Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election

While the document provides a rare window into the NSA’s understanding of the mechanics of Russian hacking, it does not show the underlying “raw” intelligence on which the analysis is based. A U.S. intelligence officer who declined to be identified cautioned against drawing too big a conclusion from the document because a single analysis is not necessarily definitive.

Fuente: Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election

“La ciberguerra sería una forma de terrorismo de Estado”

El libro pretende incentivar la mirada crítica entre el gran público ante los acontecimientos calificados de “ciberguerra” y alertar de la coartada que puede proporcionar el tremendismo sensacionalista en estos temas a quienes pretenden recortar libertades o privacidad.

Fuente: “La ciberguerra sería una forma de terrorismo de Estado”

Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise – The Intercept

Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise – The Intercept.

Featured photo - Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise

The U.S., U.K. and Canadian governments characterize hackers as a criminal menace, warn of the threats they allegedly pose to critical infrastructure, and aggressively prosecute them, but they are also secretly exploiting their information and expertise, according to top secret documents.

In some cases, the surveillance agencies are obtaining the content of emails by monitoring hackers as they breach email accounts, often without notifying the hacking victims of these breaches. “Hackers are stealing the emails of some of our targets… by collecting the hackers’ ‘take,’ we . . .  get access to the emails themselves,” reads one top secret 2010 National Security Agency document.

These and other revelations about the intelligence agencies’ reliance on hackers are contained in documents provided by whistleblower Edward Snowden. The documents—which come from the U.K. Government Communications Headquarters agency and NSA—shed new light on the various means used by intelligence agencies to exploit hackers’ successes and learn from their skills, while also raising questions about whether governments have overstated the threat posed by some hackers.

By looking out for hacking conducted “both by state-sponsored and freelance hackers” and riding on the coattails of hackers, Western intelligence agencies have gathered what they regard as valuable content:

Recently, Communications Security Establishment Canada (CSEC) and Menwith Hill Station (MHS) discovered and began exploiting a target-rich data set being stolen by hackers. The hackers’ sophisticated email-stealing intrusion set is known as INTOLERANT. Of the traffic observed, nearly half contains category hits because the attackers are targeting email accounts of interest to the Intelligence Community. Although a relatively new data source, [Target Offices of Primary Interest] have already written multiple reports based on INTOLERANT collect.

The hackers targeted a wide range of diplomatic corps, human rights and democracy activists and even journalists:

INTOLERANT traffic is very organized. Each event is labeled to identify and categorize victims. Cyber attacks commonly apply descriptors to each victim – it helps herd victims and track which attacks succeed and which fail. Victim categories make INTOLERANT interesting:

A = Indian Diplomatic & Indian Navy
B = Central Asian diplomatic
C = Chinese Human Rights Defenders
D = Tibetan Pro-Democracy Personalities
E = Uighur Activists
F = European Special Rep to Afghanistan and Indian photo-journalism
G = Tibetan Government in Exile

In those cases, the NSA and its partner agencies in the United Kingdom and Canada were unable to determine the identity of the hackers who collected the data, but suspect a state sponsor “based on the level of sophistication and the victim set.”

North Korea/Sony Story Shows How Eagerly U.S. Media Still Regurgitate Government Claims – The Intercept

North Korea/Sony Story Shows How Eagerly U.S. Media Still Regurgitate Government Claims – The Intercept.


Featured photo - North Korea/Sony Story Shows How Eagerly U.S. Media Still Regurgitate Government Claims

The identity of the Sony hackers is still unknown. President Obama, in a December 19 press conference, announced: “We can confirm that North Korea engaged in this attack.” He then vowed: “We will respond. . . . We cannot have a society in which some dictator some place can start imposing censorship here in the United States.”

The U.S. Government’s campaign to blame North Korea actually began two days earlier, when The New York Times – as usual – corruptly granted anonymity to “senior administration officials” to disseminate their inflammatory claims with no accountability. These hidden “American officials” used the Paper of Record to announce that they “have concluded that North Korea was ‘centrally involved’ in the hacking of Sony Pictures computers.” With virtually no skepticism about the official accusation, reporters David Sanger and Nicole Perlroth deemed the incident a “cyberterrorism attack” and devoted the bulk of the article to examining the retaliatory actions the government could take against the North Koreans.

The same day, The Washington Post granted anonymity to officials in order to print this:

Other than noting in passing, deep down in the story, that North Korea denied responsibility, not a shred of skepticism was included byPost reporters Drew Harwell and Ellen Nakashima. Like the NYT, the Postdevoted most of its discussion to the “retaliation” available to the U.S.

Sony hack: sacked employees could be to blame, researchers claim | Film | The Guardian

Sony hack: sacked employees could be to blame, researchers claim | Film | The Guardian.

Sony cancelled the release of the Interview in major cinemas, believing it had been hacked by North Korea in retaliation for the film’s depiction of its leader Kim Jong-un being assasinated Photograph: Veronique Dupont/Getty

Security experts investigating the devastating hack against Sony Pictures appear to be moving away from the theory that the attack was a carried out by North Korea, focusing instead on disgruntled former employees of the firm.

Researchers at Norse cybersecurity claim that six former employees could have compromised the company’s networks, arguing that accessing and navigating selective information would take a detailed knowledge of Sony’s systems.

Norse is not part of the official FBI investigation, but did brief the government on Monday, the company said. Though noting that the findings are “hardly conclusive”, Norse senior vice president Kurt Stammberger told the Security Ledger that nine researchers had begun to explore the theory that an insider with motive against Sony would be best placed to execute a hack.

“The FBI points to reused code from previous attacks associated with North Korea, as well as similarities in the networks used to launch the attacks,” said writer Bruce Schneier. “This sort of evidence is circumstantial at best. It’s easy to fake, and it’s even easier to interpret it wrong. In general, it’s a situation that rapidly devolves into storytelling, where analysts pick bits and pieces of the ‘evidence’ to suit the narrative they already have worked out in their heads.”


Schneier also said that diplomatically, it may suit the US government to be “overconfident in assigning blame for the attack” to try and discourage future attacks by nation states.


He also pointed to comments by Harvard law professor Jonathan Zittrain, who said Sony might be encouraged to present the hack as an act or terrorism to help fend of likely lawsuits from current and former employees damaged by leaked material.

“If Sony can characterize this as direct interference by or at the behest of a nation-state, might that somehow earn them the kind of immunity from liability that you might see other companies getting when there’s physical terrorism involved, sponsored by a state?” Zittrain told AP.

FBI warned Year Ago of impending Malware Attacks—But Didn’t Share Info with Sony – The Intercept

FBI warned Year Ago of impending Malware Attacks—But Didn’t Share Info with Sony – The Intercept.


Featured photo - FBI warned Year Ago of impending Malware Attacks—But Didn’t Share Info with Sony

Nearly one year before Sony was hacked, the FBI warned that U.S. companies were facing potentially crippling data destruction malware attacks, and predicted that such a hack could cause irreparable harm to a firm’s reputation, or even spell the end of the company entirely.  The FBI also detailed specific guidance for U.S. companies to follow to prepare and plan for such an attack.

But the FBI never sent Sony the report.

The Dec. 13, 2013 FBI Intelligence Assessment, “Potential Impacts of a Data-Destruction Malware Attack on a U.S. Critical Infrastructure Company’s Network,” warned that companies “must become prepared for the increasing possibility they could become victim to a data destruction cyber attack.”

The 16-page report includes details on previous malware attacks on South Korea banking and media companies—the same incidents and characteristics the FBI said Dec. 19th that it had used to conclude that North Korea was behind the Sony attack.

The report, a copy of which was obtained by The Intercept, was based on discussions with private industry representatives and was prepared after the 2012 cyber attack on Saudi Aramco.  The report was marked For Official Use Only, and has not been previously released.

In it, the FBI warned, “In the current cyber climate, the FBI speculates it is not a question of if a U.S. company will experience an attempted data-destruction attack, but when and which company will fall victim.”

Enough with the Sony hack. Can we all calm down about cyberwar with North Korea already? | Trevor Timm | Comment is free |

Enough with the Sony hack. Can we all calm down about cyberwar with North Korea already? | Trevor Timm | Comment is free |

Yes, the Interview was just a Seth Rogen stoner movie – and, no, privacy, free speech and World War III are not at stake

the interview movie poster
“We will respond proportionally,” Obama said on Friday. Why should the US be responding offensively at all? Photograph: Sony Pictures

The sanest thing anyone said in Washington this week was a reminder, on the Friday before Christmas, when Barack Obama took a break from oscillating between reassuring rationality and understated fear to make an accidental joke:

It says something about North Korea that it decided to mount an all-out attack about a satirical movie … starring Seth Rogen.

It also says something about the over-the-top rhetoric of United States cybersecurity paranoia that it took the President of the United States to remind us to take a deep breath and exhale, even if Sony abruptly scrapped its poorly reviewed Hollywood blockbuster after nebulous threats from alleged North Korean hackers.

Unfortunately, acting rational seems out of the question at this point. In between making a lot of sense about Sony’s cowardly “mistake” to pull a film based on a childish, unsubstantiated threat, Obama indicated the US planned to respond in some as-yet-unknown way, which sounds a lot like a cyberattack of our own.

“We will respond, we will respond proportionally, and in a place and time that we choose,” Obama said at his year-end news conference. Why should we be responding offensively at all? As the Wall Street Journal’s Danny Yadron reported, a movie studio doesn’t reach the US government’s definition of “critical infrastructure” that would allow its military to respond under existing rules, but that didn’t stop the White House from calling the Sony hack a “national security issue” just a day later.

Let’s put aside for a moment that many security experts haven’t exactly been rushing to agree with the FBI’s cut-and-dry conclusion that “the North Korean government is responsible” for the hack. Wired’s Kim Zetter wrote a detailed analysis about why the evidence accusing North Korea is really flimsy, while other security professionals have weighed in with similar research.

But whoever the hackers are, can we stop calling them “cyber-terrorists,”like Motion Picture Association of America chairman Chris Dodd did on Friday? They may be sadistic pranksters, extortionists and assholes, but anonymously posting a juvenile and vague word jumble incorporating “9/11” that has no connection to reality does not make them terrorist masterminds. That’s giving whoever did it way too much credit.

How to protect your digital photos from hackers | Technology |

How to protect your digital photos from hackers | Technology |

After over 100 celebrities had their sensitive photos exposed this week, here are some tips on keeping yours safe from hackers



Jennifer Lawrence with her best actress Oscar
Jennifer Lawrence with her best actress Oscar Photograph: Mike Blake/Reuters


This week, nude photos of over 100 celebrities were posted online by an anonymous source who may have have got them by hacking the Apple iCloud online storage service, or guessing the security questions needed to gain access to each individual account.


Either way it has got many people wondering about the safety of their own photos, nude or otherwise, and about whether any snapshot taken on or shared via a digital device can ever be considered secure.


So how can you keep your own images away from uninvited viewers? Here are some quick pointers.

Hacking Online Polls and Other Ways British Spies Seek to Control the Internet – The Intercept

Hacking Online Polls and Other Ways British Spies Seek to Control the Internet – The Intercept.

By 390
Featured photo - Hacking Online Polls and Other Ways British Spies Seek to Control the Internet

The secretive British spy agency GCHQ has developed covert tools to seed the internet with false information, including the ability to manipulate the results of online polls, artificially inflate pageview counts on web sites, “amplif[y]” sanctioned messages on YouTube, and censor video content judged to be “extremist.” The capabilities, detailed in documents provided by NSA whistleblower Edward Snowden, even include an old standby for pre-adolescent prank callers everywhere: A way to connect two unsuspecting phone users together in a call.

The tools were created by GCHQ’s Joint Threat Research Intelligence Group (JTRIG), and constitute some of the most startling methods of propaganda and internet deception contained within the Snowden archive. Previously disclosed documents have detailed JTRIG’s use of “fake victim blog posts,” “false flag operations,” “honey traps” and psychological manipulation to target online activists, monitor visitors to WikiLeaks, and spy on YouTube and Facebook users.

But as the U.K. Parliament today debates a fast-tracked bill to provide the government with greater surveillance powers, one which Prime Minister David Cameron has justified as an “emergency” to “help keep us safe,” a newly released top-secret GCHQ document called “JTRIG Tools and Techniques” provides a comprehensive, birds-eye view of just how underhanded and invasive this unit’s operations are. The document—available in full here—is designed to notify other GCHQ units of JTRIG’s “weaponised capability” when it comes to the dark internet arts, and serves as a sort of hacker’s buffet for wreaking online havoc.

How to protect your personal data from the next hack attack like eBay | Technology |

How to protect your personal data from the next hack attack like eBay | Technology |

Passwords and personal data were stolen in eBay’s cyberattack. Here’s how to protect your information against future hacks



ebay password change
When companies ask for your private information you don’t always need to give it to them. Photograph: Paul Stewart/Demotix/Corbis


Ebay suffering the biggest hack of all time led to the exposure of lots of personal data including postal addresses, dates of birth and phone numbers for millions of people around the world.

While the company insists no financial information was stolen, private personal data still holds a lot of value.

But what options do users have when a site demands personal information as a condition of use, with no way of determining how secure that data will be?

“We have to take care of our data, but in many circumstances if we want to use a service we have no choice but to surrender data, stuff that is very difficult to change,” Rik Ferguson, global vice president of security research at security software firm Trend Micro, told the Guardian in the wake of the hack.

“It’s all very well telling everyone to go out and change their passwords, but you can’t go and change your postal address, telephone number, name and date of birth.”

Shopping services need your postal address to deliver goods, for instance, media services need your date of birth to verify age, and a taxi firm will need your phone number to alert you when its car arrives outside your door.

“All organisations that are hold any sort of private or financial information should absolutely be encrypting that data at all times – there is no excuse for not doing so,” says Ferguson.

Unfortunately, eBay’s hack has proved that not all companies are as good at protecting your personal data as they should be.

“All data that is shared should be done so in the knowledge that it absolutely is at risk from targeted attack. All of that data has financial value to the attacker, and they will continue to go after it.”

Ciberataque masivo afecta la velocidad de Internet en todo el mundo

27 de Marzo de 2013

Expertos aseguran que la embestida lleva una semana en curso y que proviene de una firma holandesa online a la que antes habían acusado de servir de plataforma para enviar “spam”.


El tráfico de Internet en todo el mundo se está viendo afectado por lo que expertos en seguridad han denominado el mayor ataque cibernético de su tipo en la historia.

Una organización denominada Spamhaus, que combate el envío de correo eléctronico no deseado, dice que sus servidores han sido objeto de un ataque a escala inusitada.

Spamhaus asegura que el ataque, que lleva una semana y no ha terminado aún, proviene de Cyberbunker, una firma holandesa en la web a la que habían acusado de servir de plataforma de “spam”, correos no deseados.

El corresponsal de tecnología de la BBC Rory Cellan Jones, dijo que algunos expertos están llamando a la unión de esfuerzos internacionales para luchar contra este tipo de actividad.