December 29, 2013 at 11:09 pm #41727
Report: NSA intercepts computer deliveries
December 29, 2013 6:14 PM EST
LONDON (AP) A German magazine lifted the lid on the operations of the National Security Agency’s hacking unit Sunday, reporting that American spies intercept computer deliveries, exploit hardware vulnerabilities, and even hijack Microsoft’s internal reporting system to spy on their targets.
Der Spiegel’s revelations relate to a division of the NSA known as Tailored Access Operations, or TAO, which is painted as an elite team of hackers specializing in stealing data from the toughest of targets.
Citing internal NSA documents, the magazine said Sunday that TAO’s mission was “Getting the ungettable,” and quoted an unnamed intelligence official as saying that TAO had gathered “some of the most significant intelligence our country has ever seen.”
Der Spiegel said TAO had a catalog of high-tech gadgets for particularly hard-to-crack cases, including computer monitor cables specially modified to record what is being typed across the screen, USB sticks secretly fitted with radio transmitters to broadcast stolen data over the airwaves, and fake base stations intended to intercept mobile phone signals on the go.
The NSA doesn’t just rely on James Bond-style spy gear, the magazine said. Some of the attacks described by Der Spiegel exploit weaknesses in the architecture of the Internet to deliver malicious software to specific computers. Others take advantage of weaknesses in hardware or software distributed by some of the world’s leading information technology companies, including Cisco Systems, Inc. and China’s Huawei Technologies Ltd., the magazine reported.
Der Spiegel cited a 2008 mail order catalog-style list of vulnerabilities that NSA spies could exploit from companies such as Irvine, California-based Western Digital Corp. or Round Rock, Texas-based Dell Inc. The magazine said that suggested the agency was “compromising the technology and products of American companies.”
Old-fashioned methods get a mention too. Der Spiegel said that if the NSA tracked a target ordering a new computer or other electronic accessories, TAO could tap its allies in the FBI and the CIA, intercept the hardware in transit, and take it to a secret workshop where it could be discretely fitted with espionage software before being sent on its way.
Intercepting computer equipment in such a way is among the NSA’s “most productive operations,” and has helped harvest intelligence from around the world, one document cited by Der Spiegel stated.
One of the most striking reported revelations concerned the NSA’s alleged ability to spy on Microsoft Corp.’s crash reports, familiar to many users of the Windows operating system as the dialogue box which pops up when a game freezes or a Word document dies. The reporting system is intended to help Microsoft engineers improve their products and fix bugs, but Der Spiegel said the NSA was also sifting through the reports to help spies break into machines running Windows. One NSA document cited by the magazine appeared to poke fun at Microsoft’s expense, replacing the software giant’s standard error report message with the words: “This information may be intercepted by a foreign sigint (signals intelligence) system to gather detailed information and better exploit your machine.”
Microsoft said that information sent by customers about technical issues in such a manner is limited.
“Microsoft does not provide any government with direct or unfettered access to our customer’s data,” a company representative said in an email Sunday. “We would have significant concerns if the allegations about government actions are true.”
Microsoft is one of several U.S. firms that have demanded more transparency from the NSA and worked to bolster their security in the wake of the revelations of former intelligence worker Edward Snowden, whose disclosures have ignited an international debate over privacy and surveillance.
Der Spiegel did not explicitly say where its cache NSA documents had come from, although the magazine has previously published a series of stories based on documents leaked by Snowden, and one of Snowden’s key contacts American documentary filmmaker Laura Poitras was listed among the article’s six authors.
No one was immediately available at Der Spiegel to clarify whether Snowden was the source for the latest story.
Another company mentioned by Der Spiegel, though not directly linked with any NSA activity, was Juniper Networks Inc., a computer network equipment maker in Sunnyvale, Calif.
“Juniper Networks recently became aware of, and is currently investigating, alleged security compromises of technology products made by a number of companies, including Juniper,” the company said in an email. “We take allegations of this nature very seriously and are working actively to address any possible exploit paths.”
If necessary, Juniper said, it would, “work closely with customers to ensure they take any mitigation steps.”
___December 30, 2013 at 9:58 am #41728
LOL! I’ve seen this article twice & didn’t pick up on the TAOists until you pointed it out.December 30, 2013 at 10:53 pm #41730December 31, 2013 at 12:36 pm #41732
there is NO mystery to it at all…
it is all BIOS code, 8 bit BIOS chips were basically 8 wire codes, 8 wires allow 8 binary options just like a byte, from there current chips on the public level run at something like a 64 line code..
is a !!! power line!!! can transmit full broadband via an adapter,
then the only real missing piece is implanted passive RFID, Microwave (other) ID which is real…
this means NO power supply necessary to activate, transmit, read via satellite a non powered cell phone, implant, etc
at BIOS level, these chips are implanted into everything form simple power supplies, batteries, hard drives, hospital chairs, vehicles…
it is ALL programmable, and apparent new leaks (?) agreements were mad at the manufacturer level to pre-build government exploitable code across the WORLD
this is gradeschool until the passive microwave and IR id’s..
a laptop can be hacked for EVERYTHING, all cell phones GPU positioned and recorded at any point in time..
it’s really ridiculous..
so what’s the point? who made your device and who made the deals?January 19, 2014 at 12:52 pm #41734
A botnet is a collection of Internet-connected programs communicating with other similar programs in order to perform tasks. This can be as mundane as keeping control of an Internet Relay Chat (IRC) channel, or it could be used to send spam email or participate in distributed denial-of-service attacks. The word botnet is a portmanteau of robot and network.
I’ll give you a very practical example. The Aspin-Brown Commission was charged with reviewing the entire US international intelligence community. They invited me to a benchmark exercise–myself against the entire US intelligence community on an impromptu question, which was Burundi, in August of 1995. Overnight, I got information with six phone calls. From Oxford Analytica, I got political military studies on Burundi; from Eastview Publications, I got Russian military maps of Burundi; from Spot Image, I got commercial imagery of Burundi, cloud-free, less than three years old; from Janes Information Group, I got order of battle information for the tribes, at a time when governments were only following the Burundi army; from Lexis-Nexis, the top ten journalists in the world, immediately available for debriefing; and from the Institute of Scientific Information, the top ten academics in the world, immediately available for debriefing. In other words, by knowing who knows what in the private sector, with six phone calls I was able to assemble a team that was vastly superior in knowledge about Burundi than any government intelligence community in the world.
-Robert D. Steele
The term “white hat” in Internet slang refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organization’s information systems. Ethical hacking is a term coined by IBM meant to imply a broader category than just penetration testing. White-hat hackers may also work in teams called “sneakers”, red teams, or tiger teams.
The term hacker has acquired many meanings, including, a creative programmer, one who illicitly breaks into computers, a novice golfer who digs up a course, a taxicab driver, and ditch digger. Confusion between the first two interpretations results in the perception that one need be brilliant or creative to break into computers. This may not be true. Indeed, the person we followed was patient and plodding, but hardly showed creative brilliance in discovering new security flaws…skills and techniques to break into systems are quite different from those to detect and trace an intruder. The intruder may not even realize the router chosen; the tracker, however, must understand this route thoroughly. Although both must be aware of weaknesses in systems and networks, the former may work alone, whereas the latter must forge links with technical and law-enforcement people. The intruder is likely to ignore concepts of privacy and trust during a criminal tresspas; in contrast, the tracker must know and respect delicate legal and ethical restrictions.
-CLIFFORD STOLL, Stalking the Wily Hacker
An upset occurs in a competition, frequently in electoral politics or sports, when the party popularly expected to win (the favorite), is defeated by an underdog whom the majority expects to lose, defying the conventional wisdom. The underdog then becomes a giant-killer.The meaning of the word has sometimes been erroneously attributed to the surprising defeat of the horse Man o’ War by the horse Upset (the loss was the only one in Man o’ War’s career); in fact, the term pre-dates that 1919 race by at least several decades. In its sports coverage immediately following Upset’s victory, the Washington Post wrote, One might make all sorts of puns about it being an upset.
Sorry for my broken English.
I wouldn’t be too upset about this because it’s about competition anyway.
Maybe one simply would first of all need to take care that one is not uncontrollably falling into the specialization trap and then be there at the bottom of the pyramid with hardly any choices.
And one would need to be aware whether the game came is about low or high gain or if it might be for someone even that terminal one.
Though it’s extremely unlikely, there have been recently situations where some private organizations have been able to have both capital and governance, but only for very short time and in the end not for common good.
Ps. Who watches the watchmen?January 19, 2014 at 8:07 pm #41736
In its initial phase, all of the internet’s IP addresses were assigned to computers of one sort or another. Some of these were servers, and a growing number were clients that mostly consumed (but could sometimes modify) content on those servers.
As the internet and in due course the worldwide web developed, more kinds of (increasingly mobile) computing devices became connected, and web servers delivered ever richer content with which they could interact. Although this first internet/web revolution changed the world profoundly, the next disruptive development, in which the majority of internet traffic will be generated by ‘things’ rather than by human-operated computers, has the potential to change it even more.
SUNNYVALE, CA, Jan 16, 2014 (Marketwired via COMTEX) — Proofpoint, Inc., PFPT +1.43% , a leading security-as-a-service provider, has uncovered what may be the first proven Internet of Things (IoT)-based cyberattack involving conventional household “smart” appliances. The global attack campaign involved more than 750,000 malicious email communications coming from more than 100,000 everyday consumer gadgets such as home-networking routers, connected multi-media centers, televisions and at least one refrigerator that had been compromised and used as a platform to launch attacks. As the number of such connected devices is expected to grow to more than four times the number of connected computers in the next few years according to media reports, proof of an IoT-based attack has significant security implications for device owners and Enterprise targets.
Just as personal computers can be unknowingly compromised to form robot-like “botnets” that can be used to launch large-scale cyberattacks, Proofpoint’s findings reveal that cyber criminals have begun to commandeer home routers, smart appliances and other components of the Internet of Things and transform them into “thingbots” to carry out the same type of malicious activity. Cyber criminals intent on stealing individual identities and infiltrating enterprise IT systems have found a target-rich environment in these poorly protected internet connected devices that may be more attractive and easier to infect and control than PC, laptops, or tablets.
The attack that Proofpoint observed and profiled occurred between December 23, 2013 and January 6, 2014, and featured waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting Enterprises and individuals worldwide. More than 25 percent of the volume was sent by things that were not conventional laptops, desktop computers or mobile devices; instead, the emails were sent by everyday consumer gadgets such as compromised home-networking routers, connected multi-media centers, televisions and at least one refrigerator. No more than 10 emails were initiated from any single IP address, making the attack difficult to block based on location — and in many cases, the devices had not been subject to a sophisticated compromise; instead, misconfiguration and the use of default passwords left the devices completely exposed on public networks, available for takeover and use.
“Bot-nets are already a major security concern and the emergence of thingbots may make the situation much worse,” said David Knight, General Manager of Proofpoint’s Information Security division. “Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur. Enterprises may find distributed attacks increasing as more and more of these devices come on-line and attackers find additional ways to exploit them.”
While IT experts have long predicted security risks associated with the rapidly proliferating Internet of Things (IoT), this is the first time the industry has reported actual proof of such a cyber attack involving common appliances — but it likely will not be the last example of an IoT attack. IoT includes every device that is connected to the internet — from home automation products including smart thermostats, security cameras, refrigerators, microwaves, home entertainment devices like TVs, gaming consoles to smart retail shelves that know when they need replenishing and industrial machinery — and the number of IoT devices is growing enormously. IDC predicts that more than 200 billion things will be connected via the Internet by 2020(1). But IoT devices are typically not protected by the anti-spam and anti-virus infrastructures available to organizations and individual consumers, nor are they routinely monitored by dedicated IT teams or alerting software to receive patches to address new security issues as they arise. The result is that Enterprises can’t expect IoT-based attacks to be resolved at the source; instead, preparations must be made for the inevitable increase in highly distributed attacks, phish in employee inboxes, and clicks on malicious links.
“The ‘Internet of Things’ holds great promise for enabling control of all of the gadgets that we use on a daily basis. It also holds great promise for cybercriminals who can use our homes’ routers, televisions, refrigerators and other Internet-connected devices to launch large and distributed attacks,” said Michael Osterman, principal analyst at Osterman Research. “Internet-enabled devices represent an enormous threat because they are easy to penetrate, consumers have little incentive to make them more secure, the rapidly growing number of devices can send malicious content almost undetected, few vendors are taking steps to protect against this threat, and the existing security model simply won’t work to solve the problem.”
About Proofpoint, Inc. Proofpoint Inc. PFPT +1.43% is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance, and secure communications. Organizations around the world depend on Proofpoint’s expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information. More information is available at http://www.proofpoint.com .
Proofpoint is a trademark of Proofpoint, Inc. in the U.S. and other countries. All other trademarks contained herein are the property of their respective owners.
You must be logged in to reply to this topic.