Archive for the ‘NSA’ Category

NSA Warrantless Surveillance Aided Turks After Attack, Officials Say – New York Times

But the witnesses sidestepped Mr. Grahams question, saying only that they were working on his request. That provoked an angry intervention from the committee chairman, Senator Charles E. Grassley, Republican of Iowa, who banged his gavel and told Mr. Graham, his voice rising, I want you to proceed until you get an answer.

Mr. Graham eventually ended his questioning without getting one. But later in the hearing, Senator Richard J. Durbin, Democrat of Illinois, suggested that the senators emotion at the thought that their government could invade their privacy and use the information against them was just part of the bigger picture.

What about the privacy of the Americans who are not in this room? he asked.

The warrantless surveillance program traces back to President George W. Bushs Stellarwind program, introduced after the Sept. 11, 2001, attacks. Stellarwind permitted the National Security Agency to wiretap Americans international phone calls without the court orders required by the Foreign Intelligence Surveillance Act, or FISA, of 1978.

After it came to light, Congress legalized a form of the program in 2008 with the FISA Amendments Act. It permits the government to collect, from American internet or phone providers and without warrants, the communications of foreigners abroad who have been targeted for any foreign intelligence purpose even when they are talking to Americans.

Privacy advocates want Congress, as part of any bill extending the law, to require warrants before officials may use Americans identifiers, like their email addresses, to search the repository of messages previously collected by the program. But Stuart J. Evans, a top intelligence official at the Justice Department, testified on Tuesday that imposing such a limit would grind the entire FISA process to a halt because investigators need to quickly search a large volume of such queries to process leads, and because such queries are typically undertaken at an early stage, when investigators have not yet found evidence to establish probable cause of wrongdoing.

Several lawmakers also pressed the officials about a decision by Dan Coats, the director of national intelligence, to shelve an N.S.A. effort to estimate how much incidental collection of Americans information the program sweeps up. Bradley Brooker, the acting general counsel to Mr. Coats, said that systematically determining who is using email accounts that are not of foreign intelligence interest would invade peoples privacy and divert resources.

To underscore their message that the program is too valuable to curtail, Mr. Brooker and other officials disclosed several additional examples where the program had been useful. They included detecting an unidentified country that was smuggling goods in violation of sanctions, and finding someone in Western Europe who was talking to a member of the Islamic State about purchasing material to build a suicide belt.

Mr. Ghattas said the government had used the program to investigate Shawn Parson, a Trinidadian social media propagandist for the Islamic State whose network distributed prolific amounts of English-language recruiting pitches and calls for attacks before he was killed in Syria in August 2015.

The F.B.I. had been investigating Mr. Parson since October 2013 based on his online postings, Mr. Ghattas said, and information it shared from that collection with unspecified allies had helped them identify other Islamic State supporters and had potentially prevented attacks in those countries.

Follow Charlie Savage on Twitter @charlie_savage.

A version of this article appears in print on June 28, 2017, on Page A14 of the New York edition with the headline: Up-and-Down Hearing On Surveillance Program.

More here:
NSA Warrantless Surveillance Aided Turks After Attack, Officials Say - New York Times

New cyberattack uses same NSA-developed exploit – WHSV.com – WHSV

PARIS (AP) UPDATE (1:30 p.m.):

Security experts say Tuesday's cyberattack shares something in common with last month's WannaCry attack: Both spread by using digital break-in tools purportedly created by the U.S. National Security Agency and recently leaked to the web.

Security vendors Bitdefender Labs and Kaspersky Labs say the NSA exploit, known as EternalBlue, is allowing the malware to spread inside an organization's network. Other than that, the latest malware is different from WannaCry.

Organizations should be protected if they had installed a fix that Microsoft issued in March.

But Chris Wysopal, chief technology officer at the security firm Veracode, says that's only the case if 100 percent of computers were patched. He says that if one computer gets infected, the new malware has a backup mechanism to spread to patched computers within the network as well.

Wysopal says the attack seems to be hitting large industrial companies that "typically have a hard time patching all of their machines because so many systems simply cannot have down time."

Organizations hit include the Russian oil company Rosneft and the Danish oil and shipping company AP Moller-Maersk.

_____

UPDATE (12:10 p.m.):

The second-largest drugmaker in the United States is confirming it's been affected by a cyberattack.

In a message sent using its verified Twitter account, Merck confirmed Tuesday that its computer network was "compromised" as part of a global attack.

Officials said the Kenilworth, New Jersey-based company was investigating the incident but provided no further details.

Merck has global locations including in Ukraine, where a new and highly virulent outbreak of malicious data-scrambling software causing mass disruption across Europe appeared to be hitting especially hard.

Company and government officials reported serious intrusions at the Ukrainian power grid, banks and government offices, where one senior official posted a photo of a darkened computer screen and the words, "the whole network is down."

Dutch-based transport company TNT Express, which was taken over last year by FedEx, also said Tuesday that it is suffering computer disruptions. Spokesman Cyrille Gibot says that "like many other companies and institutions around the world, we are experiencing interference with some of our systems within the TNT network. We are assessing the situation and are implementing remediation steps as quickly as possible and we regret any inconvenience to our customers." He declined further comment.

_____

A new and highly virulent outbreak of malicious data-scrambling software appears to be causing mass disruption across Europe, hitting Ukraine especially hard.

Company and government officials reported serious intrusions at the Ukrainian power grid, banks and government offices, where one senior official posted a photo of a darkened computer screen and the words, "the whole network is down." Ukraine's prime minister said the attack was unprecedented but that "vital systems haven't been affected."

Russia's Rosneft oil company also reported falling victim to hacking, as did Danish shipping giant A.P. Moller-Maersk.

"We are talking about a cyberattack," said Anders Rosendahl, a spokesman for the Copenhagen-based group. "It has affected all branches of our business, at home and abroad."

The number of companies and agencies reportedly affected by the ransomware campaign was piling up fast, and the electronic rampage appeared to be rapidly snowballing into a real-world crisis. Dutch daily Algemeen Dagblaad says that container ship terminals in Rotterdam run by a unit of Maersk were also affected. Rosneft said that the company narrowly avoided major damage.

"The hacking attack could have led to serious consequences but neither the oil production nor the processing has been affected thanks to the fact that the company has switched to a reserve control system," the company said.

There's very little information about what might be behind the disruption at each specific company, but cybersecurity experts rapidly zeroed in on a form of ransomware, the name given to programs that hold data hostage by scrambling it until a payment is made.

"A massive ransomware campaign is currently unfolding worldwide," said Romanian cybersecurity company Bitdefender. In a telephone interview, Bitdefender analyst Bogdan Botezatu said that he had examined samples of the program and that it appeared to be nearly identical to GoldenEye, one of a family of hostage-taking programs that has been circulating for months.

It's not clear whether or why the ransomware has suddenly become so much more potent, but Botezatu said that it was likely spreading automatically across a network, without the need for human interaction. Self-spreading software, often described as "worms," are particularly feared because they can spread rapidly, like a contagious disease.

"It's like somebody sneezing into a train full of people," said Botezatu. "You just have to exist there and you're vulnerable."

The world is still recovering from a previous outbreak of ransomware, called WannaCry or WannaCrypt, which spread rapidly using digital break-in tools originally created by the U.S. National Security Agency and recently leaked to the web.

This particular variant of ransomware leaves a message with a contact email; several messages sent to the address were not immediately returned.

___ Vladimir Isachenkov in Moscow and Jan M. Olsen in Copenhagen, Denmark contributed to this report.

Read this article:
New cyberattack uses same NSA-developed exploit - WHSV.com - WHSV

NSA Director Gave Senator Private Tour During Debate Over Foreign intelligence Collection – Foreign Policy (blog)

The National Security Agency has been lobbying a key senator amid debates about whether to reauthorize the NSAs foreign intelligence programs when the law sunsets on December 31, 2017.

Two congressional sources confirmed a May meeting, where Sen. John Cornyn, (R-Tex.), a vocal supporter of the intelligence community, got a private audience with the NSA Director Adm. Michael Rogers.

Cornyn also got a private tour of the signals intelligence facility at Fort Meade, Maryland at the same time as the May meeting. He had visited the campus several months prior with other officials for an introductory tour, a typical event for lawmakers new to the committee.

Congressional sources familiar with the meeting expressed concern that the private access Cornyn was given may have provided him with an opportunity to provide input and get information that other members of the intelligence committee, and other panels responsible for oversight of the NSA, didnt have. Of particular concern is Section 702 of the Foreign Intelligence Surveillance Act, the law that allows the NSA to scoop up digital communications travelling over underwater Internet cables and directly from providers and tech companies.

It seems odd that any senator tasked with evaluating and reauthorizing the program wouldnt have the chance to review it to whatever degree theyd like, Jake Laperruque, senior counsel at nonprofit civil liberties organization Constitution Project, wrote to Foreign Policy.

The NSA and Sen. Cornyns spokesman declined to comment on the meeting, which occurred just months before Section 702 is due to expire at the end of the year, unless lawmakers reauthorize it or reform it.

The law has sparked a heated debate about the values and drawbacks of certain features of NSAs programs ever since 2013, when former contractor Edward Snowden revealed details about them by giving classified documents to journalists.

Privacy advocates dont believe there are enough protections, and that theres too much backdoor access for domestic law enforcement. But the intelligence community argues that reauthorizing the law, without reform, is needed to protect the crown jewels critical in the fight against terrorism and other worldwide threats.

Its normal for a new member of the Senate Intelligence Committee to be brief by NSA, and other Senators have visited the secretive agency for tours, with staffers or without, to conduct oversight. But the timing of the private meeting coincides with a moment when the intelligence community is looking for congressional allies to save its key programs.

Cornyn has also been involved in oversight of the intelligence collection programs for years as a member of the Judiciary Committee. In early June, the month after his meeting with the NSA director, Cornyn supported a bill proposed by Sen. Tom Cotton, (R-Ark.) to make Section 702 permanent, eliminating the opportunity to reform the bill every couple years as technology and society change.

The battle over 702 has heated up in recent weeks as both sides ready for the reauthorization debate.

Also in early June, Director of National Intelligence Dan Coats, after promising to do his best to honor a President Obama-era commitment to give senators an estimate on how many Americans communications are incidentally collected when NSA is tracking digital and telephonic conversations overseas, publicly stated he could not disclose a figure.

While his predecessor, James Clapper, promised that he would release an estimate, and met with civil society groups on several occasions to discuss how that process would proceed, Coats now argues that doing so would be impractical, infeasible, and worsen privacy intrusions that already took place by searching for Americans names in the database.

Clapper did not return a request for comment, and the ODNI declined to comment.

While its within Coats authority to reverse an Obama-era policy, his reasons for doing so have been heavily criticized. The intelligence community admitted that making such an estimate is possible, and privacy advocates denied that performing such a search would do any further harm. Additionally, Coats did not inform all the relevant oversight committees ahead of time that he would not be disclosing a numberinformation several lawmakers believe is vital to understand the law and its practical impact on the American people.

Photo credit: BRENDAN SMIALOWSKI/Getty Images

Twitter Facebook Google + Reddit

Go here to see the original:
NSA Director Gave Senator Private Tour During Debate Over Foreign intelligence Collection - Foreign Policy (blog)

There Is Now Proof the NSA Overindulges in Data Collection – Observer

National security officials are continually reassuring Americans that their communications arent getting caught in massive dragnets, and that when it does happen, the communications are handled responsibly. But recently-released opinions from the Foreign Intelligence Surveillance Court (FISC)the seven-judge panel charged with oversight of National Security Agency (NSA) spying programsshow just the opposite is true.

The heavily redacted documents, released on June 13 by the Department of Justice in response to a Freedom of Information Act (FOIA) request by the Electronic Frontier Foundation (EFF), show troubling abuses of surveillance powers granted under Section 702 of the FISA Amendments Act.

Section 702, signed into law by President George W. Bush in 2008, authorizes the intelligence community to collect data and metadata of foreign communications, while preventing the agencies from intentionally targeting American people. The goal of this type of online surveillance is to catch the communications of foreign terrorists before they make their way to the United States. Two of the main programs, PRISM and UPSTREAM, were disclosed by the leaks from former NSA contractor Edward Snowden in 2013.

As the Washington Post pointed out in 2014, nine out of 10 internet users who have had their data collected under Section 702 were ordinary internet users and not actual surveillance targets. According to the FISC, around 56,000 Americans per year have their communications accidentally sucked up in this process. That means the types of hiccups and compliance issues that these new documents illustrate could be impacting thousands of Americans annually.

One Court opinion, released last week, shows the NSA has engaged in significant overcollection of the content of communications of non-target U.S. persons and persons in the U.S. This type of data collection is supposed to be expressly prohibited. If these allegations are true, this shows even more rampant hypocrisy within the intelligence community, who constantly defend and justify Section 702. If this overcollection is happening, theyve been blatantly lying.

During a June 7 Senate Intelligence Committee hearing, NSA Director Mike Rogers continually downplayed issues of inadvertent collection of Americans communications under Section 702. Amid bipartisan questioning from Sens. Ron Wyden and Marco Rubio, he defended the program, calling it vital to national security andsaying it offers insight into foreign powers that could not be matched without the program.

Its bad enough that the intelligence apparatus is collecting too much of Americans communications under Section 702, but theyre also mishandling it once they have it. A 2010 FISC opinion states that the NSA had a compliance incident and failure to purge information that was required to be destroyed under the targeting and minimization procedures from certain NSA data repositories. Minimization procedures require the NSA to stop collecting data once it is determined that the target is within the United States. If the surveillance state is failing to comply with such a basic check on its power and holding onto communications that it should not be keeping, that is an egregious abuse of the powers it is given. It shows a lack of responsibility and failure to own up to mistakes on the part of the NSA.

A 2013 document, also released this week, highlights a similar compliance incident that concerned the [redacted] post-tasking checks NSA conducts to help ensure that [redacted] tasked for collection pursuant Sections 702, 704 and 705(b) of the Act are not being used from inside the United States. The term tasking refersto NSA requests for data or metadata from private companies, which can help NSA officials track the whereabouts of a target. This is particularly used under PRISM, which allows NSA to collect data from at least nine major internet companies servers.

Despite all of the abuses the documents highlight, some members of Congress continue to wholeheartedly endorse Section 702. On June 6, Sen. Tom Cotton introduced legislation to make Section 702 permanent, getting rid of the requirement that it be voted on every five years.

As a justification for the program, Cotton invokes the same need for foreign insights that Rogers mentioned in his testimony, while ignoring the inadvertent collection of Americans data. That type of disregard for Americans privacy is pervasive on both the left and the right.

While not surprising, these documents serve as yet another reminder of the continuing abuse of surveillance powers granted under Section 702. Hopefully the vast revelations of surveillance overreach from groups like EFF can jolt congressional representatives to let Section 702 sunset when its time comes on December 31. But based on Congress overwhelming support for reauthorizing Section 702 in 2012, and Cottons introduction of a bill to make it permit, civil libertarians shouldnt hold their collective breath.

Dan King is an advocate for Young Voices and a journalist residing in New Yorks Adirondacks. He writes about free speech, civil liberties and LGBT issues. He can be found on Twitter @Kinger_Editor.

Continued here:
There Is Now Proof the NSA Overindulges in Data Collection - Observer

Washington Angels 14U win B NSA state title – Tri-City Herald


Tri-City Herald
Washington Angels 14U win B NSA state title
Tri-City Herald
The Washington Angels 14U softball team won the 14U B NSA state championship Sunday at Columbia Playfields in Richland. The Angels went 6-0 on the weekend, with a 6-2 win over the Monarch Crushers in the championship. Team members are: Lexi ...

Read the original post:
Washington Angels 14U win B NSA state title - Tri-City Herald