Japan Made Secret Deals With the NSA That Expanded Global Surveillance

The documents, published Monday in collaboration with Japanese news broadcaster NHK, reveal the complicated relationship the NSA has maintained with Japan over a period of more than six decades. Japan has allowed NSA to maintain at least three bases on its territory and contributed more than half a billion dollars to help finance the NSA’s facilities and operations. In return, NSA has kitted out Japanese spies with powerful surveillance tools and shared intelligence with them. However, there is a duplicitous dimension to the partnership. While the NSA has maintained friendly ties with its Japanese counterparts and benefited from their financial generosity, at the same time it has secretly spied on Japanese officials and institutions.

Fuente: Japan Made Secret Deals With the NSA That Expanded Global Surveillance


Ciberguerra: cuando el arma más poderosa es un ejército de hackers

La ciberguerra ha dejado de ser una excentricidad reservada a actos aislados, a pequeñas cosas. Las nuevas tecnologías forman parte de los civiles y sus ejércitos. Y atacarlas se ha puesto a la par de la guerra convencional.

Fuente: Ciberguerra: cuando el arma más poderosa es un ejército de hackers


Someone Is Learning How to Take Down the Internet – Schneier on Security

Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don’t know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses.

Fuente: Someone Is Learning How to Take Down the Internet – Schneier on Security


Israeli firm accused of creating iPhone spyware | World news | The Guardian

An Israeli technology company has been accused of creating and supplying an aggressive interception program capable of taking over Apple’s iPhones and turning them into remote spying devices, after it was allegedly used to target a Middle Eastern human rights activist and others.

Fuente: Israeli firm accused of creating iPhone spyware | World news | The Guardian


“La ciberguerra sería una forma de terrorismo de Estado”

El libro pretende incentivar la mirada crítica entre el gran público ante los acontecimientos calificados de “ciberguerra” y alertar de la coartada que puede proporcionar el tremendismo sensacionalista en estos temas a quienes pretenden recortar libertades o privacidad.

Fuente: “La ciberguerra sería una forma de terrorismo de Estado”


Ejército alemán contará con una división contra ataques cibernéticos – El Mostrador

El Ejército alemán contará con una división encargada de combatir los ataques cibernéticos, anunció esta semana la ministra de Defensa Ursula von der Leyen.

Fuente: Ejército alemán contará con una división contra ataques cibernéticos – El Mostrador


Exclusive: Snowden intelligence docs reveal UK spooks' malware checklist / Boing Boing

Boing Boing is proud to publish two original documents disclosed by Edward Snowden, in connection with “Sherlock Holmes and the Adventure of the Extraordinary Rendition,” a short story …

Fuente: Exclusive: Snowden intelligence docs reveal UK spooks’ malware checklist / Boing Boing


‘Trident is old technology’: the brave new world of cyber warfare | Technology | The Guardian

Forget debates about Britain’s nuclear deterrent. New technology means a country can be brought to its knees with the click of a mouse

Fuente: ‘Trident is old technology’: the brave new world of cyber warfare | Technology | The Guardian


EE.UU. ‘quebrantó’ las redes informáticas de Corea del Norte en 2010 – El Mostrador

EE.UU. ‘quebrantó’ las redes informáticas de Corea del Norte en 2010 – El Mostrador.

La Agencia de Seguridad Nacional logró romper las barreras informáticas en 2010 y entrar en los sistemas norcoreanos a través de las redes chinas que conectan a este país con el resto del mundo.

eeuucoreadelnorte

Estados Unidos “quebrantó” las redes informáticas de Corea del Norte en 2010 y por eso supo que el país estaba detrás del ataque a Sony Pictures, reportaron The New York Times y Der Spiegel.

Corea del Norte dedicó dos meses a entrar en los sistemas de Sony después de que la empresa anunciara sus planes para producir una comedia sobre el asesinato del líder de este país, titulada “The Interview”.

La Agencia de Seguridad Nacional logró romper las barreras informáticas en 2010 y entrar en los sistemas norcoreanos a través de las redes chinas que conectan a este país con el resto del mundo.

Corea del Norte ha negado repetidamente su responsabilidad en el ciberataque contra Sony.


Cuentas en redes de Comando Central de EE.UU. hackeadas por “simpatizantes” de EI – El Mostrador

Cuentas en redes de Comando Central de EE.UU. hackeadas por “simpatizantes” de EI – El Mostrador.

Centcom es el comando estadounidense que maneja las operaciones en Medio Oriente, Asia Central y Africa del Norte, y por tanto es donde se coordina la ofensiva contra EI en Irak y Siria.

EI

Algunas cuentas de redes sociales del Comando Central del Ejército de Estados Unidos (CentCom) fueron hackeadas este lunes por un grupo que se declaró simpatizante de Estado Islámico.

Centcom es el comando estadounidense que maneja las operaciones en Medio Oriente, Asia Central y Africa del Norte, y por tanto es donde se coordina la ofensiva contra EI en Irak y Siria.

En la cuenta de Twitter se pudo observar como los piratas informáticos cambiaron las imágenes de la cuenta y ubicaron la de un hombre encapuchado y el siguiente mensaje: “El cibercalifato continúa su ciber yihad. Ya está aquí. Estamos en sus PCs. En cada base militar”.

También fue publicada una lista de generales y una lista de direcciones aparentemente asociadas a ellos.

Además se colocó una serie de lo que parece ser documentos militares vinculados a China y Corea del Norte.

En el sitio de YouTube fueron colocados videos de propaganda del grupo mostrando operaciones militares.


US Central Command Twitter account hacked to read 'I love Isis' | US news | theguardian.com

US Central Command Twitter account hacked to read ‘I love Isis’ | US news | theguardian.com.

Twitter avatar used by @CENTCOM was replaced with an image of a masked militant and the legends ‘CyberCaliphate’ and ‘I love Isis’

US Central Command
Central Command said it was aware of the apparent hack.

The Twitter account for US military forces in the Middle East and South Asia was hacked on Monday.

@CENTCOM, the account used by the US Central Command, tweetedout “messages from Islamic State (Isis) sympathizers threatening attacks on US military personnel”. Other tweets contained contact details for current and retired senior officers, though they did not appear to disseminate classified material.

The Twitter avatar used by the command was replaced with an image of a masked militant and the legends “CyberCaliphate” and “I love Isis”.

Documents and images tweeted out by the hackers did not appear to be classified, despite their boast that Isis had deeply penetrated the cyber defenses of the US military. Other military websites, including Central Command’s, appeared unaffected, and did not show any mark of cybervandalism, let alone any more hostile acts.

A similar avatar appeared on Central Command’s YouTube channel as well, as did at least two pro-Isis videos. Its Facebook account appeared unaffected.

“American soldiers, we are coming, watch your back!” read one tweet.Another claimed: “Isis is already here, we are in your PCs, in each military base.”

Within minutes of the hijacked tweets, the Twitter account switched to a neutral, egg-like avatar as the unauthorized tweets paused. Twitter appeared to have suspended the account shortly after 1pm ET.

The hack happened nearly the same time President Obama was unveiling a plan to require companies to inform customers when their data has been hacked.


Sony hack: sacked employees could be to blame, researchers claim | Film | The Guardian

Sony hack: sacked employees could be to blame, researchers claim | Film | The Guardian.

Sony cancelled the release of the Interview in major cinemas, believing it had been hacked by North Korea in retaliation for the film’s depiction of its leader Kim Jong-un being assasinated Photograph: Veronique Dupont/Getty

Security experts investigating the devastating hack against Sony Pictures appear to be moving away from the theory that the attack was a carried out by North Korea, focusing instead on disgruntled former employees of the firm.

Researchers at Norse cybersecurity claim that six former employees could have compromised the company’s networks, arguing that accessing and navigating selective information would take a detailed knowledge of Sony’s systems.

Norse is not part of the official FBI investigation, but did brief the government on Monday, the company said. Though noting that the findings are “hardly conclusive”, Norse senior vice president Kurt Stammberger told the Security Ledger that nine researchers had begun to explore the theory that an insider with motive against Sony would be best placed to execute a hack.

“The FBI points to reused code from previous attacks associated with North Korea, as well as similarities in the networks used to launch the attacks,” said writer Bruce Schneier. “This sort of evidence is circumstantial at best. It’s easy to fake, and it’s even easier to interpret it wrong. In general, it’s a situation that rapidly devolves into storytelling, where analysts pick bits and pieces of the ‘evidence’ to suit the narrative they already have worked out in their heads.”

 

Schneier also said that diplomatically, it may suit the US government to be “overconfident in assigning blame for the attack” to try and discourage future attacks by nation states.

 

He also pointed to comments by Harvard law professor Jonathan Zittrain, who said Sony might be encouraged to present the hack as an act or terrorism to help fend of likely lawsuits from current and former employees damaged by leaked material.

“If Sony can characterize this as direct interference by or at the behest of a nation-state, might that somehow earn them the kind of immunity from liability that you might see other companies getting when there’s physical terrorism involved, sponsored by a state?” Zittrain told AP.


Enough with the Sony hack. Can we all calm down about cyberwar with North Korea already? | Trevor Timm | Comment is free | theguardian.com

Enough with the Sony hack. Can we all calm down about cyberwar with North Korea already? | Trevor Timm | Comment is free | theguardian.com.

Yes, the Interview was just a Seth Rogen stoner movie – and, no, privacy, free speech and World War III are not at stake

the interview movie poster
“We will respond proportionally,” Obama said on Friday. Why should the US be responding offensively at all? Photograph: Sony Pictures

The sanest thing anyone said in Washington this week was a reminder, on the Friday before Christmas, when Barack Obama took a break from oscillating between reassuring rationality and understated fear to make an accidental joke:

It says something about North Korea that it decided to mount an all-out attack about a satirical movie … starring Seth Rogen.

It also says something about the over-the-top rhetoric of United States cybersecurity paranoia that it took the President of the United States to remind us to take a deep breath and exhale, even if Sony abruptly scrapped its poorly reviewed Hollywood blockbuster after nebulous threats from alleged North Korean hackers.

Unfortunately, acting rational seems out of the question at this point. In between making a lot of sense about Sony’s cowardly “mistake” to pull a film based on a childish, unsubstantiated threat, Obama indicated the US planned to respond in some as-yet-unknown way, which sounds a lot like a cyberattack of our own.

“We will respond, we will respond proportionally, and in a place and time that we choose,” Obama said at his year-end news conference. Why should we be responding offensively at all? As the Wall Street Journal’s Danny Yadron reported, a movie studio doesn’t reach the US government’s definition of “critical infrastructure” that would allow its military to respond under existing rules, but that didn’t stop the White House from calling the Sony hack a “national security issue” just a day later.

Let’s put aside for a moment that many security experts haven’t exactly been rushing to agree with the FBI’s cut-and-dry conclusion that “the North Korean government is responsible” for the hack. Wired’s Kim Zetter wrote a detailed analysis about why the evidence accusing North Korea is really flimsy, while other security professionals have weighed in with similar research.

But whoever the hackers are, can we stop calling them “cyber-terrorists,”like Motion Picture Association of America chairman Chris Dodd did on Friday? They may be sadistic pranksters, extortionists and assholes, but anonymously posting a juvenile and vague word jumble incorporating “9/11” that has no connection to reality does not make them terrorist masterminds. That’s giving whoever did it way too much credit.


Flame, el código malicioso más complejo para ciberespiar

http://internacional.elpais.com/internacional/2012/05/28/actualidad/1338218887_695257.html

Los 600 ordenadores afectados se encuentran en Irán, Israel, Palestina, Siria, Sudán y Egipto

El patógeno informático podría llevar cinco años en circulación, según Kaspersky

La empresa de seguridad en Internet Karspersky, con sede en Moscú, ha detectado el virus Flame, diseñado para recopilar y robar información estratégica. Se trata del software de espionaje más complejo que se ha descubierto, y ha estado funcionando al menos durante cinco años, según la compañía. La mayoría de los ordenadores afectados, Kaspersky ha detectado unos 600, se encuentra en Irán, Israel, Palestina y Siria, seguidos de otros países de fuera de esa región, como Sudán.