Archive for the ‘NSA’ Category

Central Tech’s NSA CyberPatriot Team Is Only Oklahoma Team Going To National Competition – Cleveland American

Central Tech is proud to announce the NSA CyberPatriot Team earned a spot as a national finalist in the CyberPatriot National Youth Cyber Defense Competition. The competition will be held April 2-6, 2017 in Baltimore, MD.

CyberPatriot is an excellent opportunity for students to learn how to solve real world problems using real world solutions. CyberPatriot teams must learn to work together to overcome challenges that could not be completed by individuals, said Nick Gaunt, NSA instructor, Central Tech.

Central Tech was the only Oklahoma school to finish in the top twelve in their division and will move on to the national competition.

With over 4,400 teams representing all 50 States, Puerto Rico, the U.S. Virgin Islands, the Northern Mariana Islands, U.S. Department of Defense schools in Europe and the Pacific, Canada, Australia, Singapore, and Hungary, this years competition was record-breaking. All teams competed in a series of online rounds hoping to secure a top twenty-eight finalist spot and a chance for an all-expenses paid trip to the competition.

We are thrilled to see both returning teams, who continue pushing for excellence in defending their titles, as well as so many new teams qualify for National Finals, said Diane Miller, Director, Global Cyber Education and Workforce Development Programs, Northrop Grumman. Year-over-year, CyberPatriot demonstrates that it is truly accessible to all, creating a much-needed diverse and highly skilled cyber workforce to protect and defend our nations systems. We are so proud to be part of this national imperative and wish the competitors all the best!

CyberPatriot, an education initiative established by the Air Force Association and presented by the Northrop Grumman Foundation, is a one-of-a-kind cyber defense competition designed to inspire students toward futures in science, technology, engineering, and mathematics (STEM) fields. Other program sponsors include Cyber Diamond sponsors AT&T Federal and the AT&T Foundation, Cisco, Microsoft, the U.S. Department of Homeland Security, and the Office of the Secretary of Defense; Cyber Gold sponsors Facebook, Riverside Research, Splunk, and Symantec; and Cyber Silver sponsors Air Force Reserve, American Military University, Embry-Riddle Aeronautical University, Hewlett Packard Enterprise, Leidos, and University of Maryland University College. For more information about the CyberPatriot competition; visit their website http://www.uscyberpatriot.org.

Central Tech would like to congratulate our CyberPatriot team and wish them well at national finals. For more information about Central Tech or the NSA program, visit CentralTech.Edu.

Read more:
Central Tech's NSA CyberPatriot Team Is Only Oklahoma Team Going To National Competition - Cleveland American

VIDEO: Ex-CIA & NSA Director Dismisses Trump’s Wire Accusations on LATE SHOW – Broadway World

On last night's LATE SHOW, General Michael Hayden, the ex-director of the CIA and NSA dismisses Trump's wiretapping accusations against Obama. Watch the appearance below!

Stephen Colbert brings his signature satire and comedy to THE LATE SHOW with STEPHEN COLBERT, where he talks with an eclectic mix of guests about what is new and relevant in the worlds of politics, entertainment, business, music, technology and more.

Featuring bandleader Jon Batiste and his band Stay Human, the show is broadcast from the historic and newly renovated Ed Sullivan Theater. Stephen Colbert took over as host, executive producer and writer of THE LATE SHOW on September 8, 2015.

A multi-talented and respected host, writer, producer, satirist and comedian, Colbert is well-known for his previous late night show, "The Colbert Report," which concluded on Friday, Dec. 18, 2014. The program received wide-spread critical acclaim and earned two Peabody Awards and 29 Emmy Award nominations, including two Emmy wins for Outstanding Variety Series (2013, 2014) and four Emmy wins for Outstanding Writing for a Variety, Music or Comedy Program (2008, 2010, 2013, 2014). Prior to that, Colbert spent eight years as a correspondent on Comedy Central's "The Daily Show" as an on-air personality and writer of news satire for the Emmy and Peabody Award-winning series.

Photo credit: Richard Boeth/CBS

See the rest here:
VIDEO: Ex-CIA & NSA Director Dismisses Trump's Wire Accusations on LATE SHOW - Broadway World

Republicans Starting to Think the NSA Has Too Much Surveillance Power – Gizmodo

Republicans have long supported the sweeping surveillance capabilities of the NSA and have insisted theyre vitally important to national security. But with their man Trump caught up in multiple scandals that may involve intelligence services targeting his communications, privacy is suddenly a top priority.

The NSAs Prism and upstream data collection programs first hit the public consciousness when Edward Snowden fled the country and revealed extensive details about the agencys enormous powers to intercept foreign and domestic communications. The programs fall under Section 702 of the Foreign Intelligence Surveillance Act which is up for renewal at the end of the year. Just last week, officials from the Trump administration said that the White House supports the clean reauthorization [of Section 702] and the administration believes its necessary to protect the security of the nation. But that may have changed.

Devin Nunes is the Republican chairman of the House intelligence committee. He was part of the Trump transition team and has reportedly developed a close relationship with the president. He also is one of the few members of congress that seems to take Trumps allegation that Obama illegally wiretapped him seriously. Asked today about the renewal of Section 702 in the midst of continued intelligence leaks about Trump and Russia, Nunes said, I think its very problematic.

Many people feel that the investigation of the Trump campaigns relationship with Russia should be handled by an independent commission, rather than the House intelligence committee. Nunes has fought back against that suggestion. They can say whatever they want, but at the end of the day, I hold the gavel, theyre in the minority and were going to do what we want to do, he told CNN. We are not going to give up that jurisdiction to anyone else as long as Im here.

Nunes absolute refusal to acknowledge the growing body of evidence that Trump and his team have repeatedly lied about contacts with the Russian government has led to the impression that he is acting as a shield for the administration. And now, he thinks that the NSAs ability to surveil foreign powers and any American communications that might come up in that surveillance might be a problem. He elaborated at todays press conference:

Ive expressed this concern to the IC [intelligence community]. We have sent them many followup questions as it relates to intelligence thats been collected. And we expect prompt answers. I think we also expect unprecedented answers from them of the information that were going to be asking for.

Democrats have typically agreed with Republicans that the NSA programs are necessary and that doesnt seem to have changed. Adam Schiff, the top Democrat on the House intelligence committee, told the Guardian today that Section 702 has been a far more impactful and important counterterrorism program and tool. But, That doesnt mean though that we shouldnt explore whether there are ways to improve any of the protections in existing law or whether there are any changes that we need to make to the structure of the program.

No one knows how many American citizens communications have been caught up in the NSAs net at this point. In 2014, The Guardian found tens of thousands of Americans emails were intercepted under one program. Lawmakers have shown little concern. Maybe Trumps relentless self-interest will finally result in something good being done about this egregious overreach. More likely hell find a way to make it more horrible, if not through intent, through incompetence.

[The Guardian]

View post:
Republicans Starting to Think the NSA Has Too Much Surveillance Power - Gizmodo

After NSA hacking expos, CIA staffers asked where Equation … – Ars Technica

Two days after researchers exposed aNational Security Agency-tied hacking group that operated in secret for more than a decade, CIA hackers convened an online discussion aimed at preventing the same kind of unwelcome attention. The thread, according to a document WikiLeaks published Tuesday, was titled "What did Equation do wrong, and how can we avoid doing the same?"

Equation Group eventually came to light because of a handful of errors its members made over the years. One was the widespread use of a distinctive encryption function that used the RC5 cipher with negative programming constantsrather than with the positive constants favored by most developers. The nonstandard practice made it easier to identify Equation Group tools. Another mistake: failing to scrub variable names, developer account names, and similar fingerprints left in various pieces of Equation Group malware. A third error was the failure to renew some of the domain name registrations Equation Group-infected computers reported to. When Kaspersky Lab obtained the addresses, the researchers were shocked to find some machines infected by a malware platform abandoned more than 10 years earlier were still connecting to it.

It was this intrigue that set the stage for the online discussion about how CIA hackers could avoid the same pitfalls.

"As for what 'Equation' did wrong... All their tools shared code," one user, who like all the others was identified only by a unique identifier WikiLeaks used in place of a username, concluded on February 18, 2015, two days after the Kaspersky Lab findings were published. "The custom RC5 was everywhere. The techniques for positive ID (hashing) was used in the same way in multiple tools across generations."

The person continued:"The shared code appears to be the largest single factor is [sic] allowing [Kaspersky Lab] to tie all these tools together. The acquisition and use of C&C domains was probably number 2 on the list, and I'm sure the [CIA's computer operations group] infrastructure people are paying attention to this."

The person also suggested peers avoid using non-standard crypto functions, avoid using custom names in code, and scrub code clean of any PDB database information provided by Microsoft's Visual Studio debugger feature. The person wrote:

1. I would argue using custom crypto is always a mistake for two reasons. First, for the obvious problem described in the report. It makes your code look strange on deep RE inspection. Second, a custom routine greatly increases the odds you implemented the algorithm incorrectly and end up with a much weaker encryption scheme than intended.

2. Named kernel objects in general provide an easy signature for detection because it's usually a unique name. Using the same name in multiple tools is catastrophic.

3. This is PDB string, right? The PDB path should ALWAYS be stripped (I speak from experience. Ask me about Blackstone some time.). For Visual Studio user mode stuff, the /DEBUG linker switch should NOT be used. For drivers, it's a bit harder to avoid it, but a post-build step using binplace will strip the path information.

4. For other strings generally, yeah, search the binary for them. Don't use internal tool names in your code. It's less of a problem if leave-behind code doesn't have any exploit code in it.

The person went on to say, "The 'custom' crypto is more of [an] NSA falling to its own internal policies/standards which came about in response to prior problems. The problems included misconfigured crypto implementations that were corrected by using a single, optimized library.

"Unfortunately, this implementation used the pre-computed negative versions of constants instead of the positive constants in the reference implementation," the person wrote. "I think this is something we need to really watch and not standardize our selves into the same problem."

Other suggestions included the use, when possible, of publicly available crypto libraries, such as Microsoft Encryption Libraries, OpenSSL, and PolarSSL; creating a warning that would be displayed when unique names are embedded in the final binary file; and using a tool that would scan binaries for any usernames used on the local network.

The thread is part of a cache of 8,761 documents and files that WikiLeaks said were "obtained from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virginia." The discussion provides a fly-on-the-wall account of some of the reactions to what must have been one of the more embarrassing exposures of NSA hacking. It wouldn't be surprising if members of NSA hacking units are having discussions of their own speculating on the cause of Tuesday's leak.

Read more here:
After NSA hacking expos, CIA staffers asked where Equation ... - Ars Technica

No Evidence for Trump’s Wiretap Claims, Former CIA, NSA Chief Says – Fox Business

Former CIA and NSA director Gen. Michael Hayden said Tuesday there was no body of evidence for President Trump to make the claim that former President Barack Obama ordered wiretaps of his phones during the election.

What was claimed is inconsistent with the way I know the system works, Hayden told FOX Business Neil Cavuto.

According to Hayden, the president hasnt had the authority to order a wiretap since the 1970s. Instead, the request would need to go through a court, he said.

Since the president took office, the White House has been plagued with intel leaks. Hayden, who took over as CIA director in May 2006, said he faced a similar issue.

"One of the biggest problems we had was leaks. And my first speech to the workforce was: this is stopping. We are out of this as source or subject, Hayden said, adding that he does not believe people within the intelligence community should immediately be blamed.

I would not automatically assume that the source of this are intel people, even when the data being leaked is intelligence, he said.

Continue Reading Below

ADVERTISEMENT

Furthermore, Hayden offered advice to the administration, based on his past experience.

My tool though wasnt a vendetta, wasnt an investigation, wasnt beating people up, he said. My tool was openness within the agency, so that people actually felt they had a place in which their views were valued. Id suggest that approach for the administration.

He added: What youve got is a situation that we as Americans have to agree is really bad. We cannot have the permanent government at war with the incoming administration. Both sides need to step back, take a breath.

Go here to see the original:
No Evidence for Trump's Wiretap Claims, Former CIA, NSA Chief Says - Fox Business