Tag Archives: Hack

Foreign Policy, International, Technology, US

New sanctions to be placed on North Korean organizations

4 Comments

While the origins of the Sony hack is still a point of contention, with some people claiming it was a company insider named Linda and many claiming it was North Korea, President Obama has put up new sanctions against three North Korean organizations as well as 10 individuals.

These sanctions, according to the BBC,  are believed to be the first time the U.S. has punished a country over cyber-attacks against a company based in the U.S.

While all the new sanctions are believed to not be against those directly involved with the Sony hack, White House officials are saying the sanctions are meant to isolate North Korea’s defense industry to prevent future cyber-attacks.

“This is really an example of where you’ve had a country really cross a threshold in terms of its attack due to its destructive and coercive nature,” said an official according to Politico.

The sanctions are mostly centered on North Korea’s military intelligence agencies, while the 10 individuals who are affected by the sanctions are, according to Reuters, involved in the sale and proliferation of weapons.

In a letter written by President Obama to House Speaker John Boehner and Senate Majority Leader Mitch McConnell, the president wrote, according to ABC News, “The order is not targeted at the people of North Korea, but rather is aimed at the Government of North Korea and its activities that threaten the United States and others.”

Whether or not these sanctions will have the desired results the White House hopes for is still unknown. However, given the U.S. placed sanctions on North Korea’s nuclear program in 2008, 2010, and 2011, all of which North Korea ignored, one can assume these sanctions will not be taken seriously by the government of North Korea.

Business, Politics, Technology, US

Exclusive: U.S. Postal Service Explains Data Breach to Employees with Simplified Handout

1 Comment

On Monday, employees of the United States Postal Service (USPS) were notified that there had been a breach in the system, and that their personal data had been compromised.

A document given to USPS employees on Monday morning, during a “stand-up” briefing, assured them that this type of intrusion was “not unique,” and was similar to previous intrusions into “U.S. companies and other Federal government agencies,” which USPS employees have likely “read multiple news stories on.

The Postal Service recently learned of a cyber intrusion into some of our information systems,” stated the document. “This basically means that someone who didn’t have permission was able to get into some of our computer networks.

USA Today reported that “classified briefings” from October 22 and November 7 showed that the U.S. Postal Service “told members of Congress that it had been hacked,” as early as October 22.

The document given to USPS employees assured them that the Postal Service “began investigating the intrusion” as soon as it was discovered, and that the agency is working with the FBI, the Department of Justice, the Postal Inspection Service, and the U.S. Computer Emergency Readiness Team, along with “outside experts who specialize in investigations and data systems” to find the cause of the breach, and to prevent another intrusion from occurring.

The investigation indicates that files containing employee information were compromised,” stated the document. “These files include information such as names, dates of birth, social security numbers, addresses, beginning and end dates of employment, and emergency contact information for all active employees.

According to the Washington Post, “Chinese government hackers are suspected of breaching the computer networks of the United States Postal Service,” which compromised the data of more than 800,000 employees.

However, Reuters reported, “Cybersecurity experts said it was too soon to know who was behind the attack but agreed the Postal Service was a rich target.

The employee handout explained that all employees impacted by the intrusion would receive individualized letters, which will provide them with “specific information about their particular situation.”

In a statement to the public, the U.S. Postal Service’s Manager for Media Relations, David Partenheimer, stated that there was “no evidence of malicious use of the compromised data,” and that no customer credit card data had been infringed upon:

Postal Service transactional revenue systems in Post Offices as well as on usps.com where customers pay for services with credit and debit cards have not been affected by this incident. There is no evidence that any customer credit card information from retail or online purchases such as Click-N-Ship, the Postal Store, PostalOne!, change of address or other services was compromised.

RT reported that an investigation done by the Associated Press revealed that “federal agents and contractors alike are all too guilty of letting systems become infected by clicking bogus links, accidentally installing malware or otherwise opening up networks to hackers by way of their own inept operational security.

Multiple U.S. Postal employees declined Benswann.com’s request for a comment on the issue, stating that they were told to refer all questions they received from the media to USPS customer relations.

Regarding the handout’s advice on how employees should answer questions from customers, it stated that they should assure customers that “the operations of the Postal Service are not impacted,” and that “Post Offices are functioning normally and mail and packages are being delivered as usual.”

Read the full document given to USPS employees: Screen Shot 2014-11-10 at 6.35.48 PM

Technology, US

NSA’s Revealed Surveillance State: Hacking Keyboards, USB Drives, Firmware, Monitors and More

51 Comments

Article submitted by guest contributor Ezra Van Auken.

 

What’s been said so far about the National Security Agency (NSA) is certainly frightening to privacy and civil libertarian advocates; but with the newest revelations of them all, it’s clear that more of the revealing leaks have only arrived. Whether the leaks are a positive or negative move by whistleblower Edward Snowden is debatable, but the fact remains that what Snowden did has changed the landscape of government discussion.

Digging right in, computer hackers and gurus converged on Brazil for the 2013 Chaos Communication Conference (CCC), the thirtieth year in a row the event has taken place. Of course though, this year around, government spying revelations have hit tech junkies and privacy backers like a ton of bricks. Featured at the CCC event were speakers well known to the current tech community such as Jacob Applebaum and Julian Assange.

Given the current government surveillance debate, Applebaum and Assage were pretty much expected, considering both have dealt heavily with intrusive spying. During the event, Assange video-chatted into the Brazilian conference and offered solution, telling hackers and computer gurus to fight against state-sanctioned surveillance. What Applebaum had to offer though, is what brought down the house for listeners.

Just moments before Applebaum’s CCC speech, Germany’s newspaper Der Spiegel dropped new revelations – probably the most revealing yet – showing the NSA’s vast backdoor access into systems worldwide. Applebaum, member of the Tor project, which is an Internet web browser dedicated to increasing anonymity, decided to gear his speech around the latest revelations. What came during Applebaum’s hour-long speech turned wake-up call, shook the room and YouTube views.

To begin, Applebaum revealed a handful of programs, tools and backdoor hacks, which the NSA uses to monitor people’s systems and data. Let’s take a detailed look into each.

The first newly leaked NSA component called “RAGEMASTER” is a hardware implant that detects and seizes image signals from VGA monitors. The implant itself is hidden in the ferrite insulation of the monitor cable, behind the plug. What is even more mind numbing is the way it works.

When RAGEMASTER is illuminated by the radar unit, the signal is inflected with the red video information. As explained on the released slide, “This information is re-radiated, where it is picked up at the radar, demodulated, and passed onto the processing unit and an external monitor,” which then recreates the horizontal and vertical sync of the monitor, giving NSA personnel the ability to see exactly what’s on the monitor.

Now that we’ve learned how the NSA is able to view exactly what is on your monitor, let’s take a look at “SURLYSPAWN”. This particular hack allows NSA personnel to record and analyze keystrokes, even when the computer isn’t connected to the Internet. SURLYSPAWN is a hardware implant as well, and assists in the transmitting of what a user is typing. The slide noted that “An invisible signal emitted by the implant is modified by every keystroke, and then a radar signal emitted by a device located outside the building makes the implant’s invisible signal visible.

Once the signal is visible, personnel around the target can see everything being stroked on the keyboard. Using similar processes as RAGEMASTER, the SURLYSPAWN hack requires the implant onto a keyboard.

Then there’s “COTTONMOUTH”: another hardware implant inserted into a USB drive. It is disguised as either a keyboard’s USB plug or a USB extension cord that can be connected between a device and the intended computer. Its role is either to intercept communications or to interject Trojans, while also being able to respond to other already-implanted COTTONMOUTH implants. COTTONMOUTH can monitor the network as well as command the computer and network.

Switching over to the computer in its entirety, “GINSU” is a software hack, which allows other NSA hardware and software programs like BULLDOZER and KONGUR to maintain its stay in the system. When installed, GINSU can catch system reboots and upgrades, so that when the upgrade or reboot takes place, the software is restored to the system. Leaving the target entirely infected, rebooted or not.

And don’t think your wireless LAN is free from constraint. Der Spiegel explains, “The NSA’s ANT division also develops methods for gaining access to wireless LAN networks from the outside, allowing them to tap into these networks and plant their own software on them.” This brings us to the NSA’s “NIGHTSTAND”, which can remotely insert data packets into various Windows systems. The list includes insertions of malware into the wireless networks’ traffic. NIGHTSTAND’s process is mobile and works up to 8 miles.

Some of the targets that NIGHTSTAND can successfully exploit include Win2k, WinXP and WinXPS1P2 running IE, and the packet injection can go after either one target or multiple targets, remaining undetectable by users. Overall, the NIGHTSTAND packet injection would be used during situations when the intended target has no access to a wired connection.

Unfortunately for the privacy advocates and opponents to the surveillance state, Der Spiegel, its journalists involved and Applebaum didn’t stop here. Other NSA backdoors include phone software/hardware hacks, which allow the remote ability to control the hotmic, camera, voicemail details and other areas in the mobile phone. In addition, it’s been revealed that the NSA’s personnel have successfully exploited larger server systems and firewalls with programs such as IRONCHEF and JETPLOW.
At the same time of hype however, those concerned with state spying are only confirming their previously unsure speculation. From reading a user’s monitor, to keyboard stroke detection, to hacking wireless LANs, your footsteps on the Internet are being constantly preserved and stored by the watchers: the NSA. In the end, as government spying grows, it’ll be left up to the market of hackers, computer gurus and other specialists to block, exploit and encrypt around the NSA’s prying eyes, which even now seems like a stretch.

Technology, US

NSA has complete control of your iPhone, can activate your microphone and camera without you knowing

80 Comments

 

Leaked documents now show what we all suspected: the NSA can turn your iPhone’s microphone and camera on and off without you knowing.

According to Der Spiegel’s website:

“The NSA’s ANT division develops implants for mobile phones and SIM cards. One of these is a spyware implant called “DROPOUTJEEP” — designed for the first generation of iPhones — which was still in development in 2008, shortly after the iPhone’s launch. This spyware was to make it possible to remotely download or upload files to a mobile phone. It would also, according to the catalog, allow the NSA to divert text messages, browse the user’s address book, intercept voicemails, activate the phone’s microphone and camera at will, determine the current cell site and the user’s current location, “etc.” ANT’s technicians also develop modified mobile phones, for use in special cases that look like normal, standard devices, but transmit various pieces of information to the NSA — that can be swapped undetected with a target’s own mobile phone or passed to informants and agents. In 2008, ANT had models from Eastcom and Samsung on offer, and it has likely developed additional models since.”

See leaked document below:

S3222_DROPOUTJEEP

As we reported previously, ANT specialists at the NSA’s department for Tailored Access Operations can remotely access, monitor, and manipulate data in electronics around the world.

According to the report, the NSA intercepts shipments that are ordered online and spyware is manually installed on their target’s iPhone.

The NSA claims a 100 percent success rate when it comes to implanting iOS devices with spyware, reports The Daily Dot.

Journalist and security researcher Jacob Appelbaum asks important questions in the video below.

Is Apple helping the NSA?

Follow Joshua Cook on Facebook and on Twitter: @RealJoshuaCook

Technology, US

NSA’s spy gear: ANT is a secret weapon that hacks electronics worldwide

17 Comments

 

From Samsung smartphones to Dell computers, Americans are being tracked by the NSA via electronic spy gear. Last week Snowden warned Americans in a Christmas message that big brother is watching. “We have sensors in our pockets that track us everywhere we go,” he said. Now Snowden has leaked the document that proves his claim.

One of the documents Snowden has reportedly leaked is a product catalog for spies and hackers at the NSA.

NSA hacksAccording to Der Spiegel, “a product catalog reveals that an NSA division called ANT (Access Network Technology) has burrowed its way into nearly all the security architecture made by the major players in the industry — including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell.”

The article claims that ANT specialists at the NSA’s department for Tailored Access Operations can remotely access, monitor, and manipulate data in electronics around the world. Electronic devices that cannot be attacked via the internet are intercepted and manually bugged. In some cases, the NSA actually intercepts packages to put “backdoors” in electronics.

Der Spiegel explains, “These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives — from computing centers to individual computers, from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA’s specialists seem already to have gotten past them.”

ANT specialists can choose spy gear from a 50-page catalog to assist them in spying operations.

Some of the listed items are:

  • Rigged monitor cable – $30 – Allows “TAO personnel to see what is displayed on the targeted monitor.
  • GSM base station – $40,000 – Mimics mobile phone tower and allows cell phone monitoring.
  • Computer bugging devices (50 pack) – $1 million – Disguised as normal USB plugs, it is capable of sending and receiving data via radio undetected.

SPIEGEL states that these American technology companies are not aware that the NSA has hacked their systems.

“Cisco does not work with any government to modify our equipment, nor to implement any so-called security ‘back doors’ in our products,” the company said in a statement.

 

Last week, Ben Swann, reported that U.S. District Judge William H. Pauley III ruled it was legal for the NSA to collect bulk meta-data of American’s phone records.

“One could argue that the ruling by a Federal Judge that the NSA spying program is legal was not only a horrible ruling, but based on his personal view and not grounded at all in law,” Swann said.

The lawsuit argues that the phone surveillance program violates both the First Amendment rights of free speech and association, and the Fourth Amendment’s protections against unreasonable searches and seizures. At least three other lawsuits challenging bulk data collection are pending in other federal courts. Attorney Brett Max Kaufman said the ACLU will appeal Friday’s ruling.

The newly leaked documents are striking, though. As the NSA revelations keep on coming, it could provide more evidence for civil liberty lawsuits.

 

 

Education, US

Student Records Easily Hacked: Security Breach Triggers Common Core Rebellion from Teachers and Parents

16 Comments

According to Long Island Newsday, Suffolk (N.Y.) Police and Sachem School District are investigating a suspected security breach where a hacker was able to access and leak to a web forum personal student data, including medical and disciplinary records.

That student database is linked to the Common Core standards and the longitudinal collection of student data associated with Obama’s Race to the Top, which offered school districts $4 billion in grants if they chose to participate in the program.

According to The Journal News, in Westchester, Rockland, Putnam counties, N.Y., the database uploads to Web cloud run by inBloom, a non-profit group funded by the Gates Foundation and supported by Amazon.

Even before the early November security breach, parents and teachers were concerned about data collection and the potential of sharing it or stealing it.

The Journal News reported that more than 20 districts in the Lower Hudson Valley have pulled out of New York’s participation in the federal Race to the Top initiative, hoping that doing so will allow them to withhold certain data. Since the state has said that this strategy will not work, districts are now writing to inBloom directly and requesting that their student records be deleted.

A dozen parents in New York City even went so far as seeking a restraining order to protect their children’s data.

These concerns aren’t limited to school districts in New York. According to The New American, schools in Delaware, Colorado, Massachusetts, Kentucky, Illinois, Louisiana, Georgia and North Carolina have committed to “pilot testing” and information dissemination via sending students’ personal information to the inBloom database.
The New American reports, “The fact that Common Core Standards require children’s personal information to be provided to a database that can be expected to sell or share the data to unspecified companies is worrisome to many parents and educators. ‘It leads to total control and total tracking of the child,’ said Mary Black, curriculum director for Freedom Project Education, an organization that provides classical K-12 online schooling. ‘It completely strips the child of his or her own privacy.’”