large amount of cash to Israeli operatives. Beyond their own surveillance programs, the American and British surveillance agencies rely on U.S.-supported Arab regimes, including the Jordanian monarchy and even the Palestinian Authority Security Forces, to provide vital spying services regarding Palestinian targets.
...

Cancel
The new documents underscore the indispensable, direct involvement of the U.S. government and its key allies in Israeli aggression against its neighbors. That covert support is squarely at odds with the posture of helpless detachment typically adopted by Obama officials and their supporters.
...

Cancel
Each time Israel attacks Gaza and massacres its trapped civilian population – at the end of 2008, in the fall of 2012, and now again this past month – the same process repeats itself in both U.S. media and government circles: the U.S. government feeds Israel the weapons it uses and steadfastly defends its aggression both publicly and at the U.N.; the U.S. Congress unanimously enacts one resolution after the next to support and enable Israel; and then American media figures pretend that the Israeli attack has nothing to do with their country, that it’s just some sort of unfortunately intractable, distant conflict between two equally intransigent foreign parties in response to which all decent Americans helplessly throw up their hands as though they bear no responsibility.
...

Cancel
...1 more annotation...
“The United States has been trying to broker peace in the Middle East for the past 20 years,” wrote the liberal commentator Kevin Drum in Mother Jones, last Tuesday. The following day, CNN reported that the Obama administration ”agreed to Israel’s request to resupply it with several types of ammunition … Among the items being bought are 120mm mortar rounds and 40mm ammunition for grenade launchers.” The new Snowden documents illustrate a crucial fact: Israeli aggression would be impossible without the constant, lavish support and protection of the U.S. government, which is anything but a neutral, peace-brokering party in these attacks. And the relationship between the NSA and its partners on the one hand, and the Israeli spying agency on the other, is at the center of that enabling.
...

Cancel

Paul Merrell on 05 Aug 14

Glenn Greenwald uses Edward Snowden documents to lift the blanket of secrecy off the U.S. Dark State's carnal relationship with the Israeli apartheid government's War on Arabs, and no real surprise here, the Palestinian Authority's role as a key provider of intelligence to both Israel and the U.S.

<div class="cArrow"> </div><div class="cContentInner">Glenn Greenwald uses Edward Snowden documents to lift the blanket of secrecy off the U.S. Dark State's carnal relationship with the Israeli apartheid government's War on Arabs, and no real surprise here, the Palestinian Authority's role as a key provider of intelligence to both Israel and the U.S. </div>

...

Cancel

Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise - The Intercept - 0 views

firstlook.org/...-nsa-gchq-rely-intel-expertise

surveillance state NSA-targets hackers

shared by Paul Merrell on 05 Feb 15 - No Cached

The U.S., U.K. and Canadian governments characterize hackers as a criminal menace, warn of the threats they allegedly pose to critical infrastructure, and aggressively prosecute them, but they are also secretly exploiting their information and expertise, according to top secret documents. In some cases, the surveillance agencies are obtaining the content of emails by monitoring hackers as they breach email accounts, often without notifying the hacking victims of these breaches. “Hackers are stealing the emails of some of our targets… by collecting the hackers’ ‘take,’ we . . .  get access to the emails themselves,” reads one top secret 2010 National Security Agency document. These and other revelations about the intelligence agencies’ reliance on hackers are contained in documents provided by whistleblower Edward Snowden. The documents—which come from the U.K. Government Communications Headquarters agency and NSA—shed new light on the various means used by intelligence agencies to exploit hackers’ successes and learn from their skills, while also raising questions about whether governments have overstated the threat posed by some hackers.
...

Cancel
By looking out for hacking conducted “both by state-sponsored and freelance hackers” and riding on the coattails of hackers, Western intelligence agencies have gathered what they regard as valuable content: Recently, Communications Security Establishment Canada (CSEC) and Menwith Hill Station (MHS) discovered and began exploiting a target-rich data set being stolen by hackers. The hackers’ sophisticated email-stealing intrusion set is known as INTOLERANT. Of the traffic observed, nearly half contains category hits because the attackers are targeting email accounts of interest to the Intelligence Community. Although a relatively new data source, [Target Offices of Primary Interest] have already written multiple reports based on INTOLERANT collect. The hackers targeted a wide range of diplomatic corps, human rights and democracy activists and even journalists: INTOLERANT traffic is very organized. Each event is labeled to identify and categorize victims. Cyber attacks commonly apply descriptors to each victim – it helps herd victims and track which attacks succeed and which fail. Victim categories make INTOLERANT interesting: A = Indian Diplomatic & Indian Navy B = Central Asian diplomatic C = Chinese Human Rights Defenders D = Tibetan Pro-Democracy Personalities E = Uighur Activists F = European Special Rep to Afghanistan and Indian photo-journalism G = Tibetan Government in Exile
...

Cancel
In those cases, the NSA and its partner agencies in the United Kingdom and Canada were unable to determine the identity of the hackers who collected the data, but suspect a state sponsor “based on the level of sophistication and the victim set.” In instances where hacking may compromise data from the U.S. and U.K. governments, or their allies, notification was given to the “relevant parties.” In a separate document, GCHQ officials discuss plans to use open source discussions among hackers to improve their own knowledge. “Analysts are potentially missing out on valuable open source information relating to cyber defence because of an inability to easily keep up to date with specific blogs and Twitter sources,” according to one document. GCHQ created a program called LOVELY HORSE to monitor and index public discussion by hackers on Twitter and other social media. The Twitter accounts designated for collection in the 2012 document:
...

Cancel
...3 more annotations...
These accounts represent a cross section of the hacker community and security scene. In addition to monitoring multiple accounts affiliated with Anonymous, GCHQ monitored the tweets of Kevin Mitnick, who was sent to prison in 1999 for various computer and fraud related offenses. The U.S. Government once characterized Mitnick as one of the world’s most villainous hackers, but he has since turned security consultant and exploit broker. Among others, GCHQ monitored the tweets of reverse-engineer and Google employee, Thomas Dullien. Fellow Googler Tavis Ormandy, from Google’s vulnerability research team Project Zero, is featured on the list, along with other well known offensive security researchers, including Metasploit’s HD Moore and James Lee (aka Egypt) together with Dino Dai Zovi and Alexander Sotirov, who at the time both worked for New York-based offensive security company, Trail of Bits (Dai Zovi has since taken up a position at payment company, Square). The list also includes notable anti-forensics and operational security expert “The Grugq.” GCHQ monitored the tweets of former NSA agents Dave Aitel and Charlie Miller, and former Air Force intelligence officer Richard Bejtlich as well as French exploit vendor, VUPEN (who sold a one year subscription for its binary analysis and exploits service to the NSA in 2012).
...

Cancel
Documents published with this article: LOVELY HORSE – GCHQ Wiki Overview INTOLERANT – Who Else Is Targeting Your Target? Collecting Data Stolen by Hackers – SIDtoday  HAPPY TRIGGER/LOVELY HORSE/Zool/TWO FACE – Open Source for Cyber Defence/Progress NATO Civilian Intelligence Council – Cyber Panel – US Talking Points
...

Cancel
The U.S., U.K. and Canadian governments characterize hackers as a criminal menace, warn of the threats they allegedly pose to critical infrastructure, and aggressively prosecute them, but they are also secretly exploiting their information and expertise, according to top secret documents. In some cases, the surveillance agencies are obtaining the content of emails by monitoring hackers as they breach email accounts, often without notifying the hacking victims of these breaches. “Hackers are stealing the emails of some of our targets… by collecting the hackers’ ‘take,’ we . . .  get access to the emails themselves,” reads one top secret 2010 National Security Agency document. These and other revelations about the intelligence agencies’ reliance on hackers are contained in documents provided by whistleblower Edward Snowden. The documents—which come from the U.K. Government Communications Headquarters agency and NSA—shed new light on the various means used by intelligence agencies to exploit hackers’ successes and learn from their skills, while also raising questions about whether governments have overstated the threat posed by some hackers.
...

Cancel

Documents Reveal Canada's Secret Hacking Tactics - The Intercept - 0 views

firstlook.org/...acking-cyberwar-secret-arsenal

surveillance state CSE NSA false-flag social media

shared by Paul Merrell on 24 Mar 15 - No Cached

Canada’s electronic surveillance agency has secretly developed an arsenal of cyberweapons capable of stealing data and destroying adversaries’ infrastructure, according to newly revealed classified documents. Communications Security Establishment, or CSE, has also covertly hacked into computers across the world to gather intelligence, breaking into networks in Europe, Mexico, the Middle East and North Africa, the documents show. The revelations, reported Monday by CBC News in collaboration with The Intercept, shine a light for the first time on how Canada has adopted aggressive tactics to attack, sabotage and infiltrate targeted computer systems. The latest disclosures come as the Canadian government debates whether to hand over more powers to its spies to disrupt threats as part of the controversial anti-terrorism law, Bill C-51.
...

Cancel
Christopher Parsons, a surveillance expert at the University of Toronto’s Citizen Lab, told CBC News that the new revelations showed that Canada’s computer networks had already been “turned into a battlefield without any Canadian being asked: Should it be done? How should it be done?” According to documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden, CSE has a wide range of powerful tools to perform “computer network exploitation” and “computer network attack” operations. These involve hacking into networks to either gather intelligence or to damage adversaries’ infrastructure, potentially including electricity, transportation or banking systems. The most well-known example of a state-sponsored “attack” operation involved the use of Stuxnet, a computer worm that was reportedly developed by the United States and Israel to sabotage Iranian nuclear facilities. One document from CSE, dated from 2011, outlines the range of methods the Canadian agency has at its disposal as part of a “cyber activity spectrum” to both defend against hacking attacks and to perpetrate them. CSE says in the document that it can “disable adversary infrastructure,” “control adversary infrastructure,” or “destroy adversary infrastructure” using the attack techniques. It can also insert malware “implants” on computers to steal data.
...

Cancel
According to one top-secret NSA briefing paper, dated from 2013, Canada is considered an important player in global hacking operations. Under the heading “NSA and CSEC cooperate closely in the following areas,” the paper notes that the agencies work together on “active computer network access and exploitation on a variety of foreign intelligence targets, including CT [counter terrorism], Middle East, North Africa, Europe, and Mexico.” (The NSA had not responded to a request for comment at time of publication. The agency has previously told The Intercept that it “works with foreign partners to address a wide array of serious threats, including terrorist plots, the proliferation of weapons of mass destruction, and foreign aggression.”) Notably, CSE has gone beyond just adopting a range of tools to hack computers. According to the Snowden documents, it has a range of “deception techniques” in its toolbox. These include “false flag” operations to “create unrest,” and using so-called “effects” operations to “alter adversary perception.” A false-flag operation usually means carrying out an attack, but making it look like it was performed by another group — in this case, likely another government or hacker. Effects operations can involve sending out propaganda across social media or disrupting communications services. The newly revealed documents also reveal that CSE says it can plant a “honeypot” as part of its deception tactics, possibly a reference to some sort of bait posted online that lures in targets so that they can be hacked or monitored.
...

Cancel
...1 more annotation...
The apparent involvement of CSE in using the deception tactics suggests it is operating in the same area as a secretive British unit known as JTRIG, a division of the country’s eavesdropping agency, Government Communications Headquarters, or GCHQ. Last year, The Intercept published documents from Snowden showing that the JTRIG unit uses a range of effects operations to manipulate information online, such as by rigging the outcome of online polls, sending out fake messages on Facebook across entire countries, and posting negative information about targets online to damage their reputations.
...

Cancel

1 - 12 of 12

Showing 20▼ items per page