Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election

While the document provides a rare window into the NSA’s understanding of the mechanics of Russian hacking, it does not show the underlying “raw” intelligence on which the analysis is based. A U.S. intelligence officer who declined to be identified cautioned against drawing too big a conclusion from the document because a single analysis is not necessarily definitive.

Fuente: Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election


‘Give them a pill’: Putin accuses US of hysteria over election hacking inquiry | World news | The Guardian

Russian president calls allegations of interference in US presidential election ‘useless and harmful chatter’ at St Petersburg economic forum

Fuente: ‘Give them a pill’: Putin accuses US of hysteria over election hacking inquiry | World news | The Guardian


Shadow Brokers threaten to unleash more hacking tools | Technology | The Guardian

The so-called Shadow Brokers, who claimed responsibility for releasing NSA tools that were used to spread the WannaCry ransomware through the NHS and across the world, said they have a new suite of tools and vulnerabilities in newer software. The possible targets include Microsoft’s Windows 10, which was unaffected by the initial attack and is on at least 500m devices around the world.

Fuente: Shadow Brokers threaten to unleash more hacking tools | Technology | The Guardian


Leaked NSA Malware Is Helping Hijack Computers Around the World

In mid-April, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the “Shadow Brokers.” Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.

Fuente: Leaked NSA Malware Is Helping Hijack Computers Around the World


Microsoft responsabiliza a la Agencia de Seguridad Nacional de EE.UU. de propiciar el ciberataque masivo que afectó al menos a 150 países – El Mostrador

El gigante de la informática criticó el papel de los gobiernos y organizaciones que coleccionan vulnerabilidades informáticas que después pueden ser robadas o vendidas a delincuentes informáticos. La empresa pide que lo sucedido sea una lección para erradicar esta práctica en el mundo.

Fuente: Microsoft responsabiliza a la Agencia de Seguridad Nacional de EE.UU. de propiciar el ciberataque masivo que afectó al menos a 150 países – El Mostrador


Leaked NSA Malware Threatens Windows Users Around the World

“This is as big as it gets,” Hickey said. “Nation-state attack tools are now in the hands of anyone who cares to download them…it’s literally a cyberweapon for hacking into computers…people will be using these attacks for years to come.”

Fuente: Leaked NSA Malware Threatens Windows Users Around the World


WikiLeaks publishes ‘biggest ever leak of secret CIA documents’ | Media | The Guardian

The US intelligence agencies are facing fresh embarrassment after WikiLeaks published what it described as the biggest ever leak of confidential documents from the CIA detailing the tools it uses to break into phones, communication apps and other electronic devices.

Fuente: WikiLeaks publishes ‘biggest ever leak of secret CIA documents’ | Media | The Guardian


Wikileaks Dump Shows CIA Could Turn Smart TVs into Listening Devices

It’s difficult to buy a new TV that doesn’t come with a suite of (generally mediocre) “smart” software, giving your home theater some of the functions typically found in phones and tablets. But bringing these extra features into your living room means bringing a microphone, too — a fact the CIA is exploiting, according to a new trove of documents released today by Wikileaks.

Fuente: Wikileaks Dump Shows CIA Could Turn Smart TVs into Listening Devices


WikiLeaks filtra programa encubierto de la CIA que usa celulares y televisores como “micrófonos encubiertos” – El Mostrador

La información revelada hoy sobre “hacking” (ataque cibernético) es parte de una serie en siete entregas que define como “la mayor filtración de datos de inteligencia de la historia”.

Fuente: WikiLeaks filtra programa encubierto de la CIA que usa celulares y televisores como “micrófonos encubiertos” – El Mostrador


Russia hacked the US election. Now it’s coming for western democracy | Robby Mook | Opinion | The Guardian

We have to take action now to root out Russian and other foreign influences before they become too deeply enmeshed in our political ecosystem. First and foremost, leaders in the US and Europe must stop any attempt by the Trump administration to ease sanctions on Russia. It must be abundantly clear that attacking our elections through cyberspace will prompt a tough and proportional response.

Fuente: Russia hacked the US election. Now it’s coming for western democracy | Robby Mook | Opinion | The Guardian


Russian cybersecurity experts suspected of treason linked to CIA | World news | The Guardian

Two of Moscow’s top cybersecurity officials are facing treason charges for cooperating with the CIA, according to a Russian news report.The accusations add further intrigue to a mysterious scandal that has had the Moscow rumour mill working in overdrive for the past week, and comes not long after US intelligence accused Russia of interfering in the US election and hacking the Democratic party’s servers.

Fuente: Russian cybersecurity experts suspected of treason linked to CIA | World news | The Guardian


Young Russian denies she aided election hackers: ‘I never work with douchebags’ | World news | The Guardian

Alisa Shevchenko is a talented young Russian hacker, known for working with companies to find vulnerabilities in their systems. She is also, the White House claims, guilty of helping Vladimir Putin interfere in the US election.

Fuente: Young Russian denies she aided election hackers: ‘I never work with douchebags’ | World news | The Guardian


The U.S. Government Thinks Thousands of Russian Hackers May Be Reading My Blog. They Aren’t.

It’s plausible, and in my opinion likely, that hackers under orders from the Russian government were responsible for the DNC and Podesta hacks in order to influence the U.S. election in favor of Donald Trump. But the Grizzly Steppe report fails to adequately back up this claim. My research, for example, shows that much of the evidence presented is evidence of nothing at all.

Fuente: The U.S. Government Thinks Thousands of Russian Hackers May Be Reading My Blog. They Aren’t.


WashPost Is Richly Rewarded for False News About Russia Threat While Public Is Deceived

The most ironic aspect of all this is that it is mainstream journalists — the very people who have become obsessed with the crusade against Fake News — who play the key role in enabling and fueling this dissemination of false stories. They do so not only by uncritically spreading them, but also by taking little or no steps to notify the public of their falsity.

Fuente: WashPost Is Richly Rewarded for False News About Russia Threat While Public Is Deceived


Russia hacking: US intelligence chief hits back at Trump’s ‘disparagement’ | Technology | The Guardian

Yet neither Clapper nor Rogers offered new evidence for their October conclusion of Russian interference. Clapper promised to release an unclassified report early next week, prepared by the NSA, CIA and FBI, providing additional information for the intelligence agencies’ conclusion that Russia deliberately hacked the Democratic National Committee in order to aid Trump in the 2016 presidential election.

Fuente: Russia hacking: US intelligence chief hits back at Trump’s ‘disparagement’ | Technology | The Guardian


Russia Hysteria Infects WashPost Again: False Story About Hacking U.S. Electric Grid

Those interested in a sober and rational discussion of the Russia hacking issue should read the following:(1) Three posts by cybersecurity expert Jeffrey Carr: first, on the difficulty of proving attribution for any hacks; second, on the irrational claims on which the “Russia hacked the DNC” case is predicated; and third, on the woefully inadequate, evidence-free report issued by the Department of Homeland Security and FBI this week to justify sanctions against Russia.(2) Yesterday’s Rolling Stone article by Matt Taibbi, who lived and worked for more than a decade in Russia, titled: “Something About This Russia Story Stinks.”(3) An Atlantic article by David A. Graham on the politics and strategies of the sanctions imposed this week on Russia by Obama; I disagree with several of his claims, but the article is a rarity: a calm, sober, rational assessment of this debate.

Fuente: Russia Hysteria Infects WashPost Again: False Story About Hacking U.S. Electric Grid


Obama escalates anti-Russian campaign with new sanctions and threats – World Socialist Web Site

In an executive order accompanied by a series of official statements, US President Barack Obama has sharply escalated the campaign against Russia, based on unsubstantiated claims of Russian government hacking of the Democratic National Committee (DNC) and the Hillary Clinton campaign in the presidential election.

Fuente: Obama escalates anti-Russian campaign with new sanctions and threats – World Socialist Web Site


Top-Secret Snowden Document Reveals What the NSA Knew About Previous Russian Hacking

Now, a never-before-published top-secret document provided by whistleblower Edward Snowden suggests the NSA has a way of collecting evidence of Russian hacks, because the agency tracked a similar hack before in the case of a prominent Russian journalist, who was also a U.S. citizen.

Fuente: Top-Secret Snowden Document Reveals What the NSA Knew About Previous Russian Hacking


The hacking is 21st-century, but US-Russia relations are stuck in the past | Simon Jenkins | Opinion | The Guardian

While Moscow’s cyberwar capacity is cutting-edge, the flurry of expulsions and misguided sanctions simply rehash the mistakes of the cold war

Fuente: The hacking is 21st-century, but US-Russia relations are stuck in the past | Simon Jenkins | Opinion | The Guardian


En qué consisten las sanciones aprobadas por EE.UU. contra Rusia por los ciberataques ocurridos durante la campaña electoral – El Mostrador

La Casa Blanca aprobó severas medidas para castigar a Moscú por sus supuestos intentos de influir en las elecciones presidenciales de noviembre pasado. Donald Trump dijo que el país debe “ocuparse de cosas más grandes y mejores”, aunque anunció que se reunirá la próxima semana con los jefes de inteligencia para informarse sobre el caso.

Fuente: En qué consisten las sanciones aprobadas por EE.UU. contra Rusia por los ciberataques ocurridos durante la campaña electoral – El Mostrador


Obama advierte que EEUU tomará represalias contra Rusia por ataques informáticos durante campaña presidencial – El Mostrador

El presidente comentó además que “algunas (de esas medidas) puede que sean explícitas y públicas, mientras que otras puede que no”.

Fuente: Obama advierte que EEUU tomará represalias contra Rusia por ataques informáticos durante campaña presidencial – El Mostrador


The FBI Hacked Over 8,000 Computers In 120 Countries Based on One Warrant | Motherboard

In January, Motherboard reported on the FBI’s “unprecedented” hacking operation, in which the agency, using a single warrant, deployed malware to over one thousand alleged visitors of a dark web child pornography site. Now, it has emerged that the campaign was actually an order of magnitude larger.

Fuente: The FBI Hacked Over 8,000 Computers In 120 Countries Based on One Warrant | Motherboard


Hackean grupo de espionaje de la NSA y subastan información por 1 millón de bitcoins | CriptoNoticias – Bitcoin, Blockchain y criptomonedas

Un grupo de hackers vinculado a la Agencia de Seguridad Nacional de los Estados Unidos, mejor conocida como la NSA (National Security Agency), ha sido hackeado recientemente y sus herramientas de espionaje, recolección de información, malware y más, han sido puestas en venta por 1 millón de bitcoins (más de 550 millones de dólares al momento de la publicación).

Fuente: Hackean grupo de espionaje de la NSA y subastan información por 1 millón de bitcoins | CriptoNoticias – Bitcoin, Blockchain y criptomonedas


¿Son estas las armas de espionaje de la NSA? | Derechos Digitales

Un grupo de hackers dice haber obtenido información confidencial de Equation Group, un conocido y sofisticado grupo de ciber atacantes ligado a la NSA. Parte de la información publicada permite por primera vez echar un vistazo a las herramientas utilizadas por la agencia de seguridad estadounidense.

Fuente: ¿Son estas las armas de espionaje de la NSA? | Derechos Digitales


Hacked Emails Reveal NATO General Plotting Against Obama on Russia Policy

Retired U.S. Air Force Gen. Philip Breedlove, until recently the supreme commander of NATO forces in Europe, plotted in private to overcome President Barack Obama’s reluctance to escalate military tensions with Russia over the war in Ukraine in 2014, according to apparently hacked emails from Breedlove’s Gmail account that were posted on a new website called DC Leaks.

Fuente: Hacked Emails Reveal NATO General Plotting Against Obama on Russia Policy


Russian government hackers steal DNC files on Donald Trump | Technology | The Guardian

Some of the hackers had been lurking in the systems since at least last summer, well before Trump sealed the Republican nomination, but only recently exfiltrated the Democratic party’s cache of files on Trump’s business dealings and past political statements, investigators said.

Fuente: Russian government hackers steal DNC files on Donald Trump | Technology | The Guardian


Court refuses request to force alleged hacker to divulge passwords | Technology | The Guardian

An alleged hacker fighting extradition to the US will not have to give the passwords for his encrypted computers to British law enforcement officers, following a landmark legal ruling.

Fuente: Court refuses request to force alleged hacker to divulge passwords | Technology | The Guardian


Supreme Court Gives FBI More Hacking Power

The Supreme Court on Thursday approved changes that would make it easier for the FBI to hack into computers, including those belonging to victims of cybercrime. The changes will take effect in December, unless Congress adopts competing legislation.

Fuente: Supreme Court Gives FBI More Hacking Power


Anonymous collective declares ‘total war’ on Donald Trump, again | Technology | The Guardian

Hackers target ‘deeply disturbing’ presidential candidate and ask for support to dismantle his campaign and expose private details

Fuente: Anonymous collective declares ‘total war’ on Donald Trump, again | Technology | The Guardian


Cibercriminales hackean al director de Inteligencia Nacional de EE.UU. – FayerWayer

Es la realidad: nadie está a salvo. Se ha confirmado el hackeo de las cuentas personales de correo electrónico de James Clapper, quien es ni más ni menos que el Director de Inteligencia de Estados Unidos. Lo que confirma que actualmente se viven momentos de alta vulnerabilidad a nuestra información, sobre todo cuando el encargado de realizar intrusiones legales resulta expuesto por adolescente.

Fuente: Cibercriminales hackean al director de Inteligencia Nacional de EE.UU. – FayerWayer


Russian hackers read unclassified Obama emails – report | US news | The Guardian

Russian hackers read unclassified Obama emails – report | US news | The Guardian.

Obama President Barack Obama is seen through a window of the Oval Office at the White House. Photograph: Jim Lo Scalzo/Corbis

Unclassified emails to and from President Barack Obama were read last year by Russian hackers, the New York Times reported on Saturday.

The White House confirmed the breach earlier this month, saying it took place last year and that it did not affect classified information.

The newspaper, however, said the hack “was far more intrusive and worrisome than has been publicly acknowledged”.

The president’s closely guarded BlackBerry email account was not hacked, the Times said, but communications with other users were swept up.

Quoting “senior American officials briefed on the investigation”, the Times said the hackers penetrated sensitive parts of the White House computer system, as well as the State Department. The hackers are presumed to be linked to the Russian government, if not necessarily working for it.


Intel Security’s Chris Young tells cyber sector to go on offensive – FT.com

Intel Security’s Chris Young tells cyber sector to go on offensive – FT.com.

 

Hacker; Cyber Security

The president of Intel Security has admonished the cyber security industry for being “too reactive” and focusing on the symptoms of attacks rather than the underlying causes.

Chris Young said that the sector had become “bogged down” in data while cyber attackers get better funded, more innovative and improve their skills.

“In security we’re chasing the symptoms like malware and vulnerabilities when we’d be smarter if we knew the context of attacks, who the attackers are and why do I care about them.”“We are swimming in symptoms but we don’t really understand the problem in many cases. To use a human analogy, I’m sneezing, I can’t breathe easily, I have a runny nose: do I have a cold, flu or allergies?” he said.

Mr Young told the Financial Times at the RSA cyber security conference that President Barack Obama’s new information sharing proposals, announced in the State of the Union speech, risk creating a flood of new data on attacks that few companies are skilled at processing. The US House of Representatives could vote on the bill this week.

 


EE UU incorpora los ciberataques a su programa de sanciones | Internacional | EL PAÍS

EE UU incorpora los ciberataques a su programa de sanciones | Internacional | EL PAÍS.

 

Obama, el martes en el Despacho Oval. / Susan Walsh (AP)

Aquellas personas o grupos que participen en ataques cibernéticos contra Estados Unidos podrán ser sancionadas del mismo modo que lo son quienes colaboran con la injerencia rusa en Ucrania o con el régimen sirio. En un reflejo de su creciente preocupación por las amenazas virtuales, la Casa Blanca incorporó este miércoles la ciberseguridad a la diplomacia de sanciones que aplica en todo el mundo.

El presidente Barack Obama aprobó una orden ejecutiva, que no requiere del voto del Congreso, que permite por primera vez imponer penalizaciones a los individuos o grupos ubicados fuera de EE UU que perpetren ataques o espionajes cibernéticos “maliciosos” que supongan una “amenaza significativa” a la seguridad nacional, la política exterior, la economía o la estabilidad financiera de la primera potencia mundial.

Esas actividades podrán ser consideradas a partir de ahora una “emergencia nacional”, basándose en una ley de 1977. El Departamento del Tesoro podrá congelar los activos de esas personas o entidades en EE UU e impedir determinadas transacciones financieras con compañías estadounidenses, siguiendo el mismo patrón que en las sanciones diplomáticas convencionales.


New smoking gun further ties NSA to omnipotent “Equation Group” hackers | Ars Technica

New smoking gun further ties NSA to omnipotent “Equation Group” hackers | Ars Technica.

What are the chances unrelated state-sponsored projects were both named “BACKSNARF”?

 

 

 

Researchers from Moscow-based Kaspersky Lab have uncovered more evidence tying the US National Security Agency to a nearly omnipotent group of hackers who operated undetected for at least 14 years.

 

The Kaspersky researchers once again stopped short of saying the hacking collective they dubbed Equation Group was the handiwork of the NSA, saying only that the operation had to have been sponsored by a nation-state with nearly unlimited resources to dedicate to the project. Still, they heaped new findings on top of a mountain of existing evidence that already strongly implicated the spy agency. The strongest new tie to the NSA was the string “BACKSNARF_AB25” discovered only a few days ago embedded in a newly found sample of the Equation Group espionage platform dubbed “EquationDrug.” “BACKSNARF,” according to page 19 of this undated NSA presentation, was the name of a project tied to the NSA’s Tailored Access Operations.


Aaron Swartz stood up for freedom and fairness – and was hounded to his death | Comment is free | The Guardian

Aaron Swartz stood up for freedom and fairness – and was hounded to his death | Comment is free | The Guardian.

Internet activist Aaron Swartz in a San Francisco bookshop in 2008, five years before his suicide.

 Internet activist Aaron Swartz in a San Francisco bookshop in 2008, five years before his suicide. Photograph: Noah Berger/Reuters

On Monday, BBC Four screened a remarkable film in its Storyville series. The Internet’s Own Boy told the story of the life and tragic death of Aaron Swartz, the leading geek wunderkind of his generation who was hounded to suicide at the age of 26 by a vindictive US administration. The film is still available on BBC iPlayer, and if you do nothing else this weekend make time to watch it, because it’s the most revealing source of insights about how the state approaches the internet since Edward Snowden first broke cover.

To say Swartz was a prodigy is an understatement. As an unknown teenager he was a co-designer of tools – like RSS and Markdown and of services like Reddit – that shaped the evolution of the web. He was also the kid who wrote most of the code underpinning Creative Commons, an inspired system that uses copyright law to give ordinary people control over how their digital creations can be used by others.

But Swartz was far more than an immensely-gifted programmer. The Storyville film includes home movies which show the entrancing, voraciously-inquisitive toddler who was father to the man. As he grew, he displayed the same open, questioning attitude to life one sees in other geniuses who are always asking “why?” and “why not?” and driving normal people nuts.


Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise – The Intercept

Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise – The Intercept.

Featured photo - Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise

The U.S., U.K. and Canadian governments characterize hackers as a criminal menace, warn of the threats they allegedly pose to critical infrastructure, and aggressively prosecute them, but they are also secretly exploiting their information and expertise, according to top secret documents.

In some cases, the surveillance agencies are obtaining the content of emails by monitoring hackers as they breach email accounts, often without notifying the hacking victims of these breaches. “Hackers are stealing the emails of some of our targets… by collecting the hackers’ ‘take,’ we . . .  get access to the emails themselves,” reads one top secret 2010 National Security Agency document.

These and other revelations about the intelligence agencies’ reliance on hackers are contained in documents provided by whistleblower Edward Snowden. The documents—which come from the U.K. Government Communications Headquarters agency and NSA—shed new light on the various means used by intelligence agencies to exploit hackers’ successes and learn from their skills, while also raising questions about whether governments have overstated the threat posed by some hackers.

By looking out for hacking conducted “both by state-sponsored and freelance hackers” and riding on the coattails of hackers, Western intelligence agencies have gathered what they regard as valuable content:

Recently, Communications Security Establishment Canada (CSEC) and Menwith Hill Station (MHS) discovered and began exploiting a target-rich data set being stolen by hackers. The hackers’ sophisticated email-stealing intrusion set is known as INTOLERANT. Of the traffic observed, nearly half contains category hits because the attackers are targeting email accounts of interest to the Intelligence Community. Although a relatively new data source, [Target Offices of Primary Interest] have already written multiple reports based on INTOLERANT collect.

The hackers targeted a wide range of diplomatic corps, human rights and democracy activists and even journalists:

INTOLERANT traffic is very organized. Each event is labeled to identify and categorize victims. Cyber attacks commonly apply descriptors to each victim – it helps herd victims and track which attacks succeed and which fail. Victim categories make INTOLERANT interesting:

A = Indian Diplomatic & Indian Navy
B = Central Asian diplomatic
C = Chinese Human Rights Defenders
D = Tibetan Pro-Democracy Personalities
E = Uighur Activists
F = European Special Rep to Afghanistan and Indian photo-journalism
G = Tibetan Government in Exile

In those cases, the NSA and its partner agencies in the United Kingdom and Canada were unable to determine the identity of the hackers who collected the data, but suspect a state sponsor “based on the level of sophistication and the victim set.”


Obama's Cyber Proposals Sound Good, But Erode Information Security – The Intercept

Obama’s Cyber Proposals Sound Good, But Erode Information Security – The Intercept.

BY DAN FROOMKIN 

The State of the Union address President Obama delivers tonight will include a slate of cyber proposals crafted to sound like timely government protections in an era beset by villainous hackers.

They would in theory help the government and private sector share hack data more effectively; increase penalties for the most troubling forms of hacking; and require better notification of people when their personal data has been stolen.

But if you cut through the spin, it turns out that the steps Obama is proposing would likely erode, rather than strengthen, information security for citizens and computer experts trying to protect them. Consider:

  • There’s plenty of sharing of data on cyber threats already and no reason to think that the Sony Pictures hack or any of the other major recent cyber attacks could have been averted with more. What Obama is proposing would, by contrast, give companies that have terrible security practices a pass in the form of liability protection from regulatory or civil action based on the information they disclose, while potentially allowing widespread distribution of personal data that should be private.
  • The increased penalties for hacking Obama is proposing could punish people who have only briefly rubbed shoulders with hackers as full-fledged members of a criminal enterprise, and criminalize “white-hat” hacking.
  • And Obama’s federal standards for when companies have to report that customers’ data has been stolen would actually overturn tougher standards in many states.

“There’s nothing that he would propose that would do anything to actually improve cybersecurity,” says Chris Soghoian, the principal technologist at the American Civil Liberties Union. “That’s a problem.”