Archive for the ‘NSA’ Category

What is 5G, SA, NSA? | iBASIS

The 5G transformation has reached a critical phase. 5G is the fifth generation wireless technology and also known as the fastest, most reliable and lowest latency technology ever. Yet, there are multiple scenarios determining how 5G rollouts will take place, including use of a Stand Alone (SA) or Non-Stand Alone (NSA) architecture.

Compared to 4G (LTE) networks, 5G brings:

5G has three main use case categories defined by 3GPP and GSMA:

In addition to this, the network slicing feature brings crating virtual networks in a service based & software defined architecture that allows more secure, differentiated and protected networks based on specific needs.

The following ITU (International Telecommunications Union) chart shows applications used in 5G use cases to enable us to visualize real deployments in a 5G environment:

Mobile networks consist of 2 major modules: Radio network and core network parts.

Two major 5G deployment alternatives are defined by 3GPP (Global Initiative creating standards for mobile networks): NSA (Non-Stand Alone) and SA (Stand Alone).

For both NSA and SA, new radio network technology (NR) is being used. New radio will satisfy high bandwidth needs such as VR, 8-12K video, etc., which is called eMBB (Enhanced Mobile Broadband).

For mobile operators who seek mainly high-speed connectivity to their customers, 5G NSA deployment could be enough at the start. However, 5G capable handsets and devices will be required.

The major first step taken by iBASIS to prepare for 5G video bandwidth explosion is deploying 100Gbps interfaces for 5G NSA.

The real 5G deployment is Stand Alone (SA) because it brings all possible use cases to the 5G mobile network, such as high throughput, low latency communications, massive IoT, network slicing, etc.

Thats why iBASIS is introducing its 5G signaling exchange testing platform for 5G SA enabling multiple scenario and use case testing.

Excerpt from:
What is 5G, SA, NSA? | iBASIS

This Day In History, November 4th, 2020 – "They’re Watching You" – Signals AZ

By Staff | on November 04, 2020

(The Great Seal of the National Security Organization. Image courtesy of Wikicommons, Public Domain.)

It was just 68 years ago today, November 4, 1952, when the National Security Agency (NSA) began protecting the American people. Intelligence agencies have been around since the dawn of civilization, and in fact, the NSA was really just renamed on this date from the Armed Forces Security Agency (AFSA). Our Nation faces constant threats, both foreign and domestic, so it is no surprise that the NSA has one of the largest budgets of any such intelligence gathering organization.

The NSA, even still today, has been kept a secret. In fact, the joke of the day was that NSA stood for No Such Agency. Today we face the question as Americans on how far are we willing to give up freedoms for our security. In many cases, there is no real answer, we want to be safe, but this is the land of the free, and privacy is key. In any case, governments that are both regarded as corrupt or just, have always portrayed the idea that whatever invasion of privacy they are doing, is for the greater good. Many opinions vary on the NSA, but they got started, 68 years ago, today.

Follow Signals on Facebook to get the latest local events and updates:Facebook.com/Signals A Z

Subscribe to the Signals Newsletter, events, entertainment, info & news right to your inbox!SUBSCRIBE

Continue reading here:
This Day In History, November 4th, 2020 - "They're Watching You" - Signals AZ

Senator Wyden Wants To Know If The NSA Is Still Demanding Tech Companies Build Backdoors Into Their Products – Techdirt

from the build-them-or-we'll-just-build-our-own dept

It's been more than a half-decade since it made headlines, but the NSA's hardware manipulation programs never went away. These programs -- exposed by the Snowden leaks -- involved the NSA compromising network hardware, either through interception of physical shipments or by the injection of malicious code.

One major manufacturer -- Cisco -- was righteously angered when leaked documents showed some of its hardware being "interdicted" by NSA personnel. It went directly to Congress to complain. The complaint changed nothing. (Cisco, however, changed its shipping processes.) But even though the furor has died down, these programs continue pretty much unhindered by Congressional oversight or public outcry.

One legislator hasn't forgotten about the NSA's hardware-focused efforts. Senator Ron Wyden is still demanding the NSA answer questions about these programs and give him details about "backdoors" in private companies' computer equipment. The DOJ and FBI may be making a lot of noise about encryption backdoor mandates, but one federal agency is doing something about it. And it has been for years.

Not only has the NSA installed its own backdoors in intercepted devices, it has been working with tech companies to develop special access options in networking equipment. This allows the agency to more easily slurp up communications and internet traffic in bulk. Senator Wyden wants answers.

The agency developed new rules for such practices after the Snowden leaks in order to reduce the chances of exposure and compromise, three former intelligence officials told Reuters. But aides to Senator Ron Wyden, a leading Democrat on the Senate Intelligence Committee, say the NSA has stonewalled on providing even the gist of the new guidelines.

Secret encryption back doors are a threat to national security and the safety of our families its only a matter of time before foreign hackers or criminals exploit them in ways that undermine American national security, Wyden told Reuters. The government shouldnt have any role in planting secret back doors in encryption technology used by Americans.

No one knows what's in the guidelines and whether they forbid the NSA from backdooring hardware or software sold to US buyers. All the NSA is willing to say is it's trying to patch things up with domestic tech vendors by, um, giving them more stuff to patch up.

The agency declined to say how it had updated its policies on obtaining special access to commercial products. NSA officials said the agency has been rebuilding trust with the private sector through such measures as offering warnings about software flaws.

This is a welcome change after years of exploit hoarding. But there's no reason to believe the NSA isn't holding useful flaws back until they've outlived their exploitability. As for the built-in backdoors, the NSA refuses to provide any details. It won't even answer to its oversight. And if it won't do that, it really needs to stop saying things about "robust oversight" every time more surveillance abuses by the agency are exposed.

There's more to this than potential domestic surveillance. Any flaw deliberately introduced in hardware and software can be exploited by anyone who discovers it, not just the agency that requested it. The threat isn't theoretical. It's already happened. In 2015, it was discovered that malicious hackers had exploited what appeared to be a built-in flaw to intercept and decrypt VPN traffic running through Juniper routers. This appeared to be a byproduct of the NSA's "Tailored Access Operations." While Juniper has never acknowledged building a backdoor for the NSA, the circumstantial evidence points in No Such Agency's direction.

[Juniper] acknowledged to security researcher Andy Isaacson in 2016 that it had installed Dual EC [Dual Elliptic Curve] as part of a customer requirement, according to a previously undisclosed contemporaneous message seen by Reuters. Isaacson and other researchers believe that customer was a U.S. government agency, since only the U.S. is known to have insisted on Dual EC elsewhere.

This is the danger of relying on deliberately introduced flaws to gather intelligence or obtain evidence. Broken is broken and broken tools are toys for malicious individuals, which includes state-sponsored hackers deployed by this nation's enemies. It's kind of shitty to claim you're in the national security business when you're out there asking companies to add more attack vectors to their products.

Thank you for reading this Techdirt post. With so many things competing for everyones attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise and every little bit helps. Thank you.

The Techdirt Team

Filed Under: 4th amendment, backdoors, nsa, ron wyden, surveillanceCompanies: cisco, juniper

Read more from the original source:
Senator Wyden Wants To Know If The NSA Is Still Demanding Tech Companies Build Backdoors Into Their Products - Techdirt

NSA Publishes List of 25 Top Vulnerabilities Exploited by Chinese Hackers; Beijing Calls Us an Empire o … – CPO Magazine

The US National Security Agency (NSA) published a report detailing the top 25 vulnerabilities currently being exploited by Chinese state-sponsored hacking groups. The NSA said that the bugs exist in web services or remote access tools.

The vulnerabilities are directly accessible from the Internet and can act as gateways to organizations internal networks, according to the NSA. Apart from the Chinese hackers, other state-sponsored threat actors from Russia and Iran had also exploited some of these top vulnerabilities to compromise computer systems.

The NSA considered the Chinese malicious cyber activity to be among the greatest risks facing the US Defense Industrial Base (DIB), the US National Security Systems (NSS), and the Department of Defense (DoD) information networks. Thus, the federal agency urges organizations in the public and private sectors to patch their systems.

The NSA noted that all the top vulnerabilities exploited by Chinese hackers are well known and have existing patches. Many top vulnerabilities were incorporated into various exploit kits used by ransomware gangs, state-sponsored hackers, and malware groups.

Earlier, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint alert on cybercriminal gangs using vulnerability chaining to compromise election systems using Zerologon and VPN vulnerabilities. Top vulnerabilities exploited by Chinese hackers include:

According to Jayant Shukla, CTO and Co-founder of K2 Cyber Security, keeping software updated is the surest method of preventing Chinese hackers from exploiting any of the top vulnerabilities.

For organizations that cant keep up to date or dont have the resources to keep their software up to date, they should look into virtual patching solutions that protect the application, like the ones offered by RASP (Runtime Application Self-Protection) solutions, which are now mandated by the latest version of the NIST SP800-53 Revision 5 Security and Privacy Framework. RASP solutions also protect the organization against new and unpatched vulnerabilities.

Chlo Messdaghi, VP of Strategy at Point3 Security, says that affiliated and independent Chinese hackers were actively trying to exploit the top vulnerabilities for self-gain.

Chinese attackers could be [a] nation-state, could be a company or group of companies, or just a group of threat actors or an individual trying to get proprietary information to utilize and build competitive companies in other words, to steal and use for their own gain.

Apart from NSAs top vulnerabilities, Chinese hackers would not hesitate to exploit any existing vulnerability to compromise the United States computer systems. They could use vulnerability chaining to increase the lethality of their attacks by combining several vulnerabilities to weaken the system further and create a foothold.

Chinas Foreign Ministry protested the US agencys accusation of international cyber espionage. In return, Beijings government labeled the US as an empire of hacking, citing various cyberespionage programs such as PRISM. The program was the largest cyber espionage campaign, which was exposed by Snowden.

Zhao Lijian, Chinese Foreign Ministry spokesman, added that the US had a natural advantage in exploiting vulnerabilities because of its leading role in software and hardware development. Lijian also noted that the US and The Five Eyes group members had demanded backdoors on various apps such as WhatsApp to allow spying. WhatsApp uses an end-to-end encryption algorithm to prevent the interception of communication by third parties.

NSA listed the 25 top vulnerabilities exploited by Chinese #hackers. Beijing accused the US of being an 'empire of hacking'. #cybersecurity #respectdataClick to Tweet

Cyber espionage counter accusations are common between the US and China. Chinese cybersecurity company, Qihoo 360, had accused the CIA of conducting an 11-year cyber espionage campaign against Chinese airlines. The US cybersecurity firm Symantec also reported that Chinese hackers had stolen NSAs hacking tools and used them against US allies.

See the rest here:
NSA Publishes List of 25 Top Vulnerabilities Exploited by Chinese Hackers; Beijing Calls Us an Empire o ... - CPO Magazine

UP: NSA invoked against 11 held for cow slaughter – The Indian Express

By: Express News Service | Lucknow | Updated: October 31, 2020 7:40:15 amThe Badaun police has invoked National Security Act (NSA) against 11 people arrested on charges of cow slaughtering on October 8. (Representational/File)

The Badaun police has invoked National Security Act (NSA) against 11 people arrested on charges of cow slaughtering on October 8. The accused, aged between 25 and 50 years, are lodged in the Badaun district jail.

Police sent its report to the district magistrate and on completion of due procedure, the DM has invoked NSA against the 11 accused, said Praveen Singh Chauhan, Additional Superintendent of Police, Badaun.

Read| UP cow slaughter law is being misused against innocent: Allahabad HC

Among those arrested, nine of them are residents of Gurupuri Chandan village, while two others are from neighbouring Dalmai village. Three of the accused are migrant labourers who had returned to their native places after the nationwide lockdown was enforced, said police.

Nine persons had no criminal record and were arrested for the first time, said Rajeev Kumar, Station House Officer, Beenawar police station.

According to police, on October 8, they had received an information that some people were involved in cow slaughtering at Gurupuri Chandan village. A police team rushed to the spot and caught the accused. They recovered 200 kg meat, skin, body parts and also weapons used for slaughtering cows from the spot, said Kumar. He added that a veterinary doctor was called on the spot and he had identified the meat as beef.

Later, an FIR was lodged and police arrested all the 11 accused, said Kumar.

The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest India News, download Indian Express App.

The Indian Express (P) Ltd

Read the rest here:
UP: NSA invoked against 11 held for cow slaughter - The Indian Express