NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet

The supercomputer described in the trove, “WindsorGreen,” was a system designed to excel at the sort of complex mathematics that underlies encryption, the technology that keeps data private, and almost certainly intended for use by the Defense Department’s signals intelligence wing, the National Security Agency. WindsorGreen was the successor to another password-cracking machine used by the NSA, “WindsorBlue,” which was also documented in the material leaked from NYU and which had been previously described in the Norwegian press thanks to a document provided by National Security Agency whistleblower Edward Snowden. Both systems were intended for use by the Pentagon and a select few other Western governments, including Canada and Norway.

Fuente: NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet


Japan Made Secret Deals With the NSA That Expanded Global Surveillance

The documents, published Monday in collaboration with Japanese news broadcaster NHK, reveal the complicated relationship the NSA has maintained with Japan over a period of more than six decades. Japan has allowed NSA to maintain at least three bases on its territory and contributed more than half a billion dollars to help finance the NSA’s facilities and operations. In return, NSA has kitted out Japanese spies with powerful surveillance tools and shared intelligence with them. However, there is a duplicitous dimension to the partnership. While the NSA has maintained friendly ties with its Japanese counterparts and benefited from their financial generosity, at the same time it has secretly spied on Japanese officials and institutions.

Fuente: Japan Made Secret Deals With the NSA That Expanded Global Surveillance


Apple Says It Fixed CIA Vulnerabilities Years Ago

Yesterday, WikiLeaks released its latest batch of pilfered CIA material, five documents describing malicious software for taking over Apple MacBooks and iPhones, and wrote in an accompanying post that “the CIA has been infecting the iPhone supply chain of its targets,” prompting concerned readers to wonder if their iPhone or MacBook had been infected on the factory floor. In a statement, Apple says that is almost certainly not the case.

Fuente: Apple Says It Fixed CIA Vulnerabilities Years Ago


Malware Attacks Used by the U.S. Government Retain Potency for Many Years, New Evidence Indicates

A new report from Rand Corp. may help shed light on the government’s arsenal of malicious software, including the size of its stockpile of so-called “zero days” — hacks that hit undisclosed vulnerabilities in computers, smartphones, and other digital devices.The report also provides evidence that such vulnerabilities are long lasting. The findings are of particular interest because not much is known about the U.S. government’s controversial use of zero days.

Fuente: Malware Attacks Used by the U.S. Government Retain Potency for Many Years, New Evidence Indicates


The U.S. Government Thinks Thousands of Russian Hackers May Be Reading My Blog. They Aren’t.

It’s plausible, and in my opinion likely, that hackers under orders from the Russian government were responsible for the DNC and Podesta hacks in order to influence the U.S. election in favor of Donald Trump. But the Grizzly Steppe report fails to adequately back up this claim. My research, for example, shows that much of the evidence presented is evidence of nothing at all.

Fuente: The U.S. Government Thinks Thousands of Russian Hackers May Be Reading My Blog. They Aren’t.


Top-Secret Snowden Document Reveals What the NSA Knew About Previous Russian Hacking

Now, a never-before-published top-secret document provided by whistleblower Edward Snowden suggests the NSA has a way of collecting evidence of Russian hacks, because the agency tracked a similar hack before in the case of a prominent Russian journalist, who was also a U.S. citizen.

Fuente: Top-Secret Snowden Document Reveals What the NSA Knew About Previous Russian Hacking


New York’s New Digital Crime Lab Is a Forensic Marvel

In an exclusive tour of the new lab, Fortune got a glimpse of Law & Order in the digital age. The lab is Exhibit A in how America’s biggest city is embracing big data analytics and a dash of hacker culture to solve complex crimes. It also raises hard questions about how to balance these sophisticated crime-fighting tools with civil liberties.

Fuente: New York’s New Digital Crime Lab Is a Forensic Marvel


When the FBI Has a Phone It Can’t Crack, It Calls These Israeli Hackers

just as Apple has come to be seen as a warrior for digital protection and privacy against overreaching government surveillance, Cellebrite is emerging as its law-and-order counterpart, endeavoring to build tools to break through the barriers Apple and other phone makers erect to protect data.

Fuente: When the FBI Has a Phone It Can’t Crack, It Calls These Israeli Hackers


Hillary Clinton’s Encryption Proposal Was “Impossible,” Said Top Adviser

Hillary Clinton’s advisers recognized that her policy position on encryption was problematic, with one writing that it was tantamount to insisting that there was “‘some way’ to do the impossible.”Instead, according to campaign emails released by Wikileaks, they suggested that the campaign signal its willingness to use “malware” or “super code breaking by the NSA” to get around encryption.

Fuente: Hillary Clinton’s Encryption Proposal Was “Impossible,” Said Top Adviser


Ex-Yahoo Employee: Government Spy Program Could Have Given a Hacker Access to All Email

Contrary to a denial by Yahoo and a report by the New York Times, the company’s scanning program, revealed earlier this week by Reuters, provided the government with a custom-built back door into the company’s mail service — and it was so sloppily installed that it posed a privacy hazard for hundreds of millions of users, according to a former Yahoo employee with knowledge of the company’s security practices.

Fuente: Ex-Yahoo Employee: Government Spy Program Could Have Given a Hacker Access to All Email


Long-Secret Stingray Manuals Detail How Police Can Spy on Phones

Harris Corp.’s Stingray surveillance device has been one of the most closely-guarded secrets in law enforcement for more than 15 years. The company and its police clients across the United States have fought to keep information about the mobile-phone-monitoring boxes from the public against which they are used. The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet.

Fuente: Long-Secret Stingray Manuals Detail How Police Can Spy on Phones


The NSA’s British Base at the Heart of U.S. Targeted Killing

in the heart of the tranquil English countryside, is the National Security Agency’s largest overseas spying base. Originally used to monitor Soviet communications through the Cold War, its focus has since dramatically shifted, and today it is a vital part of the NSA’s sprawling global surveillance network.

Fuente: The NSA’s British Base at the Heart of U.S. Targeted Killing


Hackean grupo de espionaje de la NSA y subastan información por 1 millón de bitcoins | CriptoNoticias – Bitcoin, Blockchain y criptomonedas

Un grupo de hackers vinculado a la Agencia de Seguridad Nacional de los Estados Unidos, mejor conocida como la NSA (National Security Agency), ha sido hackeado recientemente y sus herramientas de espionaje, recolección de información, malware y más, han sido puestas en venta por 1 millón de bitcoins (más de 550 millones de dólares al momento de la publicación).

Fuente: Hackean grupo de espionaje de la NSA y subastan información por 1 millón de bitcoins | CriptoNoticias – Bitcoin, Blockchain y criptomonedas


¿Son estas las armas de espionaje de la NSA? | Derechos Digitales

Un grupo de hackers dice haber obtenido información confidencial de Equation Group, un conocido y sofisticado grupo de ciber atacantes ligado a la NSA. Parte de la información publicada permite por primera vez echar un vistazo a las herramientas utilizadas por la agencia de seguridad estadounidense.

Fuente: ¿Son estas las armas de espionaje de la NSA? | Derechos Digitales


FBI’s Secret Surveillance Tech Budget Is ‘Hundreds of Millions’

The FBI has “hundreds of millions of dollars” to spend on developing technology for use in both national security and domestic law enforcement investigations — but it won’t reveal the exact amount.

Fuente: FBI’s Secret Surveillance Tech Budget Is ‘Hundreds of Millions’


‘Crypto Wars’ timeline: A history of the new encryption debate

Encryption is finally mainstream.Government officials and technologists have been debating since the early 1990s whether to limit the strength of encryption to help the law-enforcement and intelligence communities monitor suspects’ communications. But until early 2016, this was a mostly esoteric fight, relegated to academic conferences, security agencies’ C-suites, and the back rooms of Capitol Hill.Everything changed in mid-February, when President Barack Obama’s Justice Department, investigating the terrorists who carried out the San Bernardino, California, shooting, asked a federal judge to force Apple to help the Federal Bureau of Investigation unlock one attacker’s iPhone.What followed was an unexpectedly rancorous and unprecedentedly public fight over how far the government should go to pierce and degrade commercial security technology in its quest to protect Americans from terrorism.

Fuente: ‘Crypto Wars’ timeline: A history of the new encryption debate


Government keeping its method to crack San Bernardino iPhone ‘classified’ | Technology | The Guardian

Revealed: After postponing a court hearing with Apple, the FBI is testing a new technique which Apple says they will pressure government to reveal

Fuente: Government keeping its method to crack San Bernardino iPhone ‘classified’ | Technology | The Guardian


Facebook, Google and WhatsApp plan to increase encryption of user data | Technology | The Guardian

Spurred on by Apple’s battles against the FBI, some of tech’s biggest names are to expand encryption of user data in their services, the Guardian can reveal

Fuente: Facebook, Google and WhatsApp plan to increase encryption of user data | Technology | The Guardian


Apple’s FBI Battle Is Complicated. Here’s What’s Really Going On | WIRED

The news this week that a magistrate ordered Apple to help the FBI hack an iPhone used by one of the San Bernardino shooter suspects has polarized the nation—and also generated some misinformation.  In the interest of clarifying the facts and correcting some misinformation, we’ve pulled together a summary of the issues at hand.

Fuente: Apple’s FBI Battle Is Complicated. Here’s What’s Really Going On | WIRED


Apple to beef up customers’ iCloud encryption – FT.com

Apple is working on new ways to strengthen the encryption of customers’ iCloud backups in a way that would make it impossible for the company to comply with valid requests for data from law enforcement, according to people familiar with its plans.

Fuente: Apple to beef up customers’ iCloud encryption – FT.com


Intel Security’s Chris Young tells cyber sector to go on offensive – FT.com

Intel Security’s Chris Young tells cyber sector to go on offensive – FT.com.

 

Hacker; Cyber Security

The president of Intel Security has admonished the cyber security industry for being “too reactive” and focusing on the symptoms of attacks rather than the underlying causes.

Chris Young said that the sector had become “bogged down” in data while cyber attackers get better funded, more innovative and improve their skills.

“In security we’re chasing the symptoms like malware and vulnerabilities when we’d be smarter if we knew the context of attacks, who the attackers are and why do I care about them.”“We are swimming in symptoms but we don’t really understand the problem in many cases. To use a human analogy, I’m sneezing, I can’t breathe easily, I have a runny nose: do I have a cold, flu or allergies?” he said.

Mr Young told the Financial Times at the RSA cyber security conference that President Barack Obama’s new information sharing proposals, announced in the State of the Union speech, risk creating a flood of new data on attacks that few companies are skilled at processing. The US House of Representatives could vote on the bill this week.

 


The government will hide its surveillance programs. But they won't eliminate them | Trevor Timm | Comment is free | The Guardian

The government will hide its surveillance programs. But they won’t eliminate them | Trevor Timm | Comment is free | The Guardian.

 Wnsahen will the government stop listening in to our conversations? Photograph: age fotostock / Alamy/Alamy

Want to see how secrecy is corrosive to democracy? Look no further than a series of explosive investigations by various news organizations this week that show the government hiding surveillance programs purely to prevent a giant public backlash.

USA Today’s Brad Heath published a blockbuster story on Monday about the Drug Enforcement Agency (DEA) running a massive domestic spying operation parallel to the NSA’s that was tracking billions of international calls made by Americans. They kept it secret for more than two decades. According to the USA Today report, the spying program was not only used against alleged terrorist activity, but countless supposed drug crimes, as well as “to identify US suspects in a wide range of other investigations”. And they collected information on millions of completely innocent Americans along the way.

Heath’s story is awash with incredible detail and should be read in full, but one of the most interesting parts was buried near the end: the program was shut down by the Justice Department after the Snowden leaks, not because Snowden exposed the program, but because they knew that when the program eventually would leak, the government would have no arguments to defend it.

The justification they were using for the NSA’s program – that it was only being used against dangerous terrorists, not ordinary criminals – just wasn’t true with the DEA. The public would clearly be outraged by the twisted legal justification that radically re-interpreted US law in complete secrecy. “They couldn’t defend both programs”, a former Justice Department official told Heath. The piece also reveals that Attorney General Eric “didn’t think we should have that information” in the first place, which is interesting because Holder was one of the first Justice Department officials to approve the program during the Clinton administration. It’s nice he came to his senses, but if the program never risked going public, would he have felt the same?

There are many other surveillance programs the government is desperate to keep hidden. Consider Stingray devices, the mini fake cell phone towers that can vacuum up cell phone data of entire neighborhoods at the same time and which are increasingly being used by local cops all around the country. The Associated Press reported this week that the Baltimore police have used these controversial devices thousands of times in the course of ordinary investigations and have tried to hide how the devices are used from judges.

The lengths to which the FBI will go to keep these devices secret from the public is alarming. As a Guardian investigation detailed on Friday, the FBI makes local police that use them sign non-disclosure agreements, and goes as far as to direct them to dismiss charges against potential criminals if the phone surveillance will be exposed at trial (like is required by due process rights in the Fifth Amendment).


New smoking gun further ties NSA to omnipotent “Equation Group” hackers | Ars Technica

New smoking gun further ties NSA to omnipotent “Equation Group” hackers | Ars Technica.

What are the chances unrelated state-sponsored projects were both named “BACKSNARF”?

 

 

 

Researchers from Moscow-based Kaspersky Lab have uncovered more evidence tying the US National Security Agency to a nearly omnipotent group of hackers who operated undetected for at least 14 years.

 

The Kaspersky researchers once again stopped short of saying the hacking collective they dubbed Equation Group was the handiwork of the NSA, saying only that the operation had to have been sponsored by a nation-state with nearly unlimited resources to dedicate to the project. Still, they heaped new findings on top of a mountain of existing evidence that already strongly implicated the spy agency. The strongest new tie to the NSA was the string “BACKSNARF_AB25” discovered only a few days ago embedded in a newly found sample of the Equation Group espionage platform dubbed “EquationDrug.” “BACKSNARF,” according to page 19 of this undated NSA presentation, was the name of a project tied to the NSA’s Tailored Access Operations.


La CIA intenta hace años descifrar los aparatos Apple – BioBioChile

La CIA intenta hace años descifrar los aparatos Apple – BioBioChile.


AFP Photo

AFP Photo

Publicado por Eduardo Woo | La Información es de Agencia AFP
La CIA trabaja desde hace años en descifrar la encriptación de los aparatos Apple a fin de poder espiar las comunicaciones realizadas desde los iPhones y iPads, afirma una investigación publicada el martes por un diario estadounidense.

The Intercept, diario en línea dirigido por Glenn Greenwald, se sustenta en documentos secretos develados por Edward Snowden para afirmar que la Agencia Central de Inteligencia (CIA) intenta desde 2006, es decir un año antes del lanzamiento del iPhone, penetrar las claves cifradas de los aparatos Apple.


CIA 'tried to crack security of Apple devices' | Technology | The Guardian

CIA ‘tried to crack security of Apple devices’ | Technology | The Guardian.

 

The Apple logoThe revelations, published by the Intercept online news organisation, are likely to further strain the relationship between Apple and the US government. Photograph: Yuya Shino/Reuters

The CIA led sophisticated intelligence agency efforts to undermine the encryption used in Apple phones, as well as insert secret surveillance back doors into apps, top-secret documents published by the Intercept online news site have revealed.

The newly disclosed documents from the National Security Agency’s internal systems show surveillance methods were presented at its secret annual conference, known as the “jamboree”.

The most serious of the various attacks disclosed at the event was the creation of a dummy version of Apple’s development software Xcode, which is used by developers to create apps for iOS devices.

The modified version of Xcode would allow the CIA, NSA or other agencies to insert surveillance backdoors into any app created using the compromised development software. The revelation has already provoked a strong backlash among security researchers on Twitter and elsewhere, and is likely to prompt security audits among Apple developers.

The latest revelations of sustained hacking efforts against Apple devices are set to further strain already difficult relations between the technology company and the US government.

Apple had previously been a partner in the Prism programme, in effect a legal backdoor to obtain user information by the NSA and its allies, but in the wake of the Snowden revelations it has stepped up efforts to protect user privacy, including introducing end-to-end encryption on iMessages.


iSpy: The CIA Campaign to Steal Apple's Secrets

iSpy: The CIA Campaign to Steal Apple’s Secrets.

 

 

RESEARCHERS WORKING with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s iPhones and iPads, according to top-secret documents obtained by The Intercept.

 

The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.

 

By targeting essential security keys used to encrypt data stored on Apple’s devices, the researchers have sought to thwart the company’s attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.


CIA to make sweeping structural changes with focus on cyber operations | US news | The Guardian

CIA to make sweeping structural changes with focus on cyber operations | US news | The Guardian.

 CIA headquartersA workman slides a dustmop over the floor at the Central Intelligence Agency headquarters in Langley, Virginia. Photograph: J Scott Applewhite/AP

CIA director John Brennan on Friday announced a major organizational overhaul of the intelligence agency, including the creation of an entirely new fifth wing to be known as the “directorate of digital innovation”.

The changes were designed to improve handling of cyber threats and the use of digital technology, streamline management, enhance recruiting and training and encourage intra-agency information sharing, Brennan said in a memo posted on the CIA website and in a briefing with reporters.

“Never has the need for the full and unfettered integration of our capabilities been greater,” Brennan said in the memo, comparing the restructuring to the agency’s post-9/11 “response to the emergence of global terrorism”.

In addition to the creation of the digital directorate, Brennan’s blueprint establishes 10 new “mission centers” to pool expertise and operations on a particular region or threat. Four longtime agency directorates – the organizational bones of the agency, historically – would remain in place, although two would take on different names.

The reorganization announced Friday follows major shifts in the CIA’s role and operations after 9/11, when the agency took up drone warfare and was reinvented, in some analyses, as a paramilitary organization.


Apple and Google 'FREAK attack' leaves millions of users vulnerable to hackers | Technology | The Guardian

Apple and Google ‘FREAK attack’ leaves millions of users vulnerable to hackers | Technology | The Guardian.

The Apple logo inside an Apple store in Tokyo. The company is working to fix a potential security issue which could leave devices vulnerable to hackers. The Apple logo inside an Apple store in Tokyo. The company is working to fix a potential security issue which could leave devices vulnerable to hackers. Photograph: Yuya Shino/Reuters

Millions of people may have been left vulnerable to hackers while surfing the web on Apple and Google devices, thanks to a newly discovered security flaw known as “FREAK attack.”

There’s no evidence so far that any hackers have exploited the weakness, which companies are now moving to repair. Researchers blame the problem on an old government policy, abandoned over a decade ago, which required US software makers to use weaker security in encryption programs sold overseas due to national security concerns.

Many popular websites and some internet browsers continued to accept the weaker software, or can be tricked into using it, according to experts at several research institutions who reported their findings Tuesday.

They said that could make it easier for hackers to break the encryption that’s supposed to prevent digital eavesdropping when a visitor types sensitive information into a website.

About a third of all encrypted websites were vulnerable as of Tuesday, including sites operated by American Express, Groupon, Kohl’s, Marriott and some government agencies, the researchers said.


NSA Claims Iran Learned from Western Cyberattacks – The Intercept

NSA Claims Iran Learned from Western Cyberattacks – The Intercept.

Featured photo - NSA Claims Iran Learned from Western Cyberattacks

The U.S. Government often warns of increasingly sophisticated cyberattacks from adversaries, but it may have actually contributed to those capabilities in the case of Iran.

top secret National Security Agency document from April 2013 reveals that the U.S. intelligence community is worried that the West’s campaign of aggressive and sophisticated cyberattacks enabled Iran to improve its own capabilities by studying and then replicating those tactics.

The NSA is specifically concerned that Iran’s cyberweapons will become increasingly potent and sophisticated by virtue of learning from the attacks that have been launched against that country. “Iran’s destructive cyber attack against Saudi Aramco in August 2012, during which data was destroyed on tens of thousands of computers, was the first such attack NSA has observed from this adversary,” the NSA document states. “Iran, having been a victim of a similar cyber attack against its own oil industry in April 2012, has demonstrated a clear ability to learn from the capabilities and actions of others.”

The document was provided to The Intercept by NSA whistleblower Edward Snowden, and was prepared in connection with a planned meeting with Government Communications Headquarters, the British surveillance agency. The document references joint surveillance successes such as “support to policymakers during the multiple rounds of P5 plus 1 negotiations,” referring to the ongoing talks between the five permanent members of the U.N. Security Council, Germany and Iran to forge an agreement over Iran’s nuclear program.


Nueva documentación de Snowden: La NSA vigila los cambios en servidores de internet

Nueva documentación de Snowden: La NSA vigila los cambios en servidores de internet.


E-mail
Escrito por Pablo Elorduy / Diagonal
Jueves, 29 de Enero de 2015 00:00

Documentos publicados por Filtrala.org exponen que la agencia utiliza un programa camuflado para obtener metadatos de los servidores DNS y las direcciones HTTP. 

El programa Morecowbell (literalmente “más cencerro”, que tomaría su nombre de un popular skecth de Saturday Night Life) vuelve a poner en evidencia las maniobras de la Agencia de Seguridad Nacional estadounidense, NSA.

Documentos secretos publicados el 24 de enero por Filtrala.org, plataforma en la que participan eldiario.es, La Marea, Mongolia y Diagonal, y la web AWP, demuestran cómo la NSA está utilizando una estructura de camuflaje para hacer solicitudes a los servidores DNS, base del sistema de nombres de dominios a través del que funciona el internet que conocemos. Los documentos, en forma de presentación del tipo powerpoint, muestran las estrategias usadas por la NSA para que sus solicitudes de información a los DNS, miles cada hora, queden camufladas. El objetivo, obtener los metadatos (por ejemplo registros de llamadas, tráfico de internet o datos de localización) sobre servicios presentes en los DNS y las peticiones HTTP. Los documentos a los que Diagonal ha tenido acceso hoy detallan que la NSA ha alquilado servidores en Malasia, Alemania y Dinamarca.

La estructura utilizada es hasta cierto punto sencilla. La agencia tiene agencias de monitoreo que funcionan mediante varios bots morecowbell, que solicitan información DNS en común y solicitudes HTTP por separado al website de referencia, por ejemplo Filtrala.org. Esos bots envían la información directa y regularmente a la infraestructura de la NSA, que analiza los resultados.


Cops Are Handing Out Spyware to Parents—With Zero Oversight | WIRED

Cops Are Handing Out Spyware to Parents—With Zero Oversight | WIRED.

Mere days after a government crackdown on a spyware manufacturer comes the startling revelation that law enforcement agencies have been purchasing commercial spyware themselves and handing it out to the public for free.

Police departments around the country have been distributing thousands of free copies of spyware to parents to monitor their children’s activity, a fact that’s come to light in the wake of a federal indictment this week against the maker of one commercial spyware tool on wiretapping charges.

The tool being distributed by agencies, known as ComputerCOP, has been purchased in bulk by more than two hundred police departments in thirty-five states as well as by sheriff’s offices and district attorneys. It’s designed to search computers for files and videos based on a keyword dictionary that comes with the software and also can log every keystroke on a computer, sending some of that data—in an unsecured manner—to a server belonging to the company that makes the software.

But according to the Electronic Frontier Foundation, which examined the spyware and uncovered the arrangement with law enforcement agencies, the spyware works badly and there is nothing to prevent parents who receive it from using it against other adults.

Computer Cop Promotional Poster

Computer Cop Promotional Poster EFF

“It’s certainly ironic that law enforcement agencies are going after spyware makers while also distributing software that could be used for the same purposes,” says Dave Maas, an investigator with the EFF. “Obviously there’s a difference in how these were marketed by the maker. But certainly law enforcement needs to train their magnifying glasses on their own operations.”


Rusia y Occidente aceleran su ciberguerra | SurySur

Rusia y Occidente aceleran su ciberguerra | SurySur.

 

ciberguerra

Según un comandante de EE.UU., la anexión de Crimea por parte de Rusia y el posterior conflicto que estalló en Ucrania demostraron que Rusia supo integrar en su operativo militar una estrategia ciberofensiva que resultó muy eficaz.

La confrontación en curso entre Rusia y Occidente reactivó una disciplina cuyo imaginario ha sido alimentado por la informática, el cine, la literatura, los rumores y un puñado de hechos constatados: la ciberguerra. El desplazamiento de un conflicto desde un territorio al ciberespacio lleva años generando especulaciones y, en algunos casos, enfrentamientos reales como el ciberataque masivo de que fue objeto Estonia en 2007, el ataque contra los sistemas de misiles aire-tierra de Siria en el mismo año, los operativos en Georgia, el permanente hostigamiento digital que protagonizan China y Estados Unidos, o la operación (2010) contra el programa nuclear iraní urdida por Estados Unidos e Israel mediante el virus Stuxnet. Este dispositivo es el descendiente del programa Olympic Games desarrollado por la NSA norteamericana y la unidad 8200 de Israel. La crisis que se desató con Rusia aceleró el recurso a la ciberguerra. Durante la última cumbre –4 y 5 de septiembre– celebrada en plena crisis con Moscú, la OTAN actualizó sus estándares de defensa de Europa por medio de un programa llamado política de ciberdefensa reforzada. Según el comandante norteamericano de las fuerzas aliadas en Europa, la anexión de Crimea por parte de Rusia y el posterior conflicto que estalló en Ucrania demostraron que Rusia supo integrar en su operativo militar una estrategia ciberofensiva que resultó muy eficaz. Moscú habría conseguido interrumpir todas las comunicaciones electrónicas entre las tropas ucranianas estacionadas en la península y los centros de comando repetidos en el resto de Ucrania. Este es el argumento de Occidente para desarrollar en el ciberespacio un frente de conflicto.

El documento elaborado por la OTAN sobre la ciberguerra es de hecho una postura amenazante. La Alianza Atlántica extendió al ciberespacio todas las garantías del Tratado. Ello quiere decir que cualquier ataque contra las redes informáticas de un país miembro será considerado como un ataque contra todos, o sea, equivalente a una agresión clásica. Occidente crea con este texto un ciberespacio “indivisible”. La consecuencia es evidente: si un Estado exterior a la Alianza Atlántica aparece como responsable de un ciberataque será objeto de represalias que pueden incluir incluso los medios clásicos. Con su recurrente cinismo hambriento de confrontaciones, la Alianza Atlántica hace el papel de futura víctima como si la OTAN o sus miembros más poderosos, Estados Unidos por ejemplo, nunca hubiesen lanzado ciberataques contra alguno de sus adversarios, o espiado la intimidad de cada ser humano del planeta mediante el dispositivo Prism montado por la Agencia Nacional de Seguridad, la NSA, con la servil colaboración de empresas privadas –Google, Yahoo, Facebook, Microsoft, etc.–. Sorin Ducaru, adjunto al secretario general de la OTAN y encargado de los “desafíos emergentes” aclaró que el organismo se limitará a defenderse. Según Ducaru, está “excluido lanzar operaciones ciberofensivas. Estás son del dominio de cada país miembro”.


The U.S. Government's Secret Plans to Spy for American Corporations – The Intercept

The U.S. Government’s Secret Plans to Spy for American Corporations – The Intercept.

By

Featured photo - The U.S. Government’s Secret Plans to Spy for American Corporations

Throughout the last year, the U.S. government has repeatedly insisted that it does not engage in economic and industrial espionage, in an effort to distinguish its own spying from China’s infiltrations of Google, Nortel, and other corporate targets. So critical is this denial to the U.S. government that last August, an NSA spokesperson emailed The Washington Post to say (emphasis in original): “The department does ***not*** engage in economic espionage in any domain, including cyber.”

After that categorical statement to the Post, the NSA was caught spying on plainly financial targets such as the Brazilian oil giant Petrobraseconomic summitsinternational credit card and banking systems; the EU antitrust commissioner investigating Google, Microsoft, and Intel; and the International Monetary Fund and World Bank. In response, the U.S. modified its denial to acknowledge that it does engage in economic spying, but unlike China, the spying is never done to benefit American corporations.

Director of National Intelligence James Clapper, for instance, responded to the Petrobras revelations by claiming: “It is not a secret that the Intelligence Community collects information about economic and financial matters…. What we do not do, as we have said many times, is use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of—or give intelligence we collect to—U.S. companies to enhance their international competitiveness or increase their bottom line.”

But a secret 2009 report issued by Clapper’s own office explicitly contemplates doing exactly that. The document, the 2009 Quadrennial Intelligence Community Review—provided by NSA whistleblower Edward Snowden—is a fascinating window into the mindset of America’s spies as they identify future threats to the U.S. and lay out the actions the U.S. intelligence community should take in response. It anticipates a series of potential scenarios the U.S. may face in 2025, from a “China/Russia/India/Iran centered bloc [that] challenges U.S. supremacy” to a world in which “identity-based groups supplant nation-states,” and games out how the U.S. intelligence community should operate in those alternative futures—the idea being to assess “the most challenging issues [the U.S.] could face beyond the standard planning cycle.”

One of the principal threats raised in the report is a scenario “in which the United States’ technological and innovative edge slips”— in particular, “that the technological capacity of foreign multinational corporations could outstrip that of U.S. corporations.” Such a development, the report says “could put the United States at a growing—and potentially permanent—disadvantage in crucial areas such as energy, nanotechnology, medicine, and information technology.”

How could U.S. intelligence agencies solve that problem? The report recommends “a multi-pronged, systematic effort to gather open source and proprietary information through overt means, clandestine penetration (through physical and cyber means), and counterintelligence” (emphasis added). In particular, the DNI’s report envisions “cyber operations” to penetrate “covert centers of innovation” such as R&D facilities.


Cómo es el 'Google' secreto de la NSA y cuáles son sus peligros

Cómo es el ‘Google’ secreto de la NSA y cuáles son sus peligros.


La última filtración de los “papeles de Snowden” revela la creación del buscador ICREACH para rastrear entre los metadatos espiados

La herramienta pudo servir para detenciones e interrogatorios de sospechosos

El anterior director de la NSA, Keith Alexander, ahora consultor privado, fue su promotor

Cárcel de Guantánamo. Foto: EFE

Aunque hace más de un año empezaron a salir a la luz las prácticas de espionaje masivo de la NSA con la publicación del rastreo de las llamadas de los usuarios de Verizon, el caso está lejos de cerrarse.

El último de los programas conocidos, revelado por “The Intercept” la semana pasada, es “ICREACH”, un buscador que la NSA habría desarrollado en secreto para rastrear entre miles de millones de metadatos obtenidos en sus actividades de espionaje indiscriminado.

Se trata, entre los sistemas de espionaje hasta ahora desvelados, de uno de los más graves por la cesión de millones de datos registrados a otras agencias como la CIA, el FBI o la DEA (que carecen del control y autorización excepcional con que supuestamente contaría la NSA), porquehabría servido para detenciones e interrogatorios a quienes se consideraban sospechosos “a la luz” del tratamiento de dichos metadatos.

Estas prácticas vulnerarían, tal como apuntaron enseguida las primeras reacciones, la Cuarta Enmienda de la Constitución norteamericana que establece que solo se podrá ser objeto de investigación o detención por causas “razonables”:

“El derecho de los habitantes de que sus personas, domicilios, papeles y efectos se hallen a salvo de pesquisas y aprehensiones arbitrarias, será inviolable, y no se expedirán al efecto mandamientos que no se apoyen en un motivo verosímil…”


Silicon Valley busca novedades | Economía | EL PAÍS

Silicon Valley busca novedades | Economía | EL PAÍS.

La movilidad y las nuevas tecnologías de consumo personal son la clave

Desarrolladores informáticos en San Francisco. / R. GALBRAITH (REUTERS)

Sandhill Road, el Wall Street de la tecnología, tiene una extensión en Soma, el barrio de las startups de San Francisco. No hay un tren de alta velocidad, sino un viejo Caltrain, la línea que cada hora une el valle con la zona de mayor ebullición en la ciudad, Soma, llena de naves industriales reconvertidas en talleres donde se juega a adivinar el futuro. Los inversores, desde los años setenta, mantienen despacho en la calle que cruza con el Camino Real creado por los misioneros españoles; oficialmente, en los mapas es la carretera 101. Ahí tienen su despacho los socios de los grandes fondos de inversión. En San Francisco suelen quedarse los que visitan, escuchan, analizan y preparan informes antes de tomar decisiones, los asociados, la primera línea de frente, los que tratan con jóvenes que pretenden cambiar la mecánica de casi cualquier actividad.

Muy cerca del cuartel general de Facebook se encuentra la oficina de Kleiner, Perkins, Caufield & Byers, conocidos por sus iniciales, KPCB. En estas oficinas, cuyo alquiler no tiene nada que envidiar a los de Manhattan o la City londinense, se rastrean los siguientes negocios que despuntarán en el futuro para apostar por ellos. Randy Komisar, autor de un conocido libro de negocios con toque de autoayuda, El monje y el acertijo, dio uno de los golpes más sonados al invertir en Nest, una empresa fundada por exempleados de Apple en su mayoría y que terminó en manos de Google por 3.200 millones de dólares. Decidió depositar 20 millones con solo el primer power point de un termostato que se controla con el móvil. La plantilla de Nest llegó a 400 personas al pasar a manos de Google. Aun así, Komisar ve difícil que haya novedades en aparatos en Silicon Valley: “Los que entienden de cacharros son los pioneros del valle y esos ya casi se han jubilado”, dice.

Fuente: CB Insights / EL PAÍS

David Golden es socio gestor en Revolution Ventures, una empresa fundada por Steve Case, creador de AOL. Es el último en llegar de los grandes fondos. Surgió en 2008 y ganó gran parte de su prestigio al vender Zipcar, dedicada al alquiler de coches por horas, a Avis por 500 millones de dólares. Golden da un toque de atención con respecto al hardware: “Mucho cuidado. Hay que estudiar bien los productos. Pensar lo que una persona estaría dispuesta a pagar por algo”. Es una clara referencia a Kickstarter e Indie Gogo, las dos plataformas de financiación colectiva más populares. Komisar está en sintonía: “Miden la demanda de un grupo de entusiastas concreto, pero no son fiables. Solo me parece bueno para aprender”. Únicamente muestra interés por las impresoras 3D. “No sé si habrá una en cada casa, como ha pasado con el teléfono o el PC, pero los usos son cada vez más interesantes”, asegura.


ICREACH: How the NSA Built Its Own Secret Google -The Intercept

ICREACH: How the NSA Built Its Own Secret Google -The Intercept.

 

architecture
By 200

The National Security Agency is secretly providing data to nearly two dozen U.S. government agencies with a “Google-like” search engine built to share more than 850 billion records about phone calls, emails, cellphone locations, and internet chats, according to classified documents obtained by The Intercept.

The documents provide the first definitive evidence that the NSA has for years made massive amounts of surveillance data directly accessible to domestic law enforcement agencies. Planning documents for ICREACH, as the search engine is called, cite the Federal Bureau of Investigation and the Drug Enforcement Administration as key participants.

ICREACH contains information on the private communications of foreigners and, it appears, millions of records on American citizens who have not been accused of any wrongdoing. Details about its existence are contained in the archive of materials provided to The Intercept by NSA whistleblower Edward Snowden.

Earlier revelations sourced to the Snowden documents have exposed a multitude of NSA programs for collecting large volumes of communications. The NSA has acknowledged that it shares some of its collected data with domestic agencies like the FBI, but details about the method and scope of its sharing have remained shrouded in secrecy.


Cisco Systems to cut 6000 jobs

Cisco Systems to cut 6000 jobs.

Cisco has had to make more adjustments to counter sluggish sales.Cisco has had to make more adjustments to counter sluggish sales. Photo: Albert Gea

In what has become almost an annual ritual, computer networking and communications colossus Cisco Systems on Wednesday said it was laying off thousands of employees as it struggles with sluggish sales and a range of fierce competitors.

The company announced 6000 job cuts on a conference call following its quarterly earnings report, or roughly 8 per cent of its workforce, and has trimmed nearly 20,000 jobs worldwide over the last five years. Although Chief Financial Officer Frank Calderoni said the company expected to reinvest much of the savings from the cuts announced Wednesday into key growth areas, Cisco officials would not say how many new people would be hired in those areas or where they would be employed. They also did not say where the cuts would occur.

A spokeswoman for Cisco Australia said the cuts would have a global impact. It’s understood the company employees around 1000 people in Australia.

Noting that the San Jose corporation needs to make changes to keep pace with rapidly changing technology, Baird Equity Research analyst Jayson Noland said “it’s probably frustrating to be an employee there when they are going to have major restructuring efforts like this every year or two.” But he added, “if your skills are stale as an engineer or as a sales and marketing guy, you’re running the risk of being replaced.”

Advertisement

Cisco is Silicon Valley’s fifth-biggest corporation by revenue, but its sales have been blunted by the sluggish global economy. It also faces competition from recent start-ups to more established corporations such as Juniper Networks of Sunnyvale and Brocade Communications Systems of San Jose.


Los gigantes tecnológicos pagan el precio por el caso Snowden

Los gigantes tecnológicos pagan el precio por el caso Snowden.

Un año después de las revelaciones del extécnico de la NSA Edward Snowden, grandes empresas como Microsoft, IBM o Cisco sufren las consecuencias del ciberespionaje practicado por su Gobierno

 

 

Muchos recelan de los sistemas que provienen de Estados Unidos, incluido el mercado chino, esperanza de crecimiento para las tecnológicas.

Muchos recelan de los sistemas que provienen de Estados Unidos, incluido el mercado chino, esperanza de crecimiento para las tecnológicas.

 

El tradicional mimo con el que el Gobierno de Estados Unidos trata a sus empresas nacionales y las impulsa a hacer negocios en todo el mundo se ha visto malogrado en estos últimos 12 meses. Se acaba de cumplir un año desde que las primeras revelaciones de Edward Snowden estamparan las páginas de The Guardian y The Washington Post.

Tras el estupor inicial, el debate sobre la privacidad de los ciudadanos se desarrolla en diferentes países y aparece entre los usuarios la preocupación para evitar la dependencia de la tecnología estadounidense. Y entre los principales afectados se encuentran nombres como IBM, Cisco o Microsoft.

Las empresas de Estados Unidos son las que más tecnología exportan a todo el mundo y la amenaza de posibles puertas traseras en sus sistemas es también una amenaza para su negocio. Apenas un mes después del escándalo, más de 50 compañías pidieron en una carta a Barack Obama permiso para ser más transparentes sobre la información que tenían que pasar al gobierno. Fue el primer intento –tímido– por evitar que sus negocios salieran malparados.

A lo largo de este año transcurrido desde las revelaciones sobre la NSA se han podido comprobar los daños económicos más inmediatos para las compañías tecnológicas e incluso estimar los que podrían darse en el futuro. Aun así existen muchos contratos firmados por varios años, con lo que las verdaderas consecuencias se sabrán a medida que vayan expirando estos contratos.

Microsoft ya ha perdido algunos clientes, tanto es así que el pasado mes de enero anunció que permitirá a los usuarios elegir en qué país se almacenarán sus datos. El golpe más importante para la compañía de Redmond ha sido el plan de Brasil para abandonar el uso de Microsoft Outlook, sustituyéndolo por su propio sistema de correo electrónico, con centros de datos locales. De paso, también se ha cancelado un acuerdo de 4.000 millones de dólares por el que el país carioca iba a comprar aviones de combate a Estados Unidos.

La comunicación entre Brasil y Europa hasta ahora se producía mediante cables submarinos estadounidenses, pero la UE y el Gobierno brasileño han aprobado la construcción de nuevos cables, que correrá a cargo de empresas brasileñas y españolas. Mientras que otros países de Latinoamérica, bajo la bandera de UNASUR, están pensando en la posibilidad de crear su propio sistema de comunicaciones a prueba del espionaje de la NSA.


How Secret Partners Expand NSA’s Surveillance Dragnet – The Intercept

How Secret Partners Expand NSA’s Surveillance Dragnet – The Intercept.

By 
Featured photo - How Secret Partners Expand NSA’s Surveillance DragnetTop-secret documents reveal how the NSA has established secret partnerships to spy on huge flows of private data.

Huge volumes of private emails, phone calls, and internet chats are being intercepted by the National Security Agency with the secret cooperation of more foreign governments than previously known, according to newly disclosed documents from whistleblower Edward Snowden.

The classified files, revealed today by the Danish newspaper Dagbladet Information in a reporting collaboration with The Intercept, shed light on how the NSA’s surveillance of global communications has expanded under a clandestine program, known as RAMPART-A, that depends on the participation of a growing network of intelligence agencies.

It has already been widely reported that the NSA works closely with eavesdropping agencies in the United Kingdom, Canada, New Zealand, and Australia as part of the so-called Five Eyes surveillance alliance. But the latest Snowden documents show that a number of other countries, described by the NSA as “third-party partners,” are playing an increasingly important role – by secretly allowing the NSA to install surveillance equipment on their fiber-optic cables.

The NSA documents state that under RAMPART-A, foreign partners “provide access to cables and host U.S. equipment.” This allows the agency to covertly tap into “congestion points around the world” where it says it can intercept the content of phone calls, faxes, e-mails, internet chats, data from virtual private networks, and calls made using Voice over IP software like Skype.

The program, which the secret files show cost U.S. taxpayers about $170 million between 2011 and 2013, sweeps up a vast amount of communications at lightning speed. According to the intelligence community’s classified “Black Budget” for 2013, RAMPART-A enables the NSA to tap into three terabits of data every second as the data flows across the compromised cables – the equivalent of being able to download about 5,400 uncompressed high-definition movies every minute.


US tech groups must adapt to life after Edward Snowden – FT.com

US tech groups must adapt to life after Edward Snowden – FT.com.

Many early tenets of the internet age no longer apply
Demonstrators hold placards featuring an image of former US intelligence contractor Edward Snowden as they take part in a protest against the US National Security Agency (NSA) collecting German emails, online chats and phone calls and sharing some of it with the country's intelligence services in Berlin©AFP

Demonstrators hold placards featuring former US intelligence contractor Edward Snowden in protest against intelligence services

On the anniversary of Edward Snowden’s revelations that lifted the lid on US internet surveillance, it is worth pondering how much things have changed for American tech companies – and, by extension, their investors.

Like the world before the terrorist attacks of 9/11, the pre-Snowden internet is starting to feel like a more innocent, far-off place. The ascendancy of American internet companies seemed unshakeable. With the exception of China and one or two other countries, there was little to disturb their dominance.

In retrospect, some of the received wisdom from that time is now starting to sound complacent. Its tenets included a borderless internet where information would always flow freely; a standard set of services delivered globally to an audience numbering in the billions; freedom from much of the regulation that encumbers companies trapped in the physical world; and the untrammelled ability to amass large amounts of data to feed evermore refined ad targeting. None of these things feels as assured as it once did.

In reality, the ground had already been shifting, as politicians and regulators took a keener interest in the expanding digital realm. Any hopes of retaining the light-touch regulation of the internet’s early days, when governments were grappling with its implications, already looked like wishful thinking. But the shock from the Snowden disclosures has greatly accelerated the shift.

However it plays out in detail, the direction is clear. Regulations will be tougher and courts more prone to set limits – as Google found last month, when it was ordered to extend a new “right to be forgotten” to people in Europe. Foreign customers will be more likely to consider buying from local suppliers, often with encouragement from their governments. In extreme cases, the Snowden leaks will provide an excuse to shut out US companies altogether on security grounds.

The reaction has been most obvious in countries such as China, which picked this week’s 25th anniversary of the Tiananmen Square crackdown to step up its rhetorical assault on US internet companies, and Russia, which is leading the way in pushing for data about its citizens to be held on local servers.

One result of all of this, inevitably, will be higher costs. Breaking up the big data holdings of cloud companies into national or regional pools would eat into the scale economies the digital world makes possible. Even without this, more onerous privacy rules are likely to raise the compliance stakes, while limiting the room to experiment with new ways of making money from customer data.

These may be costs worth paying. But in the wake of the Snowden disclosures, there is a danger of excessive reactions that cut into the potential benefits of digital services.

The internet companies, while struggling to reassure their users, are paying the penalty for having appeared in the past to have put their own commercial interests first. Moves like Facebook’s attempt last week to give its members more control over the privacy of their personal data, for instance, may have come too late to change the perception.

US cloud services companies that sell to governments or business customers, meanwhile, will face different pressures. For some, the response will be to rely more heavily on local partners to deliver their services and act as the front line in dealing with regulators. That could lead to more “white label” services from American companies that recede into the background.

Stronger competition in some foreign markets also looks likely as national governments promote their local champions. In China, IBM and Microsoft have been beset by recent reports of official encouragement for some big customers to stop buying their technology.

However, the lock that US companies have in many corners of the IT industry makes it hard to predict how quickly serious competition will emerge. It may be relatively easy to find alternative suppliers for the routers or switches made by a Cisco or the industry-standard servers from a Hewlett-Packard, but much US tech is not quickly replaceable. And when it comes to the type of cloud services that are starting to play a bigger role in IT provision, American companies have taken a definitive early lead.

None of this changes the new realities, though. As the expanding digital platforms of companies like Google and Facebook encroached deeper into everyday life, it was inevitable that they would attract greater scrutiny, envy and resistance. The test for US internet companies in the post-Snowden era will be how well they adapt to the changing times.

Richard Waters is the Financial Times’ West Coast Editor