Archive for the ‘NSA’ Category

Ex-Israeli NSA chief: Foundation of civilization is under attack – The Jerusalem Post

Illustrative image of cyber counter-terrorism. (photo credit:INGIMAGE PHOTOS)

The foundation of civilization is under cyber attack, said the former commander of Israel's elite intelligence Unit 8200 Nadav Zafir on Monday.

Zafir claimed that the electoral process can be tampered with by unlawful cyber activity and damage infrastructure, putting democratic civilizations at risk.

Zafir, headed what is considered to be the Israeli NSA between 2009 - 2013, made the comments during Cyber Week at Tel Aviv University.

The current chief of the Shin Bet, Nadav Argaman, is scheduled to give a rare talk on Tuesday that will present the audience with some of the means the Israeli security services use to tackle threats from individual hackers. This would be the first time such details will be openly presented to the public.

Today marks the second day of the conference, a unique event that address the challenges of security and privacy, for governments as well as private people, as the Internet becomes ever more present in global communication, finance, and entertainment.

The former chief of the USNational Security Agency (NSA) Keith Alexander also addressed the summit, telling the audience that he recently met with USPresident Donald Trump and that, despite what you hear in the press, the president understands fully existential cyber threats.

Speakers include Homeland Security and Counter Terrorism official Thomas Bossert, who serves as assistant to Trump. Current director of the Shin Bet (Israel Security Agency) Nadav Argaman, Check Point CEO Gil Shwed and former New York mayor Rudolph Giuliani are also in the lineup.

Other speakers include chief information security officer of the Indian Axis bank Ashutosh Jain and Austrian privacy activist Max Schrems. Events include an international war game simulation, a panel on the role of cyber in aviation, and even a cocktail party.

In recent years Israel became a celebrated global leader in the realm of cyber security, hi-tech, and technological innovation. Leading many to label Israel as a "Hi-Tech Nation".

This is the sixth year in which Cyber Week had taken place. This year's event will include round table discussions discussing Israeli - French, India-Israel, and UK - Israel innovation and regulation in regard to cyber security.

Those visiting the conference will be greeted by a huge six meters (19.5 feet) sculpture of a Trojan horse created from molten bits of smartphones, keyboards, and television screens that have been made useless due to a virus attack or remote hacking. The piece, which weighs two tons, was designed by Israeli advertising executive Gideon Amichay for the 2016 conference and became an iconic piece at campus.

Share on facebook

View original post here:
Ex-Israeli NSA chief: Foundation of civilization is under attack - The Jerusalem Post

EXCLUSIVE Whistleblower: ‘Most Probable’ That NSA Has Recordings of Trump Phone Calls with James Comey – Breitbart News

It is very likely, in fact, most probable that NSA does have those tapes, stated Binney.

Binney continued: I think you already have examples of it where you had conversations that President Trump had with the president of Mexico and also with Australia. All of those have been leaked. Also phone calls involving [former National Security Advisor Michael] Flynn and so on and the White House.

And the point is here, you see, I dont know of any time that the president makes a phone call that is not encrypted. So that means that the people who are intercepting the president have to be able to decrypt it. And the people who provide the encryption and the keys to the systems to be used are NSA, he added.

Binney was speaking Sunday night on this reporters talk radio program, Aaron Klein Investigative Radio, broadcast on New Yorks AM 970 The Answer and Philadelphias NewsTalk 990 AM.

Binney was an architect of the NSAs surveillance program. He became a famed whistleblower when he resigned on October 31, 2001 after spending more than 30 years with the agency. He has remained a sought-after expert on NSA surveillance.

Binney was responding to a series of tweets from the U.S. president last week in which Trump wrote that he did not make and does not have recordings of his conversations with Comey.

However, Trump allowed that with all of the recently reported electronic surveillance, intercepts, unmasking and illegal leaking of information, I have no idea whether there are tapes or recordings of my conversations with James Comey.

On May 12, after Comey had been fired and there was speculation he was behind leaks to the news media, Trump had ominously issued the following warning on Twitter:

In remarks to the Senate Intelligence Committee earlier this month, Comey described three in-person private conversations with Trump one in January at Trump Tower before the inauguration and two more in the White House after Trump became president and two phone calls between the two.

NSA Absolutely Tapping Trumps Calls

Asked pointedly whether he believes the NSA is bugging the Oval Office, Binney replied, Absolutely.

In February on this reporters radio program, Binney made national headlines when he alleged the NSA was tapping Trumps Oval Office phone calls.

Binney further contended at the time that the NSA may have been behind a data leak that revealed Michael Flynn allegedly misled Vice-President Mike Pence and other Trump administration officials about the contents of his phone calls with Russias ambassador to Washington.

During the interview on Sunday, Binney addressed alleged illicit NSA domestic surveillance that he says is documented in NSA whistleblower Edward Snowdens slides on the agencys Fairview program, which is supposed to focus on the collection of data from foreign countries citizens utilizing switching stations located inside the U.S.

Binney stated:

The slides showing the tap points across the United States where the targets really are the U.S. population and not the foreigners. If they wanted the foreigners all they would have to do is tap the surfacing points for the transoceanic cables. That would be along the coast. You wouldnt need to tap points distributed with the populations of the company. So that is the main program they are using to collect all this data on the fiber networks.

Binney further stated the NSA could remotely turn on cell phone mics to record offline conversations.

Aaron Klein is Breitbarts Jerusalem bureau chief and senior investigative reporter. He is a New York Times bestselling author and hosts the popular weekend talk radio program, Aaron Klein Investigative Radio. Follow him onTwitter @AaronKleinShow.Follow him onFacebook.

P.S. DO YOU WANT MORE ARTICLES LIKE THIS ONE DELIVERED RIGHT TO YOUR INBOX?SIGN UP FOR THE DAILY BREITBART NEWSLETTER.

Read the original:
EXCLUSIVE Whistleblower: 'Most Probable' That NSA Has Recordings of Trump Phone Calls with James Comey - Breitbart News

Prior to Snowden, NSA Had No Clue How Many Were Approved to … – Washington Free Beacon

Edward Snowden / Getty Images

BY: Natalie Johnson June 24, 2017 5:00 am

The National Security Agency did not know how manyofficials were authorized to download and transfer top secret data from its servers prior tothe high-profile leaks by former contractor Edward Snowden, according to a recently declassified government report.

The NSA was also unsuccessful in attempts to meaningfully cut the number of officials with "privileged" access to its most sensitive databases, the Department of Defense's inspector general determined in the 2016 investigation. The heavily redacted report was obtained by the New York Times through a Freedom of Information Act lawsuit.

The agency struggled to achieve the mandated reductions because it had no idea how many employees or contractors were designated data transfer agents or privileged access users prior to the leaks.

NSA officials told the inspector general they lost a "manually kept spreadsheet" that tracked the number of privileged users after receiving multiple requests from the inspector general to provide documents identifying the initial number. The lapse made it impossible for the agency to determine its baseline of privileged users from which reductions would be made.

The report said the NSA then "arbitrarily removed" privileged access from users, who were told to reapply for the authorization. While this enabled the agency to determine how many personnel were granted special access, the NSA still had no way of measuring how many privileged users had lost the clearance.

The inspector general said the NSA should have used this new baseline as a "starting point" to reduce privileged users instead of using the number to declare a reduction in those personnel.

In the case of data transfer agents, the NSA's "manually kept list" tracking the number of officials authorized to use removable devices, such as thumb drives, to transfer data to and from the agency's servers was "corrupted" in the months leading up to the Snowden leaks, the report said.

Without a baseline to measure potential reductions, the NSA then mandated data transfer agents to reapply for the authorization. Again, though this allowed the agency to determine how many personnel were given the authority, the NSA still had no way of gauging how many reductions were made, if any.

The threat proved ongoing earlier this month when former contractor Reality Winner was charged with removing classified information from NSA facilities regarding the Russian election hacks and leaking it to the press.

The initiatives to cut the number of people with access to classified data were part of a broader post-Snowden measure, called "Secure the Net," to strengthen protections of its sensitive surveillance and hacking methods.

The report determined that while the NSA made some progress in achieving reform, the agency "did not fully meet the intent of decreasing the risk of insider threats to its operations and the ability of insiders to exfiltrate data."

NSA spokeswoman Vanee Vines acknowledged the report's conclusions in a statement issued to the New York Times last week.

"We welcome the observations and opportunities for improvement offered by the U.S. Defense Department's Inspector General," she said. "NSA has never stopped seeking and implementing ways to strengthen both security policies and internal controls."

It is unclear what steps the NSA has taken since the report was finalized in August 2016 to reduce the number of employees and contractors with access to its top-secret databases.

See the rest here:
Prior to Snowden, NSA Had No Clue How Many Were Approved to ... - Washington Free Beacon

Privileged user management trips up NSA – TechTarget

A recently declassified report revealed the U.S. National Security Agency failed to fully secure its systems since the Edward Snowden leaks in 2013.

The report detailed the findings of the Department of Defense inspector general's 2016 assessment of the NSA's security efforts around privileged user management. The heavily redacted report was declassified after Charlie Savage, a Washington correspondent for The New York Times, filed a Freedom of Information Act lawsuit. The assessment looked at how the NSA handles privileged access management, and, according to the report, the NSA was found wanting.

After Edward Snowden leaked over a million files in 2013, the NSA began an initiative, dubbed Secure the Net (STN), with seven privileged user management goals. The inspector general's assessment found that the NSA met only four out of the seven goals: developing and documenting a plan for a new system administration model; assessing the number of system administrators across the enterprise; implementing two-factor access controls over data centers and machine rooms; and implementing two-factor authentication controls for system administration.

According to the report, dated Aug. 29, 2016, not all of the four privileged user management initiatives were fully met. "[The] NSA did not have guidance concerning key management and did not consistently secure server racks and other sensitive equipment in the data centers and machine rooms in accordance with the initiative requirements and policies, and did not extend two-stage authentication controls to all high-risk users," the report read.

Additionally, the assessment found that three of the seven STN initiatives for strong privileged user management were not accomplished. The NSA was supposed to "fully implement technology to oversee privileged user activities; effectively reduce the number of privileged access users; and effectively reduce the number of authorized data transfer agents."

There were 40 STN initiatives in total, though the assessment focused on the seven related to privileged access management. The conclusion reached in the assessment was, while the NSA was successful in part, it "did not fully address all the specifics of the recommendations."

Learn everything you need to know about privileged access management in the enterprise

Find out how to manage and monitor privileged user accounts

Test your privileged user management knowledge with this quiz

View original post here:
Privileged user management trips up NSA - TechTarget

NSA Advocates Data Sharing Framework – Threatpost

NEW YORKThe economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. Thats why Neal Ziring, technical director for the NSAs Capabilities Directorate, wants to flip the financial equation on bad guys.

We need to conduct defenses in a way that kills an adversarys ROI, Ziring said. I want to get it down to the point where a threat actor says, I better choose carefully where I throw this malware first, because Im not going to get a third or fourth try. Today they dont have that concern.

In order to decimate a cybercriminals ROI on developing tools and attack playbooks, Ziring is calling on public agencies, companies and the security community to radically change the way they respond to cyberattacks.

In a keynote address Thursday at the Borderless Cyber conference, he said the cybersecurity community needs to work cooperatively to collectively respond to attacks in the same spirit they share threat intelligence. He argues, doing so will deprive cyber threat actors of the ability to use tools and tradecraft multiple times and starve criminals financially.

The future of cyber defense is having a shared response or coordinated response, Ziring said. We need to break out of todays enterprise mentality of every person for themselves.

The type of framework Ziring describes doesnt exist today, but two standards come close. Those are STIX (Structured Threat Information Expression) and TAXII (Trusted Automated eXchange of Indicator Information) which both deal with sharing data ahead of an attack. Neither address a key component that Ziring is calling for which is a public-private framework that creates a type of autoimmune system. If one node on the network is attacked, all other connected nodes are warned within seconds to defend against a similar attack.

There is no technological reason why this couldnt work. There are only practical obstacles like the need for interoperable standards that will enable us to do this in todays heterogeneous environments. And thats the bit we are solving right now with STIX and OpenC2, he said.

Still early in development, OpenC2 is a language that would enable the coordination and execution of command and control of defense components between domains and within a domain.

Universal support for that type of framework will take a major shift in industry mindsets. As one conference attendee noted, today breach data is a carefully guarded secret for many companies. Ninety-five percent of the dozens of breaches the attendee said he helped mitigate over the past year were kept private for fear it might hurt share prices and the companies reputation.

Ziring said the industry does not need new regulations to mandate breach transparency. The upside to information sharing is the carrot that he hopes will lure companies, sectors and communities to be part of the sharing framework. He notes there are already several critical infrastructure sectors that are required to report breaches to the DHS.

It would be better if we didnt have to create more regulation. Well have to take a wait and see approach for now, he said.

Currently, the type of framework Ziring describes is extremely rare. Within the financial services sector breach data is shared between members of a FS-ISAC (Financial Services Information Sharing and Analysis Center). When one member is attacked all other members are alerted and can fend off similar attacks before they happen.

Meanwhile, attack surfaces are growing with the rapid expansion of cloud, IoT and third-party services. Ziring said current defenses are not as scaleable as they need to be and cant match the automated nature of cyberattacks.

Using FS-ISAC as a model, Ziring envisions a future where industry-focused communities share visibility into threats. When an attack occurred, top-level community members would analyze the threat and send out counter measures to community members inoculating them within seconds or minutes from similar attacks. Its unreasonable to ask small business to be ready fight off a nation state attack themselves, he said.

To many in attendance, that top-level community member is the government. To that end, Ziring told attendees that NSA and DHS are committed to be a trusted partner in the framework through the development of standards such as OpenC2.

The government has a unique authority in this area. We are doing a lot today within the DHS and FBI. I believe government has a responsibility to share. Culturally, its going to be tough. But we need to do it, he said.

Read more:
NSA Advocates Data Sharing Framework - Threatpost