Mediaboss Marketing

The NSA could be able to listen in on your lols.

Christian Rivera

In a new report on some of the confidential documents leaked by former NSA contractor Edward Snowden, The Intercept wrote that operatives from both the National Security Administration (NSA) and the British Government Communications Headquarters (GCHQ) joined forces in April 2010 to crack mobile phone encryption. The Mobile Handset Exploitation Team (MHET) succeeded in stealing untold numbers of encryption keys from SIM card makers and mobile networks, specifically Dutch SIM card maker Gemalto, one ofthe largest SIM manufacturers in the world. Gemalto produces 2 billion SIM cards a year, which are used all over the world.

Although the SIM card in a cell phone was originally usedto verify billing to mobile phone users, today a SIM also stores the encryption keys that protect a user's voice, text, and data-based communications and make them difficult for spies to listen in on. The mobile carrier holds the corresponding key that allows the phone to connect to the mobile carrier's network. Each SIM card is manufactured with an encryption key (called a Ki) that is physically burned into the chip. When you go to use the phone, it conducts a secret 'handshake' that validates that the Ki on the SIM matches the Ki held by the mobile company, The Intercept explains. Once that happens, the communications between the phone and the network are encrypted.

To steal the SIM encryption keys, MHET exploited a weakness in SIM manufacturers' business routinethat SIM card manufacturers tend to deliver the corresponding Kis to mobile carriers via e-mail or File Transfer Protocol. By doing basic cyberstalking of Gemalto employees, the NSA and GCHQ were able to pilfer millions of SIM Kis, which have a slow turnover rate (your phone's Ki will likely remain the same as long as you keep the SIM in the phone) and can be used to decrypt data that has been stored for months or even years.

Gemalto not only makes SIM cards, but it also makes chips that are placed into EMV credit cards as well as the chips built into next-generation United States passports. Paul Beverly, a Gemalto executive vice president, told The Intercept that the company's security team began an audit on Wednesday and could find no evidence of the hacks. The most important thing for me is to understand exactly how this was done, so we can take every measure to ensure that it doesnt happen again, and also to make sure that theres no impact on the telecom operators that we have served in a very trusted manner for many years, Beverly said. Gemalto's clients include hundreds of wireless networks around the world, including all four major carriers in the US.

According to the documents procured by The Intercept, MHET was able to use the NSA's XKeyscore to mine the e-mail accounts and Facebook profiles of engineers at major telecom companies and SIM card manufacturing companies, looking for clues that would get them into the SIM Ki trove. (XKeyscore is a program designed by the NSA to reassemble and analyse the data packets it finds traveling over a network. XKeyscore is powerful enough to be able to pull up the full content of users' Web browser sessions, and it can even generate a full replay of a network session between two Internet addresses, as Ars reported in 2013.) Eventually, MHET learned enough to be able to plant malware on several of Gemalto's internal servers.

In the course of trying to break into Gemalto's internal network, the NSA and GCHQ looked for employees using encryption as preferred targets. The spy agencies also expanded their surveillance to include mobile phone companies and networks, as well as other SIM manufacturers. The Intercept explained:

In one instance, GCHQ zeroed in on a Gemalto employee in Thailand who they observed sending PGP-encrypted files, noting that if GCHQ wanted to expand its Gemalto operations, he would certainly be a good place to start. They did not claim to have decrypted the employees communications, but noted that the use of PGP could mean the contents were potentially valuable.

More:
SIM card makers hacked by NSA and GCHQ leaving cell networks wide open

Ex-NSA chief linked to alleged coup plot
Sen. Antonio Trillanes involves former National Security Adviser (NSA) Norberto Gonzales in the coup attempt against President Aquino. Subscribe to ABS-CBN News channel!

By: ABS-CBN News

View post:
Ex-NSA chief linked to alleged coup plot - Video

NSA Hiding Undetectable Spyware in Hard Drives Worldwide

By: mikeroweRules12

Visit link:
NSA Hiding Undetectable Spyware in Hard Drives Worldwide - Video

NSA Hacks Hard Drives - Daily Security Byte EP.25
In this short, daily video post, Corey Nachreiner, CISSP and Director of Security Strategy for WatchGuard Technologies, shares the biggest InfoSec story from the day -- often sharing useful...

By: Corey Nachreiner

Originally posted here:
NSA Hacks Hard Drives - Daily Security Byte EP.25 - Video

The U.S. intelligence community has found ways to avoid even the strongest of security measures and practices, a new report from Moscow-based Kaspersky Lab suggests, demonstrating a range of technological accomplishments that place the nation's hackers as among the most sophisticated and well resourced in the world.

Hackers who are part of what the cybersecurity researchers call "Equation Group" have been operating under the radar for at least 14years, deploying a range of malware that could infect hard drives in a wayalmost impossible to remove and cold hide code in USB storage devicesto infiltratenetworks kept separate from the Internet for security purposes.

Kaspersky's report did not say the U.S. government wasbehind the group. But it did say the group was closely linked to Stuxnet -- malware widely reported to have been developed by the National Security Agency and Israel that was used in an attack against Iran's uranium enrichment program -- along with other bits of data that appear to align with previous disclosures. Reuters further linked the NSA to the Kaspersky report, citing anonymous former employees of the agency who confirmed Kaspersky's analysis.

NSA spokesperson Vanee Vines said in a statement that the agency was aware of the report, but would not comment publicly on any allegations it raises.

The Kaspersky report shows a highly sophisticated adversarythat has found ways to worm itself into computers with even the strongest of security measures in place. This matches up with what we know about other NSA efforts from documents leaked by former NSA contractor Edward Snowden, which showed efforts to undermine encryption and evade the protections major tech companies used to guard user data.

But the new report paints a more detailed picture of the breadth of the agency's reported offensive cyber arsenal. And unlike other recent revelations about U.S. government snooping, which have largely come from Snowden, the insights from Kaspersky came from examining attacks found in the digital wild. Victims were observed in more than 30 countries, withIran, Russia, Pakistan and Afghanistan having among the highest infection rates, according to the report.

One of the most sophisticatedattacks launched by theEquation Group lodged malware deep into hard drives, according to Kaspersky. It worked by reprogramming the proprietary code, called firmware, built into the hard drives themselves. That allowed for persistent storage hidden inside a target system that could survive the hard drive being reformatted or an operating system being reinstalled, the report says.

The code uncovered by Kaspersky suggests the malware was designed to work ondisk drives of more than a dozen major manufacturers -- including those from Seagate, Western Digital, Toshiba, IBM and Samsung. But the report also notes that this particular technique seemed to be rarely deployed, suggesting that it was used only on the most valuable victims or in unusual circumstances.

The Kaspersky report also said the group found ways to hide malicious files within aWindows operating system database on the targets' computer known as the registry -- encrypting and stashing the files so that they would be impossible to detect using antivirus software.

Equation Group also found ways to infiltratesystemsthat were kept off the Internet for security purposes -- commonly known as "air-gapped" networks. Malware used by the hackers relied on infected USB sticks to map out such networks -- or even remotely deploy code on them, according to the report.

See the original post here:
The NSA has reportedly found ways to avoid even the strongest security measures