Group items tagged

Canada’s electronic surveillance agency has secretly developed an arsenal of cyberweapons capable of stealing data and destroying adversaries’ infrastructure, according to newly revealed classified documents. Communications Security Establishment, or CSE, has also covertly hacked into computers across the world to gather intelligence, breaking into networks in Europe, Mexico, the Middle East and North Africa, the documents show. The revelations, reported Monday by CBC News in collaboration with The Intercept, shine a light for the first time on how Canada has adopted aggressive tactics to attack, sabotage and infiltrate targeted computer systems. The latest disclosures come as the Canadian government debates whether to hand over more powers to its spies to disrupt threats as part of the controversial anti-terrorism law, Bill C-51.

Christopher Parsons, a surveillance expert at the University of Toronto’s Citizen Lab, told CBC News that the new revelations showed that Canada’s computer networks had already been “turned into a battlefield without any Canadian being asked: Should it be done? How should it be done?” According to documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden, CSE has a wide range of powerful tools to perform “computer network exploitation” and “computer network attack” operations. These involve hacking into networks to either gather intelligence or to damage adversaries’ infrastructure, potentially including electricity, transportation or banking systems. The most well-known example of a state-sponsored “attack” operation involved the use of Stuxnet, a computer worm that was reportedly developed by the United States and Israel to sabotage Iranian nuclear facilities. One document from CSE, dated from 2011, outlines the range of methods the Canadian agency has at its disposal as part of a “cyber activity spectrum” to both defend against hacking attacks and to perpetrate them. CSE says in the document that it can “disable adversary infrastructure,” “control adversary infrastructure,” or “destroy adversary infrastructure” using the attack techniques. It can also insert malware “implants” on computers to steal data.

According to one top-secret NSA briefing paper, dated from 2013, Canada is considered an important player in global hacking operations. Under the heading “NSA and CSEC cooperate closely in the following areas,” the paper notes that the agencies work together on “active computer network access and exploitation on a variety of foreign intelligence targets, including CT [counter terrorism], Middle East, North Africa, Europe, and Mexico.” (The NSA had not responded to a request for comment at time of publication. The agency has previously told The Intercept that it “works with foreign partners to address a wide array of serious threats, including terrorist plots, the proliferation of weapons of mass destruction, and foreign aggression.”) Notably, CSE has gone beyond just adopting a range of tools to hack computers. According to the Snowden documents, it has a range of “deception techniques” in its toolbox. These include “false flag” operations to “create unrest,” and using so-called “effects” operations to “alter adversary perception.” A false-flag operation usually means carrying out an attack, but making it look like it was performed by another group — in this case, likely another government or hacker. Effects operations can involve sending out propaganda across social media or disrupting communications services. The newly revealed documents also reveal that CSE says it can plant a “honeypot” as part of its deception tactics, possibly a reference to some sort of bait posted online that lures in targets so that they can be hacked or monitored.

Several pending bills would promote increased sharing of cybersecurity-related information — such as threat intelligence and system vulnerabilities — in order to combat the perceived rise in the frequency and intensity of cyber attacks against private and government entities. But such information sharing is easier said than done, according to a new report from the Congressional Research Service, because it involves a thicket of conflicting and perhaps incompatible laws and policy objectives. “The legal issues surrounding cybersecurity information sharing… are complex and have few certain resolutions.” A copy of the CRS report was obtained by Secrecy News. See Cybersecurity and Information Sharing: Legal Challenges and Solutions, March 16, 2015. Cyber information sharing takes at least three different forms: the release of cyber intelligence from government to the private sector, information sharing among private entities, and the transfer of threat information from private entities to government agencies.

“While collectively these three variants on the concept of cyber-information sharing have some commonalities, each also raises separate legal challenges that may impede cyber-intelligence dissemination more generally,” said the CRS report, which examines the legal ramifications of each category in turn. Among the concerns at issue are: the potential for liability associate with disclosure of cybersecurity information, inappropriate release of private information through open government laws, loss of intellectual property, and potential compromise of personal privacy rights. All of these create a legal morass that may be unreconcilable. “A fundamental question lawmakers may need to contemplate is how restrictions that require close government scrutiny and control over shared cyber-information can be squared with other goals of cyber-information sharing legislation, like requirements that received information be disseminated in an almost instantaneous fashion,” the CRS report said.

“Ultimately, because the goals of cyber-information legislation are often diametrically opposed, it may simply be impossible for information sharing legislation to simultaneously promote the rapid and robust collection and dissemination of cyber-intelligence by the federal government, while also ensuring that the government respects the property and privacy interests implicated by such information sharing,” the report said. Other new or newly updated CRS reports that Congress has withheld from public distribution include the following. Cybersecurity: Authoritative Reports and Resources, by Topic, March 13, 2015

The first (and thus far only) roll-back of post-9/11 surveillance authorities was implemented over the weekend: The National Security Agency shuttered its program for collecting and holding the metadata of Americans’ phone calls under Section 215 of the Patriot Act. While bulk collection under Section 215 has ended, the government can obtain access to this information under the procedures specified in the USA Freedom Act. Indeed, some experts have argued that the Agency likely has access to more metadata because its earlier dragnet didn’t cover cell phones or Internet calling. In addition, the metadata of calls made by an individual in the United States to someone overseas and vice versa can still be collected in bulk — this takes place abroad under Executive Order 12333. No doubt the NSA wishes that this was the end of the surveillance reform story and the Paris attacks initially gave them an opening. John Brennan, the Director of the CIA, implied that the attacks were somehow related to “hand wringing” about spying and Sen. Tom Cotton (R-Ark.) introduced a bill to delay the shut down of the 215 program. Opponents of encryption were quick to say: “I told you so.”

But the facts that have emerged thus far tell a different story. It appears that much of the planning took place IRL (that’s “in real life” for those of you who don’t have teenagers). The attackers, several of whom were on law enforcement’s radar, communicated openly over the Internet. If France ever has a 9/11 Commission-type inquiry, it could well conclude that the Paris attacks were a failure of the intelligence agencies rather than a failure of intelligence authorities. Despite the passage of the USA Freedom Act, US surveillance authorities have remained largely intact. Section 702 of the FISA Amendments Act — which is the basis of programs like PRISM and the NSA’s Upstream collection of information from Internet cables — sunsets in the summer of 2017. While it’s difficult to predict the political environment that far out, meaningful reform of Section 702 faces significant obstacles. Unlike the Section 215 program, which was clearly aimed at Americans, Section 702 is supposedly targeted at foreigners and only picks up information about Americans “incidentally.” The NSA has refused to provide an estimate of how many Americans’ information it collects under Section 702, despite repeated requests from lawmakers and most recently a large cohort of advocates. The Section 215 program was held illegal by two federal courts (here and here), but civil attempts to challenge Section 702 have run into standing barriers. Finally, while two review panels concluded that the Section 215 program provided little counterterrorism benefit (here and here), they found that the Section 702 program had been useful.

There is, nonetheless, some pressure to narrow the reach of Section 702. The recent decision by the European Court of Justice in the safe harbor case suggests that data flows between Europe and the US may be restricted unless the PRISM program is modified to protect the information of Europeans (see here, here, and here for discussion of the decision and reform options). Pressure from Internet companies whose business is suffering — estimates run to the tune of $35 to 180 billion — as a result of disclosures about NSA spying may also nudge lawmakers towards reform. One of the courts currently considering criminal cases which rely on evidence derived from Section 702 surveillance may hold the program unconstitutional either on the basis of the Fourth Amendment or Article III for the reasons set out in this Brennan Center report. A federal district court in Colorado recently rejected such a challenge, although as explained in Steve’s post, the decision did not seriously explore the issues. Further litigation in the European courts too could have an impact on the debate.

HE INTERCEPT HAS OBTAINED a secret, internal U.S. government catalogue of dozens of cellphone surveillance devices used by the military and by intelligence agencies. The document, thick with previously undisclosed information, also offers rare insight into the spying capabilities of federal law enforcement and local police inside the United States. The catalogue includes details on the Stingray, a well-known brand of surveillance gear, as well as Boeing “dirt boxes” and dozens of more obscure devices that can be mounted on vehicles, drones, and piloted aircraft. Some are designed to be used at static locations, while others can be discreetly carried by an individual. They have names like Cyberhawk, Yellowstone, Blackfin, Maximus, Cyclone, and Spartacus. Within the catalogue, the NSA is listed as the vendor of one device, while another was developed for use by the CIA, and another was developed for a special forces requirement. Nearly a third of the entries focus on equipment that seems to have never been described in public before.

The Intercept obtained the catalogue from a source within the intelligence community concerned about the militarization of domestic law enforcement. (The original is here.) A few of the devices can house a “target list” of as many as 10,000 unique phone identifiers. Most can be used to geolocate people, but the documents indicate that some have more advanced capabilities, like eavesdropping on calls and spying on SMS messages. Two systems, apparently designed for use on captured phones, are touted as having the ability to extract media files, address books, and notes, and one can retrieve deleted text messages. Above all, the catalogue represents a trove of details on surveillance devices developed for military and intelligence purposes but increasingly used by law enforcement agencies to spy on people and convict them of crimes. The mass shooting earlier this month in San Bernardino, California, which President Barack Obama has called “an act of terrorism,” prompted calls for state and local police forces to beef up their counterterrorism capabilities, a process that has historically involved adapting military technologies to civilian use. Meanwhile, civil liberties advocates and others are increasingly alarmed about how cellphone surveillance devices are used domestically and have called for a more open and informed debate about the trade-off between security and privacy — despite a virtual blackout by the federal government on any information about the specific capabilities of the gear.

ANY OF THE DEVICES in the catalogue, including the Stingrays and dirt boxes, are cell-site simulators, which operate by mimicking the towers of major telecom companies like Verizon, AT&T, and T-Mobile. When someone’s phone connects to the spoofed network, it transmits a unique identification code and, through the characteristics of its radio signals when they reach the receiver, information about the phone’s location. There are also indications that cell-site simulators may be able to monitor calls and text messages. In the catalogue, each device is listed with guidelines about how its use must be approved; the answer is usually via the “Ground Force Commander” or under one of two titles in the U.S. code governing military and intelligence operations, including covert action.

In New York City, the police now maintain an unknown number of military-grade vans outfitted with X-ray radiation, enabling cops to look through the walls of buildings or the sides of trucks. The technology was used in Afghanistan before being loosed on U.S. streets. Each X-ray van costs an estimated $729,000 to $825,000.The NYPD will not reveal when, where, or how often they are used.

Here are some specific questions that New York City refuses to answer:How is the NYPD ensuring that innocent New Yorkers are not subject to harmful X-ray radiation? How long is the NYPD keeping the images that it takes and who can look at them? Is the NYPD obtaining judicial authorization prior to taking images, and if so, what type of authorization? Is the technology funded by taxpayer money, and has the use of the vans justified the price tag? Those specifics are taken from a New York Civil Liberties Union court filing. The legal organization is seeking to assist a lawsuit filed by Pro Publica journalist Michael Grabell, who has been fighting New York City for answers about X-ray vans for 3 years.“ProPublica filed the request as part of its investigation into the proliferation of security equipment, including airport body scanners, that expose people to ionizing radiation, which can mutate DNA and increase the risk of cancer,” he explained. (For fear of a terrorist “dirty bomb,” America’s security apparatus is exposing its population to radiation as a matter of course.)

A state court has already ruled that the NYPD has to turn over policies, procedures, and training manuals that shape uses of X-rays; reports on past deployments; information on the costs of the X-ray devices and the number of vans purchased; and information on the health and safety effects of the technology. But New York City is fighting on appeal to suppress that information and more, as if it is some kind of spy agency rather than a municipal police department operating on domestic soil, ostensibly at the pleasure of city residents.Its insistence on extreme secrecy is part of an alarming trend. The people of New York City are effectively being denied the ability to decide how they want to be policed.

Hillary Clinton’s Benghazi testimony on Thursday certainly confirmed suspicions that she knew that the September 11, 2012 attack on the US Consulate was not a spontaneous protest by individuals enraged by an anti-Muslim video. Rather, as the emails she fought so fiercely to protect from public disclosure reveal, the attack was a pre-planned operation, involving fore- knowledge by the assailants of the whereabouts of Ambassador Christopher Stevens, among other details.

Clinton and the Obama Administration had attempted to place the blame for the attack, which resulted in the deaths of Ambassador Stevens and three other Americans, on an unplanned protest, a “spontaneous mob.” However, knowing that Clinton and other Administration officials lied extensively as to the genesis of the attack raises further questions. According to the Wall Street Journal, Clinton lied in order to “attempt to avoid blame for a terror attack in a presidential re-election year”  The WSJ article maintains that the House Select Committee on Benghazi, chaired by Representative Trey Gowdy, has ferreted out the deception. “What that House committee did Thursday was finally expose the initial deception,” writes WSJ reporter Kimberley Strassel.

It is known now, through the subsequent email and cable releases, that the responsibility for the attack was claimed by Ansar al Sharia, al Qaeda’s affiliate on the Arabian Peninsula. In an email to her daughter Chelsea, sent at 11:12 pm the night of the attack, Hillary Clinton wrote: “Two of our officers were killed in Benghazi by an Al Queda-like group.” Not by a spontaneous mob, protesting a YouTube video. But by a group which has already been exposed as having deep and covert ties to the United States intelligence agencies. Questions must be addressed as to why the Benghazi compound was not guarded. US Embassies abroad are known to be protected by an elite corps of US Marines. Known as the MSG (Marine Security Group), this elite group is pledged to protect US information and persons in Embassies and Consulates.