Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election

While the document provides a rare window into the NSA’s understanding of the mechanics of Russian hacking, it does not show the underlying “raw” intelligence on which the analysis is based. A U.S. intelligence officer who declined to be identified cautioned against drawing too big a conclusion from the document because a single analysis is not necessarily definitive.

Fuente: Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election


Edward Snowden’s leave to remain in Russia extended for three years | US news | The Guardian

Earlier on Wednesday, Maria Zakharova, a foreign ministry spokeswoman, wrote on Facebook that Snowden’s right to stay had recently been extended “by a couple of years”. Her post came in response to a suggestion from the former acting CIA director Michael Morell that Vladimir Putin might hand over Snowden to the US, despite there being no extradition treaty between the countries.

Fuente: Edward Snowden’s leave to remain in Russia extended for three years | US news | The Guardian


The U.S. Government Thinks Thousands of Russian Hackers May Be Reading My Blog. They Aren’t.

It’s plausible, and in my opinion likely, that hackers under orders from the Russian government were responsible for the DNC and Podesta hacks in order to influence the U.S. election in favor of Donald Trump. But the Grizzly Steppe report fails to adequately back up this claim. My research, for example, shows that much of the evidence presented is evidence of nothing at all.

Fuente: The U.S. Government Thinks Thousands of Russian Hackers May Be Reading My Blog. They Aren’t.


WashPost Is Richly Rewarded for False News About Russia Threat While Public Is Deceived

The most ironic aspect of all this is that it is mainstream journalists — the very people who have become obsessed with the crusade against Fake News — who play the key role in enabling and fueling this dissemination of false stories. They do so not only by uncritically spreading them, but also by taking little or no steps to notify the public of their falsity.

Fuente: WashPost Is Richly Rewarded for False News About Russia Threat While Public Is Deceived


Russia Hysteria Infects WashPost Again: False Story About Hacking U.S. Electric Grid

Those interested in a sober and rational discussion of the Russia hacking issue should read the following:(1) Three posts by cybersecurity expert Jeffrey Carr: first, on the difficulty of proving attribution for any hacks; second, on the irrational claims on which the “Russia hacked the DNC” case is predicated; and third, on the woefully inadequate, evidence-free report issued by the Department of Homeland Security and FBI this week to justify sanctions against Russia.(2) Yesterday’s Rolling Stone article by Matt Taibbi, who lived and worked for more than a decade in Russia, titled: “Something About This Russia Story Stinks.”(3) An Atlantic article by David A. Graham on the politics and strategies of the sanctions imposed this week on Russia by Obama; I disagree with several of his claims, but the article is a rarity: a calm, sober, rational assessment of this debate.

Fuente: Russia Hysteria Infects WashPost Again: False Story About Hacking U.S. Electric Grid


Obama escalates anti-Russian campaign with new sanctions and threats – World Socialist Web Site

In an executive order accompanied by a series of official statements, US President Barack Obama has sharply escalated the campaign against Russia, based on unsubstantiated claims of Russian government hacking of the Democratic National Committee (DNC) and the Hillary Clinton campaign in the presidential election.

Fuente: Obama escalates anti-Russian campaign with new sanctions and threats – World Socialist Web Site


Top-Secret Snowden Document Reveals What the NSA Knew About Previous Russian Hacking

Now, a never-before-published top-secret document provided by whistleblower Edward Snowden suggests the NSA has a way of collecting evidence of Russian hacks, because the agency tracked a similar hack before in the case of a prominent Russian journalist, who was also a U.S. citizen.

Fuente: Top-Secret Snowden Document Reveals What the NSA Knew About Previous Russian Hacking


If the US hacks Russia for revenge, that could lead to cyberwar | Trevor Timm | Opinion | The Guardian

What’s the CIA’s brilliant plan for stopping Russian cyber-attacks on the US and their alleged interference with the US election? Apparently, some in the agency want to escalate tensions between the two superpowers even more and possibly do the same thing right back to them.

Fuente: If the US hacks Russia for revenge, that could lead to cyberwar | Trevor Timm | Opinion | The Guardian


Cybersecurity experts take Russian hacking scare 'with a pinch of salt' | Technology | theguardian.com

Cybersecurity experts take Russian hacking scare ‘with a pinch of salt’ | Technology | theguardian.com.

Researchers have expressed concern over Hold Security’s claim that 1.2bn usernames and passwords were stolen by criminal gang

 

 

password
Security company claims to have found a database containing over 1.2bn unique usernames and passwords. Photograph: Pawel Kopczynski/Reuters/Corbis

 

Security researchers have expressed concern over the claim that more than 4.5bn user credentials including 1.2bn unique usernames and passwords have been amassed by a Russian cybercriminal gang.

Security researchers from Kaspersky, Symantec and University College London have questioned the news reported on Tuesday that private security firm Hold Security had identified a Russian cybercriminal gang called CyberVor, which had amassed a database of more than 4.5bn stolen records, including 1.2bn unique usernames and passwords belonging to 500m email addresses.

Cybersecurity experts are concerned that Hold Security has not yet made the data public or available for confirmation by users. “We’ve had very little concrete information released,” said David Emm, senior researcher with security firm Kaspersky, talking to the Guardian.

“I’m inclined to take it with a pinch of salt for now.”

CyberVor raided over 420,000 websites to collect the stolen user information, Hold Security said, initially offering a commercial “breach notification” service requiring consumers and companies to see if they had been affected – but only if they paid a fee.

The company still offers its commercial security services as part of the report, and later said it would allow consumers to check free of charge whether their usernames or passwords had been stolen.

“Nothing has been released by an established security company – I personally haven’t come across Hold Security before – and we’ve had no information on the companies affected, or whether they’re still vulnerable,” said Emm. “There’s just what seems to me to be a pretty vague claim of the largest security breach to date.

‘Plausible but we need more data’

“There hasn’t been very much data released yet on exactly what these guys found,” explained Dr Brad Karp, a reader in computer systems and networks at the computer science department at University College London who researches internet and systems security.

Hold Security allowed an unnamed independent security expert to verify the database of stolen user details at the request of the New York Times.

“It’s plausible that they have found this many credentials, but whether they actually have or not we would need to see more data,” said Karp. “We’ve been told independent experts have verified it, but we haven’t seen what they’ve verified and we don’t know who they are.”

Candid Wueest, principal threat researcher with security firm Symantec agreed.

“Without having actual fact, it’s hard to say whether it happened like they explained or not,” said Wueest. “It is possible, but at the moment it’s speculation by one source and we haven’t seen any secondary proof, so at the moment we have to unfortunately wait and see how it evolves.”


Russia tightens controls on blogosphere | World news | The Guardian

Russia tightens controls on blogosphere | World news | The Guardian.

Bloggers say new law is attempt to crack down on free expression and criticism of Russian government
Putin

Sites to be regulated under the new law were instrumental in organising protests against president Vladimir Putin. Photograph: Sasha Mordovets/Getty Images

A law that comes into effect in Russia on Friday will place tighter controls on the blogosphere, one of the few remaining places where people can freely criticise the government.

The federal mass media watchdog has said the law is meant to “de-anonymise popular websites”. Prominent bloggers argue it is yet another step to crack down on free expression and will be wielded against critics of the regime.

Popularly known as the “law on bloggers,” the legislation requires users of any website whose posts are read by more than 3,000 people each day to publish under their real name and register with the authorities if requested. It also holds popular bloggers to the same standards as the mass media, forbidding false information and foul language, although it doesn’t guarantee them the same rights. Violators could incur fines of up to 50,000 rubles (£800) and be blacklisted.

Facebook, Twitter, LiveJournal and other social media sites regulated under the new law played an instrumental role in organising the protests against president Vladimir Putin in 2011-13 and have provided a vital platform for critical voices, since most nationwide television and print media is controlled by the government.

Already, the authorities enjoy sweeping powers under a 2013 law to close down websites for advocating “extremist activities” or “participation in public events held in breach of appropriate procedures.” In March, the media watchdog blocked three opposition news portals and the LiveJournal blog of opposition leader and anti-corruption activist Alexei Navalny, who specialises in exposés on the luxurious real estate owned by prominent officials, replete with documents and photographs.

Popular blogger and media entrepreneur Anton Nosik called the law on bloggers unconstitutional and said it was meant to intimidate regime critics.


Vladimir Putin must be called to account on surveillance just like Obama | Edward Snowden | Comment is free | theguardian.com

Vladimir Putin must be called to account on surveillance just like Obama | Edward Snowden | Comment is free | theguardian.com.

I questioned the Russian president live on TV to get his answer on the record, not to whitewash him

Vladimir Putin during the nationwide phone-in in Moscow.
Vladimir Putin during the nationwide phone-in in Moscow. Photograph: RIA Novosti/Reuters

On Thursday, I questioned Russia’s involvement in mass surveillance on live television. I asked Russia’s president, Vladimir Putin, a question that cannot credibly be answered in the negative by any leader who runs a modern, intrusive surveillance program: “Does [your country] intercept, analyse or store millions of individuals’ communications?”

I went on to challenge whether, even if such a mass surveillance program were effective and technically legal, it could ever be morally justified.

The question was intended to mirror the now infamous exchange in US Senate intelligence committee hearings between senator Ron Wyden and the director of national intelligence, James Clapper, about whether the NSA collected records on millions of Americans, and to invite either an important concession or a clear evasion. (See a side-by-side comparison of Wyden’s question and mine here.)

Clapper’s lie – to the Senate and to the public – was a major motivating force behind my decision to go public, and a historic example of the importance of official accountability.

In his response, Putin denied the first part of the question and dodged on the latter. There are serious inconsistencies in his denial – and we’ll get to them soon – but it was not the president’s suspiciously narrow answer that was criticised by many pundits. It was that I had chosen to ask a question at all.

I was surprised that people who witnessed me risk my life to expose the surveillance practices of my own country could not believe that I might also criticise the surveillance policies of Russia, a country to which I have sworn no allegiance, without ulterior motive. I regret that my question could be misinterpreted, and that it enabled many to ignore the substance of the question – and Putin’s evasive response – in order to speculate, wildly and incorrectly, about my motives for asking it.


Snowden asks Putin about Russian surveillance during phone-in – video | World news | theguardian.com

Snowden asks Putin about Russian surveillance during phone-in – video | World news | theguardian.com.

Edward Snowden calls in to ask a question of the Russian president, Vladimir Putin, during a televised phone-in. Putin denies Russia is involved in ‘mass, indiscriminate’ surveillance but says they use modern means to fight terrorism. Whistleblower Edward Snowden was granted asylum in Russia in 2013