Espionage

  • China syndromeChinese government hackers collected information on U.S. security clearance applicants

    Chinese government hackers last March broke into the computer networks of the U.S. Office of Personnel Management, the agency which keeps the personal information of all federal employees. The hackers targeted the information of tens of thousands of employees who had applied for top-secret security clearances. Experts note that the hacking of OPM files containing information about federal employees applying for security clearance is especially disturbing since federal employees applying for security clearances enter their most personal information.

  • Security clearancesU.S. approves fewer security clearances

    A new report by the Office of the Director of National Intelligence(ODNI) shows that the number of new security clearances provided by the federal government, both initial clearances and renewals, has decreased by 9 percent since 2011. The number of approved clearances decreased for the second consecutive year in fiscal 2013, to just over 777,000.One observer saidthe reduction is a response to a period in the mid-2000s when “basically everyone needed a clearance.”

  • CybersecuritySecuring Industry 4.0

    An increasing number of unsecured, computer-guided production machinery and networks in production facilities are gradually evolving into gateways for data theft. New security technologies may directly shield the sensitive data that is kept there.

  • Insider threatIdentifying, thwarting insider threats before they do damage

    Researchers argue that one way to identify and predict potential insider threats even before these individuals begin to do damage like stealing and leaking sensitive information, is by using Big Data to monitor changes in behavior patterns. Researchers at PARC, for example, found that individuals who exhibit sudden decrease in participation in group activity, whether in a game like World of Warcraft or corporate e-mail communications, are likely to withdraw from the organization. A withdrawal represents dissatisfaction with the organization, a common trait of individuals who are likely to engage in insider security breaches.

    • TECHEXPO - Exclusive Security-Cleared Hiring Events - Register Now!
    view counter

  • SurveillanceSnowden stole co-worker’s password to gain access to secret databanks: NSA

    One reason National Security Agency (NSA) former analyst Edward Snowden was able to gain such broad access to a wide variety of agency’s secret documents was that he copied a password from a co-worker who has since resigned. After Snowden was denied access to NSANet, the agency’s computer network which connects into many of the agency’s classified databases, he persuaded a co-worker, an NSA civilian employee, to use his – the co-worker’s — Public Key Infrastructure (PKI) certificate to gain access. The NSA told Congress Snowden used what the agency describes as “digital deception”: the civilian NSA employee entered his password on Snowden’s computer, not realizing that Snowden was able to capture the password, allowing him even greater access to classified information. Once he gained access to NSANet, Snowden released a “Web crawler” inside the system. The crawler automatically indexed the NSANet, and using the passwords Snowden held – one his, one or more those of co-workers – copied every document in its path.

  • SurveillanceGerman IT industry hopes to benefit from NSA leaks-inspired distrust of U.S. tech companies

    The German IT sector is hoping to benefit from trust lost in American technology firms in the aftermath of Edward Snowden’s leaks. The German government is looking to develop Internet security initiatives, with government departments vying with each other for a lead role. Both inside and outside the German government a proposal, known as “Schengen Routing,” is advanced which calls for data originated in Europe to be processed and stored within Europe. Critics warn that plans to create a European routing system could affect the openness of the Internet.

  • CybersecurityThe “Mask": Kaspersky Lab discovers advanced global cyber-espionage operation

    Kaspersky Lab’s security researchers have announced the discovery of the Mask (aka Careto), an advanced Spanish-language speaking threat actor that has been involved in global cyber-espionage operations since at least 2007. What makes the Mask special is the complexity of the toolset used by the attackers. This includes a sophisticated malware, a rootkit, a bootkit, Mac OS X and Linux versions, and possibly versions for Android and iOS (iPad/iPhone). The primary targets are government institutions, diplomatic offices and embassies, energy, oil, and gas companies, research organizations and activists. Victims of this targeted attack have been found in thirty-one countries around the world.

  • CybersecuritySnowden’ leaks derailed important cybersecurity initiatives

    Edward Snowden’s leaks created such a climate of distrust around the NSA that many important cybersecurity initiatives died, stalled, or became non-starters. Security experts say that this is a case of throwing the baby out with the bathwater, and that the result of these stalled cybersecurity initiatives is that the United States is now more vulnerable to cyberattacks on its infrastructure, and government agencies and American corporations more exposed to sensitive information being compromised and stolen. U.S. officials have found it more difficult to respond to cyberattacks from Russia, China, and elsewhere. “All the things [the NSA] wanted to do are now radioactive, even though they were good ideas,” says James Lewis, a cybersecurity expert at the Center for Strategic and International Studies(CSIS).

  • SurveillanceRep. Rogers, House Intelligence chair: Russian intelligence may have helped Snowden

    Representative Mike Rogers (R-Michigan), chairman of the House Intelligence Committee, said that Russia may have helped the former NSA contractor Edward Snowden to reveal details of surveillance programs and escape U.S. authorities last year. Rogers said he could reveal evidence which would support his claims, but suggested Snowden “used methods beyond his technical capabilities” and had help with his travel arrangements. Rogers’s comments were backed by Michael McCaul (R-Texas), chairman of the House Committee on Homeland Security. Senator Diane Feinstein (D-California), chair of the Senate Intelligence Committee, asked whether he was aided by the Russians, said: “He may well have.”

  • SurveillanceObama announces reforms of U.S. intelligence data collection practices

    President Barack Obama on Friday called for a “new approach” by the U.S. intelligence community to the collection of Americans’ phone metadata. The major changes in current practices involve storage of and access to bulk metadata; the presence of a public advocate during FISA court deliberations; new privacy protections for non-Americans; and new restrictions on spying on leaders of allied countries. Obama offered a robust defense of the U.S. intelligence services, saying that there was no evidence they had abused their power, and that many of their methods were necessary to protect Americans. “We will not apologize simply because our services may be more effective,” he said. The president pointedly noted that some countries that “have loudly criticized the NSA privately acknowledge that America has special responsibilities as the world’s only superpower . . . and that they themselves have relied on the information we obtain to protect their own people.”

  • SurveillanceNSA’s bulk collection programs’ contribution to thwarting terrorism minimal: study

    There are two questions about the NSA’s bulk information collection programs: are these programs legal? Are they effective? On the second questions, supporters of the programs say these surveillance measures are essential, and as proof they claim these programs helped thwart more than fifty potential terrorist attacks in more than twenty countries around the world. A new in-depth analysis shows, however, that these claims are overblown and even misleading. The study of 225 individuals recruited by al-Qaeda, or a like-minded group, or inspired by al-Qaeda’s ideology, and charged in the United States with an act of terrorism since 9/11, demonstrates that traditional investigative methods provided the initial impetus for investigations in the majority of cases, while the contribution of NSA’s bulk surveillance programs to these cases was minimal.

  • SurveillanceU.S. refuses a bilateral no-spy agreement with Germany

    The United States has refused to enter into a bilateral no-spy agreement with Germany, and has refused to rule out eavesdropping on calls of German political leaders in the immediate future, according to reports in the German press. It now appears that hopes in Germany that the United States would agree to a bilateral non-spying pact — similar to agreements between the United States and Britain, Canada, Australia, and New Zealand — have been dashed.

  • Intelligence sharingCIA sued over records surrounding the 1962 arrest of Nelson Mandela

    Ryan Shapiro, a Massachusetts Institute of Technology (MIT) Ph.D. candidate, filed a lawsuit yesterday (Tuesday) against the Central Intelligence Agency (CIA) over the spy agency’s failure to comply with his Freedom of Information Act (FOIA) request for records on the late Nelson Mandela. Shapiro wants to know why the CIA viewed Mandela as a threat to American security, and what actions the agency took to thwart Mandela’s efforts to advance racial justice and democracy in South Africa.

  • SurveillanceDeclassified documents strongly argue for keeping NSA programs secret

    On Saturday, James Clapper, the Director of National Intelligence, declassified a set of ten court documents which show that both the Bush and Obama administrations assert that that some of the more sensitive NSA surveillance programs should be kept secret. The administration declassified the documents following a court order related to two lawsuits filed the Electronic Frontier Foundation. The Bush and Obama administration strenuously reject the EFF’s charge that they were running a “dragnet surveillance.” Both administrations contend that the collection programs with explicit limits and minimization procedures which effectively protected the Constitutional rights of Americans.

  • Cyber exports controlCold War to cyber war, here’s how weapon exports are controlled

    By Bruce Baer Arnold

    It was reported last week that the U.K. government is pushing for new restrictions on software — in particular, on tools that would prevent surveillance by the state. This was the focus of negotiations to incorporate cyber security technologies into the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies. Wassenaar was born of the Cold War in 1996. The idea was to inhibit the Soviets (and Chinese) by preventing the export of military equipment and the technology that could be used to make, maintain or defeat that equipment. The push to include cybersecurity in Wassenaar negotiations is unlikely to be effective but will reassure nervous politicians and officials.