Tag Archives: nsa

Telecoms, data center infrastructure infiltrated, Bloomberg stories say, mystery deepens despite denials

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Taken at face value, a pair of articles on Bloomberg by Jordan Robertson and Michael Riley details how Chinese government intelligence agencies snuck tiny chips into computer servers used by Amazon and Apple, and by at least one major U.S. telecoms company. The devices – as small as the tip of a pencil – could be used to listen to communications going in and out, or to dive deeper into those systems.

If true, Bloomberg’s reporting means that the Chinese government, and possibly other intelligence agencies and criminal groups, have a backdoor that leads deep into U.S. telecoms and data processing infrastructure. It is flatly denied by some U.S. government security officials, by Apple and Amazon, and, according to a story by Jason Koebler, Joseph Cox, and Lorenzo Franceschi-Bicchierai on Motherboard, by most major U.S. telecoms companies…

Motherboard has reached out to 10 major US telecom providers, and the four biggest telecoms in the US have denied to Motherboard that they were attacked: In an email, T-Mobile denied being the one mentioned in the Bloomberg story. Sprint said in an email that the company does not use SuperMicro equipment, and an AT&T spokesperson said in an email that “these devices are not a part of our network, and we are not affected.” A Verizon spokesperson said: “Verizon’s network is not affected.”

A CenturyLink spokesperson also denied that the company is the subject of Bloomberg’s new story. A Cox Communications spokesperson said in an email: ”The telecom company referenced in the story is NOT us." Comcast also said it’s not the company in the Bloomberg story.

Charter Communications and Frontier Communications, two of California’s biggest telecoms companies, aren’t on the not me list, but that might be the result of poor response by their press relations people or, less likely, because they weren’t contacted by Motherboard.

Although Bloomberg’s stories have been refuted by U.K. intelligence agencies, their U.S. counterparts have been silent, as is common practice. Which leaves the door open to uncomfortable speculation: they could have discovered the backdoors and be taking advantage of them too. And if they can, so can other national governments and criminal organisations. Unfortunately, U.S. government spy agencies put a higher priority on their own access to cracked systems, than on defending public cyberspace.

Until this mystery is solved, we’ll have to cope with the possibility that our data centers and telecoms networks are hopelessly compromised.

NSA shares blame with criminals for massive ransomware attack

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Cybercriminals successfully penetrated more than 200,000 computer systems in 150 countries in a continuing attack that began late last week. The initial assault was unwittingly blocked by a security blogger who triggered an off switch while trying to figure out what was going on. But that didn’t help systems that were already infected – it will can still spread from computer to computer within a network – and a new version, without the kill switch, is reported to be already out and running wild.

The ransomware encrypts data on infected networks, and demands a bitcoin payment of $300 to free it up.

It did not have to happen. The ransomware exploited a flaw in Microsoft’s Windows operating system that was 1. known to the U.S. National Security Agency and 2. leaked into the public domain earlier this year. It gives the lie to the claims of the NSA, FBI and other national security and law enforcement agencies that they can be trusted to safeguard and wisely use software and encryption backdoors, as the Washington Post’s Brian Fung explains

The NSA leak in April showed that even those vulnerabilities thought to be under control by responsible state actors can find themselves on the black market. The story of Wanna Decryptor, ultimately, is the story of nearly all weapons technology: Eventually, it will get out. And it will fall into the wrong hands.

“These attacks show that we can no longer say that vulnerabilities will only be used by the ‘good guys,’ ” said Simon Crosby, the co-founder of Bromium, a California-based computer security firm. Crosby likened the unauthorized leak of the NSA’s hacking tools to “giving nuclear weapons to common criminals.”

The NSA’s conduct was irresponsible. When it discovered the Windows exploit, it should have notified Microsoft so that the vulnerability could be fixed immediately. Instead, it kept a backdoor open to millions upon millions of computers and networks, that would have eventually been found and used by criminals, even if it hadn’t managed its own security so incompetently.

Snowden tells CES crowd fighting encryption is the wrong fight

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

“I’ve read the emails of terrorists, I know what they’re doing, I know how they work”, Edward Snowden told a rapt audience in a CES booth yesterday. “Terrorists are already using encryption. Everybody in the world is using encryption”.

He was being interviewed by serial entrepreneur Peter Diamondus – X-Prize, Singularity and, yesterday, Human Longevity, Inc. – via a BeamPro telepresence robot made by Palo Alto-based Suitabletech. It was a promotionally convenient necessity since Snowden is a fugitive, living in exile in Russia after blowing the whistle on the National Security Agency’s massive data trawling operation.

Snowden has no regrets about what he did, saying “I volunteered to go to prison”. Still, he’s in no hurry to get there and believes that the law enforcement agencies chasing him are on the wrong track. “I don’t think it’s right to act as deterrent against people trying to do the right thing”, he said.

Restricting or weakening legal encryption technologies wouldn’t deter terrorists and criminals – they wouldn’t restrict themselves to legal means – and in any event they also use open communications techniques. French police were able to gather a tremendous amount of information about the recent Paris attacks from unencrypted data on mobile phones used by the killers, enough to track down the people who organised the mass murders, he said.

Giving law enforcement officials a back door to everyone’s private information is an even worse answer, he believes.

“They think they need to restrict our freedom to keep us safe”, Snowden said. But the only existential threat comes from measures we take against ourselves. It’s “the only way to lose an open society”.

“Are we ever going to correct our government?” he asked. “It’s not a fight, it’s an ongoing struggle, it’s a process”.

Latest Snowden revelations will push Internet infrastructure and traffic away from U.S.

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

If there was ever any doubt that there’s no privacy on the Internet, the latest nuggets from Edward Snowden’s trove of documents detailing U.S. electronic spying efforts should remove it. Stories on the ProPublica.org website and in the New York Times show how telecommunications companies have cooperated with the National Security Agency to trawl emails that pass through their systems, regardless of where the messages originate or where they are destined. According to the ProPublica story, AT&T was singled out in the documents for its “extreme willingness to help” the NSA…

In September 2003, according to the previously undisclosed NSA documents, AT&T was the first partner to turn on a new collection capability that the NSA said amounted to a “‘live’ presence on the global net.” In one of its first months of operation, the [AT&T-run surveillance] program forwarded to the agency 400 billion Internet metadata records — which include who contacted whom and other details, but not what they said — and was “forwarding more than one million emails a day to the keyword selection system” at the agency headquarters in Fort Meade, Maryland.

The original documents are posted alongside the ProPublica story, and make for interesting reading. Slide presentations show how an email sent to Brazil from Iran will naturally pass through a commercial server in the U.S., due to “international choke points”, “least cost routing” and other perfectly ordinary technical characteristics of the Internet.

It’s not just compliant telecoms companies that give the NSA this immense trawling capability. It also results from the fundamental architecture of the Internet, which is largely centered in and managed by the U.S.

Expect far greater international pressure to change this status quo as a result of these revelations. Even friendly countries will want alternative data paths that don’t pass through U.S. hands.