Archive for the ‘NSA’ Category

FBI, NSA call for further testimony on Trump-Russia investigation – Washington Times

Ramping up their Congressional investigation into alleged Russian meddling in the 2016 election, lawmakers have invited directors of the FBI and National Security Agency to testify again, in addition to expressing a desire to hear from the Obama administrations top intelligence officials.

House Intelligence Committee Chairman Rep. Mike Conaway has invited FBI Director James Comey and National Security Advisor Adm. Mike Rogers to appear at a closed hearing on May 2.

Former CIA Director John Brennan, Director of National Intelligence James Clapper and former Deputy Attorney General Sally Yates have been requested to provide public testimony after May 2.

Last month, during the House Committees first public hearing, Mr. Comey confirmed his agency has been investigating alleged Russian interference in the 2016 election.

Last October, in the heat of the presidential election, the Obama administration formally accused the Kremlin of stealing and disclosing emails from the Democratic National Committee. At the time, Mr. Clapper issued a statement detailing how leaked DNC emails were intended to interfere with the U.S. election process.

Both the Kremlin and the Trump administration insist there is no evidence of Trump-Russia collusion.

Ms. Yates, while serving as at the acting attorney general at the start of the year, battled with the White House over the legality of Mr. Trumps executive order banning certain immigrants and refugees. She questioned the legitimacy of the executive order and Mr. Trump fired her.

See the rest here:
FBI, NSA call for further testimony on Trump-Russia investigation - Washington Times

Alleged NSA hack of Swift service bureau revives ‘back door’ debate – Information Management

Reports that the National Security Agency infiltrated bank servers through a Swift service bureau highlight a recurring concern for financial institutions about the unintended consequences of U.S. government snooping.

The leaks that came out late last week from a hacking collective called Shadow Brokers indicate that the NSA exploited vulnerabilities in Microsoft Windows systems to break into servers at EastNets, a Dubai company that provides outsourced Swift connectivity to 260 financial institutions and corporations.

From there, Shadow Brokers documents suggest, the NSA was able to access computers used by some Middle Eastern bank members of Swift, the Society for Worldwide Interbank Financial Telecommunication. The NSAs goal, according to The New York Times, was to track money movements and thereby gain insight into potential terrorist groups or government officials.

The most immediate danger for U.S. banks (and any Windows user, for that matter) that the weaknesses in Microsoft code still exist, rendering every internet-connected computer running Windows open to hacking has passed. Microsoft said patches for all the vulnerabilities were issued more than a month ago, so any company that is up to date on Windows patching is safe from these.

But the U.S. governments insistence on using so-called back doors to access financial and customer information remains a concern. The same tools the NSA uses to prop open doors to such information could be used by cybercriminals and nation-states with more sinister motives. And it also raises privacy issues for companies and consumers that dont want the government watching their every move.

Governments are constantly going after different networks for espionage and national security purposes, said John Carlson, chief of staff at the Financial Services Information Sharing and Analysis Center, an industry trade group. Thats a reality we recognize.

The NSA headquarters in Fort Meade, Maryland. A financial industry cybersecurity trade group is "asking for clarification" from the agency about undisclosed software vulnerabilities it may be exploiting.The FS-ISAC, whose more than 7,000 financial services members share information with each other about cyberthreats, does not have an official position on whether the NSA should be using back doors for this type of monitoring, but Carlson noted the instabilities this kind of activity causes.

We would want the government to disclose zero days a type of vulnerability in software "so those can be fixed and mitigated, he said. Theres been dialogue in the past about governments buying up zero days so they can use them for espionage and national security purposes; that puts information at risk.

Asked if the FS-ISAC was talking to the NSA about this, Carlson said: Were asking for clarification. We havent gotten answers. (The spy agency did not respond to an email from American Banker requesting comment.)

Concerns about back doors came up last year when the FBI wanted Apple to give it a key to unlock all iPhones, ostensibly for the sole purpose of viewing the San Bernardino shooters calls. Apple refused, and the government found another way to unlock the phone.

It also arose in the financial industry two years ago when a startup software company called Symphony balked at providing regulators with a back door to the instant messages of its Wall Street clients. (They worked out an agreement through which a copy of all messages is kept by a third party.)

Traces of spyware

Shadow Brokers leaked a spreadsheet on Friday that indicates the NSA was able to access and infect with its spyware computers run by several bank clients of EastNets, including Qatar First Investment Bank, Tadhamon International Islamic Bank and Noor Islamic Bank.

Later the same day, EastNets issued a statement denying it had been hacked.

Reports of an alleged hacker-compromised EastNets Service Bureau network are totally false and unfounded, the company said in its press release. The EastNets Network internal Security Unit has ran a complete check of its servers and found no hacker compromise or any vulnerabilities.

The firm said its Swift service runs on a separate secure network that cannot be accessed over public networks.

The photos shown on Twitter, claiming compromised information, are about pages that are outdated and obsolete, generated on a low-level internal server that is retired since 2013, EastNets stated. It said it can confirm that no customer data was compromised in any way.

EastNets continues to guarantee the complete safety and security of its customers' data with the highest levels of protection from its SWIFT certified Service bureau," Hazem Mulhim, CEO and founder of EastNets, said in the statement.

The hacking tools that Shadow Brokers said the NSA used to monitor the Middle Eastern banks also appear to be outdated. The group pointed to seven vulnerabilities in Microsoft Windows software that were used to break into servers.

In a blog post early Saturday, Microsoft said those vulnerabilities had all been patched more than a month earlier. (Deviating from its normal practice, Microsoft did not disclose who found the vulnerabilities. This has led to speculation about possible collusion between the NSA and Microsoft.)

Microsoft declined to comment further. EastNets could not line up an executive by deadline.

In a statement provided midday eastern time Monday, Swift said it has "no evidence to suggest that there has ever been any unauthorised access to our network or messaging services.

Persistent vigilance

For now, the industry is watching this case closely.

Were still trying to understand the impact to the financial sector, said Carlson at the FS-ISAC.

We think the potential impact of the disclosures to this sector is relatively low but warrants attention," Carlson said. "Well be playing close attention to this.

Bankers, he said, should keep their systems up to date in the meantime.

Its very important to make sure all their systems are patched and that third-party providers patch their systems as well, Carlson said. There may be patches individual firms have not executed.

He also stressed the importance of having layered defense and redundant systems.

The biggest buzzword would be persistent vigilance, Carlson said. You have to be constantly vigilant about these kinds of threats. Adversaries will be looking to exploit any vulnerability out there and its up to firms to be constantly on guard, educating users on best way to defend the organization. Its part and parcel of our digital economy.

Penny Crosman is Editor at Large at American Banker.

Go here to see the original:
Alleged NSA hack of Swift service bureau revives 'back door' debate - Information Management

Trove of Stolen NSA Data Is ‘Devastating’ Loss for Intelligence Community – Foreign Policy (blog)


Foreign Policy (blog)
Trove of Stolen NSA Data Is 'Devastating' Loss for Intelligence Community
Foreign Policy (blog)
On Friday, the mysterious group known as the Shadow Brokers released a large number of sophisticated, refined capabilities most likely developed by some of the NSA's top hackers the Tailored Access Operations group, known as TAO. Those capabilities ...
What you need to know about that latest NSA data dumpRecode
Hacker Documents Show NSA Tools for Breaching Global Money Transfer SystemFortune
What Windows users should know about the latest bugs revealed by NSA leakersWashington Post
New York Times -TechNet Blogs - Microsoft -PCWorld -Medium
all 398 news articles »

Read the rest here:
Trove of Stolen NSA Data Is 'Devastating' Loss for Intelligence Community - Foreign Policy (blog)

Schiff advocates for NSA, Cyber Command split – The Hill

The top Democrat on the House Intelligence Committee is calling for the National Security Agency (NSA) to be split from U.S. Cyber Command.

Rep. Adam SchiffAdam SchiffSchiff advocates for NSA, Cyber Command split Schiff to Trump: End casual talk on North Korea Why an independent counsel is necessary in an election probe MORE (D-Calif.) on Wednesday said it would be wise to have separate leaders for the two organizations, pushing for a civilian head of the NSA during remarks at Columbia Law School in New York.

The Pentagon told The Hill earlier this year that it has startedassessingwhether it should split up the dual-hat leadership.

Those are two very big jobs housed under the same hat, Schiff said. I think we would be wise to split up those responsibilities.

Experts have noted that the split is likely to happen eventually, but have warned of the risks of separating them too quickly. Cyber Command was established at NSA headquarters in 2009 and has been largely dependent on the agency.

Schiff made the comments in response to a question of whether or not the federal government has the appropriate organization structure to be effective on cyber.

More generally, he said that the government is slow to keep pace with technology and indicated that there are organizational improvements to be made.

Were probably not structured how we should be, Schiff said, adding later, were always going to be chasing this.

See the original post:
Schiff advocates for NSA, Cyber Command split - The Hill

We’re spying on you for your own protection, says NSA, FBI – The Register

A new factsheet by the NSA and FBI has laid bare ludicrous contradictions in how US intelligence agencies choose to interpret a law designed to prevent spying on American citizens, but which they use to achieve exactly that end.

The document even claims that it is surveilling US citizens for their own protection while at the same time claiming that it is not doing so.

The obvious and painful contradictions within the 10-page document [PDF] are testament to the very reason why the factsheet had to be prepared in the first place: Congress is threatening not to renew the legislation due to the intelligence agencies' willful misrepresentation of the law to perform the very activities it was designed to prevent.

FISA the Foreign Intelligence Surveillance Act was enacted in 1978 and authorizes US intelligence agencies to carry out electronic surveillance of foreign persons outside the US. It specifically prohibited surveillance of US citizens and foreign persons within US borders.

But in 2008, the FISA Amendments Act (FAA) was passed to recognize the modern realities of internet communications: that foreign intelligence targets were using networks based in the United States to communicate. The law gave the intelligence agencies the right to demand that US companies hand over their communications in the search for foreign intelligence.

In an effort to ensure that those searches were restricted to non-US citizens however, the FAA which was re-authorized in 2012 and now needs to be re-authorized again before the end of 2017 included various procedures, and checks and balances.

Somewhat inevitably however, those procedures which remain almost entirely secret and the check and balances which have been shown to be ineffective at best have been slowly undermined by the intelligence agencies to the extent that the FBI now routinely uses personally identifiable information of US citizens, such as an email or phone number, to search a huge database of gathered information if it suspects them of a crime carried out in the US.

That reality is the diametric opposite of what the law was intended to do hence the ludicrous contradictions between what the intelligence agencies say the law authorizes and the everyday realities that they argue must be retained.

The first eight pages of the 10-page document are largely accurate, giving a rundown of the law, its history and intentions, and the procedures and checks introduced. In fact, it is a useful and largely objective rundown of the issue.

On page four, the document gives some examples of where use of Section 702 have proven effective: gathering insights into the minds of high-level Middle Eastern government ministers; checking up on sanctions; identifying both terrorists and terrorist sympathizers and alerting other governments to them.

Of the five examples given (of course it's impossible to know how many real-world examples there are), only one covers an arrest on US soil: the case of Najibullah Zazi who was tracked after he sent an email to an al-Qaeda operative in Pakistan asking for help in making bombs. Zazi planned to bomb the subway in New York City but was arrested in 2009 before he had the opportunity to do so. He pled guilty in 2010 and was sentenced to life in prison in 2012. (It is worth noting, however, that Zazi was already under surveillance from US intelligence agencies thanks to his visits to Pakistan, so it's unclear what role the Section 702 data really played.)

The document carefully words some sections covering concern over how the law was being interpreted. As a result of Edward Snowden's revelations, lawmakers and civil society groups started asking precise questions and that resulted in the intelligence agencies releasing limited information about the process it goes through to obtain the rights to spy on people. The document paints the provision of that information as the intelligence agencies' "commitment to furthering the principles of transparency," when nothing could be further from the truth.

It also tries to paint a report by the Privacy and Civil Liberties Oversight Board (PCLOB) into US spying in positive terms. The independent board, the document claims, largely exonerated the intelligence agencies and "made a number of recommendations" that have "been implemented in full or in part by the government."

In reality, the board's report was a damning indictment of the agencies' effort to reinterpret the law to be able to spy on just about anyone. The recommendations that have been implemented "in part" cover the most important improvements, in particular the publication of the procedures that the agencies use in reaching determinations. These critical documents remain entirely secret.

The PCLOB also paid a high price for standing up to the NSA and FBI: they had their authority cut out from under them, the budget was slashed, and all but one of its five board members have either resigned or have not had their terms renewed. It is a shell of an organization that doesn't even answer its phone or emails.

It is on pages nine and 10 that the real issues appear however where it addresses "702 issues that are likely to arise in the re-authorization discussion."

These are:

Despite the law specifically noting that US citizens and people within US borders cannot be spied on through Section 702, in reality the intelligence agencies do exactly that.

The explanation is that this information is "incidental" and is hoovered up as the NSA and others are gathering intelligence on others. The intelligence agencies claim that it affects very few US citizens and so Congress has persistently asked what that number is: how many US citizens are included in the 702 database?

The US House Judiciary Committee first asked that question a year ago April 2016. There is still no answer.

This latest document notes: "The IC (intelligence community) and DoJ (Department of Justice) have met with staff members of both the House and Senate Intelligence and Judiciary Committees, the PCLOB, and advocacy groups to explain the obstacles that hinder the government's ability to count with any accuracy or to even provide a reliable estimate of the number of incidental US person communications collected through Section 702."

It says that the agencies are "working to produce a relevant metric" to inform discussions.

This is a transparent attempt to prevent a figure on the number of US citizens in the database from being revealed, because it would almost certainly undermine the core contention of the intelligence agencies: that their procedures prevent the unnecessary gathering of information on US citizens.

See the article here:
We're spying on you for your own protection, says NSA, FBI - The Register