Friday, September 30, 2011

(KMOV) -- Wednesday night, TRICARE, the health care program for millions of military members, retirees, and their families announced a data breach that affects an estimated 4.9 million people.

Read TRICARE's statement here:

Science Applications International Corporation reported that one of its employees was driving backup computer tapes from one federal office to another in San Antonio, Texas. At one point, the car was broken into and the backup tapes were stolen. SAIC says it won't disclose how many tapes were taken, but says only "some" were encrypted.

The tapes that were lost included names, Social Security numbers, addresses, and medical treatment information of patients who were treated at San Antonio military treatment facilities (or patients who have had lab work processes there) from 1992 until September 7, 2011.

TRICARE and SAIC say they are working to identify all the beneficiaries whose information may have been lost and notify the affected people. TRICARE says that the risk of harm to patients is low because the thief would have to have access to specific hardware and software and know how to pull the data from the tapes.

Jarrett Kolthoff, who runs a cyber security firm called SpearTip, LLC, says people should be concerned.

"It doesn't take a rocket scientist to grab that information and than use that data in a nefarious manner," said Kolthoff.

"If it was unencrypted, my concern would be the leverage that somebody could use against individuals."


Wednesday, September 28, 2011

Which Telecoms Store Your Data the Longest? Secret Memo Tells All

The nation’s major mobile-phone providers are keeping a treasure trove of sensitive data on their customers, according to newly-released Justice Department internal memo that for the first time reveals the data retention policies of America’s largest telecoms.

The single-page Department of Justice document, “Retention Periods of Major Cellular Service Providers,” (.pdf) is a guide for law enforcement agencies looking to get information — like customer IP addresses, call logs, text messages and web surfing habits – out of U.S. telecom companies, including AT&T, Sprint, T-Mobile and Verizon.

The document, marked “Law Enforcement Use Only” and dated August 2010, illustrates there are some significant differences in how long carriers retain your data.

Verizon, for example, keeps a list of everyone you’ve exchanged text messages with for the past year, according to the document. But T-Mobile stores the same data up to five years. It’s 18 months for Sprint, and seven years for AT&T.

That makes Verizon appear to have the most privacy-friendly policy. Except that Verizon is alone in retaining the actual contents of text messages. It allegedly stores the messages for five days, while T-Mobile, AT&T, and Sprint don’t store them at all.


The Best Spies Money Can Buy
Security firms have found evidence that espionage agents are buying time on leased botnets: Will cybercriminals services lead to more efficient spying?

During the past decade, cybercriminals have specialized in the various tasks needed to compromise computers, steal data, and make money. Now, more elusive nation-state attackers could be using rented botnets and cybercriminal services to streamline their own operations, security experts say.

In June, security firm FireEye detected evidence of such a connection when it found instances of a remote-access Trojan whose code seemed to have been reused to infect machines with fake antivirus software. In another incident, cybercriminals sold access to compromised military and government computers, allowing would-be cyberspies to get direct access to their targets, says Darien Kindlund, senior staff scientist at FireEye.

The two examples are part of a building body of evidence that suggests attackers representing what the military and security industry refer to as the advanced persistent threat (APT) are not shying away from using criminals' resources to help them in their missions.

"If military and government hosts are being sold on the black market, who are the most likely buyers -- spammers?' No, they could buy something cheaper on a different network. But for APT?'Yes, it meets their mission objectives," Kindlund says.


Tuesday, September 27, 2011

SpearTip's Counterespionage Expert Warns of Emerging Cyber Threats to Private Industry

Former U.S. Counterintelligence Agent Jarrett Kolthoff keynotes conference of counterespionage practitioners and technologists.

St. Louis, Missouri (PRWEB) September 27, 2011

Espionage Research Institute (“ERI”) Conference – This year’s keynote speaker was Jarrett Kolthoff, a former U.S. Counterintelligence Agent, now CEO of cyber counterespionage firm SpearTip. Kolthoff provided valuable insights into recent and emerging domestic and foreign cyber espionage threats. Kolthoff was recognized with a plaque presented by ERI President, former CIA officer, Glenn Whidden.

SpearTip’s Kolthoff described a number of “incidents” he has dealt with for his Fortune 100 and other national and international clients to emphasize the increasing prevalence of internet-based surveillance techniques, cyber espionage, malware, APT (Advanced Persistent Threats) that requires his team to learn and adapt constantly to the ever-changing playing field.

Whidden created ERI in an effort to bring together Technical Surveillance Countermeasures (“TSCM”) specialists, security practitioners, businessmen and corporate security executives to share information about hostile global espionage targeting business and industry.

Additionally, Kolthoff sees more and more corporate espionage by departing employees electronically transferring large amounts of competitively sensitive company data. The ease with which such data can be copied and transported requires far higher levels of vigilance by company executives. According to Kolthoff, it is not a matter of “if” data theft will occur, but what the company is prepared to do in mitigation of such losses “when” a company discovers that it has already been breached.

Kolthoff notes that threats exist for enterprises of all types and sizes, from governmental to non-profits to low tech service providers, in addition to obvious targets such as technology driven multinationals. No matter the organization, corporate espionage and cyber warfare are not simply on the doorstep – they are already a dramatic reality.


Friday, September 23, 2011

U.S. spy agency trying to go mobile

(Reuters) - Troy Lange knows that just mentioning cellphones is enough to give security officers heartburn at the National Security Agency.

Lange, as the NSA's mobility mission manager, is developing a smartphone that he wants to bring inside the super-secret U.S. spy agency to access classified information and apps while on the move. He wants it to work as easily as any of the smartphones those that are so ubiquitous in the outside world.

That is no small vision for an agency where entire buildings are designated as Sensitive Compartmented Information Facilities, known as SCIFs in spy speak, with many restrictions to ensure the handling and discussion of secret information stays secure.

Visitors to the Fort Meade, Maryland, NSA complex are not allowed to bring outside cellphones into the building.

Lange argues that using smartphones inside areas that deal with secret material will increase efficiency.

"I want to get this into everybody's hands" -- every employee in the Defense Department, intelligence community and across government, he said, while acknowledging that kind of talk makes "the security people's heads pop off."


Tinker Tailor Soldier Spy – 2011 Trailer

An espionage thriller set around the Cold War. Ex MI6 George Smiley is forced out of retirement to unearth a Soviet agent within “The Circus.” It hits theaters on November 11th and I must say after peeping the trailer I’m eagerly anticipating its arrival. Watch this, and See for yourself.

Thursday, September 22, 2011

Feds: Trio hacked Wi-Fi or burglarized 50 firms

Seattle police detectives say they've unraveled a theft ring that operated both in cyberspace and through old-fashioned burglaries with a technological twist — breaking into a company with the sole purpose of installing malicious software to enable future thefts.

It took nearly three years, but Seattle police detectives say they've unraveled a theft ring that operated both in cyberspace and through old-fashioned burglaries with a technological twist — breaking into a company with the sole purpose of installing malicious software to enable future thefts.

Federal prosecutors have indicted three men — Joshua Allen Witt, 34; Brad Eugene Lowe, 36; and John Earl Griffin, 36 — on charges of conspiracy and eight other counts including accessing a protected computer to further fraud, access device fraud and aggravated identity theft.

The 20-page indictment lays out a scheme that U.S. Attorney Jenny Durkan on Wednesday said was "both sophisticated and rudimentary," and combined high technology with broken glass and jimmied locks.

The trio is accused of targeting at least 53 companies, with losses expected to mount into the hundreds of thousands of dollars.

"In some cases, the victims were both burgled and cyber-burgled," Durkan said at a news conference.

The indictment accused the men of "wardriving" — cruising in a vehicle outfitted with a powerful Wi-Fi receiver to detect business wireless networks. They then would hack into the company's network from outside, cracking the security code and accessing company computers and information.


Wednesday, September 21, 2011

Appeals Court OKs Challenge to Warrantless Electronic Spying


A legal challenge questioning the constitutionality of a federal law authorizing warrantless electronic surveillance of Americans inched a step closer Wednesday toward resolution.

The 2nd U.S. Circuit Court of Appeals, for the second time, rejected the Obama administration’s contention that it should toss a lawsuit challenging the 2008 Foreign Intelligence Surveillance Amendments Act. Among other things, the government said the plaintiffs — Global Fund for Women, Global Rights, Human Rights Watch, International Criminal Defence Attorneys Association, The Nation magazine, PEN American Center, Service Employees International Union and others — don’t have standing to bring a constitutional challenge because they cannot demonstrate that they were subject to the eavesdropping or suffered hardships because of it.

The lawsuit, backed by the American Civil Liberties Union, was lodged within hours of the FISA Amendments Act (.pdf) being signed into law by President George W. Bush in July 2008. The legislation is being challenged because it allows the National Security Agency to electronically eavesdrop on Americans without a probable-cause warrant if one of the parties to the communication resides outside the United States and is suspected of a link to terrorism.

“It is the glory of our system that even our elected leaders must defend the legality of their conduct when challenged,” (.pdf) Judge Gerard Lynch wrote.


Cyber spying is the new face of espionage

'When we do trace [cyber espionage] back to China, the Chinese put the blame on a rogue group of hackers — they're very careful to make sure it never gets traced back to intelligence or defence sources.'
—Christian Leuprecht, Royal Military College of Canada

When many people think of espionage, the image that readily comes to mind is of the furtive spy, clad in black, taking photographs of secret dossiers with a camera disguised as a cigarette lighter. It's an image that seems quaint and dated, especially since the end of the Cold War. But the recent controversy surrounding Conservative MP Bob Dechert's flirtatious email exchanges with a Chinese journalist remind Canadians that the threat of international espionage did not vanish with the fall of the Iron Curtain.

If anything, the threat to Canadian secrets has strengthened in recent years and is something the federal government is fighting on a daily basis.

Christian Leuprecht, an associate professor of political science at the Royal Military College of Canada in Kingston, says the Dechert case represents a textbook example of international espionage.

"It is an active, long-standing intelligence tradition to use journalists, because it's easy to place them on temporary assignment somewhere for a period of time," he said. Journalists ask questions, meet people, learn things. "There seems to be something more to the story than meets the eye." But although they are still used, the need for such field operatives is declining in the online age.


Tuesday, September 20, 2011

OnStar Begins Spying On Customers’ GPS Location For Profit

I canceled the OnStar subscription on my new GMC vehicle today after receiving an email from the company about their new terms and conditions.

While most people, I imagine, would hit the delete button when receiving something as exciting as new terms and conditions, being the nerd sort, I decided to have a personal drooling session and read it instead. I’m glad I did.

OnStar’s latest T&C has some very unsettling updates to it, which include the ability to sell your personal GPS location information, speed, safety belt usage, and other information to third parties, including law enforcement. To add insult to a slap in the face, the company insists they will continue collecting and selling this personal information even after you cancel your service, unless you specifically shut down the data connection to the vehicle after canceling.

The complete update can be found here. Not surprisingly, I even had to scrub the link as it included my vehicle’s VIN number, to tell OnStar just what customers were actually reading the new terms and conditions.


3,000 Intelligence officials' names, emails leaked as 'INSA spies'
Last week, a "premier intelligence and national security organization" was hacked and then hundreds of intelligence officials, ranging from the NSA, FBI, CIA, the Pentagon, the White House, had their names, email addresses, some phone numbers and even home addresses posted on Cryptome.

Intelligence and National Security Alliance (INSA) published a Cyber Intelligence report [PDF] about the need to develop better cyber intelligence sharing, analysis and defenses against the "cyber threat environment" where hackers are cracking into everyone's systems, from government agencies to private companies. 48 hours later, a cyberattack was launched against INSA website and the membership list was leaked after the hack.

MSNBC reported that "in apparent retaliation, INSA's 'secure' computer system was hacked and the entire 3,000-person membership posted on the" There were 95 email addresses belonging to the "supersecret National Security Agency, as well as scores of others in key positions at the White House, the Pentagon, FBI, CIA, the Office of Director of National Intelligence and the State Department." John Young who runs Cryptome said in a telephone interview with NBC that he had no reservations about publishing 'INSA Nest of Official and Corporate Spies.' Young said, "We would love to name every spy that lives on Earth."

NSA President Ellen McCarthy confirmed the leak is real and told MSNBC that exposed members are not happy about the published list of names and email addresses. "Intelligence people are not very fond of getting a lot of attention."


5-year-old girl finds hidden camera in a D.C. Starbucks bathroom

A five-year-old girl walked out of Starbucks with more than just a hot chocolate after having discovered a hidden camera in the coffee shop's unisex bathroom.

The girl's family is now suing the coffee chain for damages after she and her father were taped while using the toilet in a D.C. Starbucks.

William Yockey and his family were visiting the capital in late August from their home in Norfolk, Virginia.

His daughter discovered a video camera hidden underneath the sink that was pointed towards the toilet. Yockey determined that the camera was on and recording, then notified the police.

The camera was taken by police for further investigation, and no suspects have been named.

Because so little is known about the camera- including who put it there and when- this lawsuit could theoretically be opened up to include anyone else who used the restroom at that Starbucks.

The lawsuit, which will be heard in D.C. Superior Court, claims that the daughter suffered 'permanent and continuing emotional pain and suffering, humiliation, embarrassment and great emotional distress'


Defence contractor warns of false cyber security beliefs

Four 'mindsets' that trip up specialists.

BAE Systems Australia's cyber security head has warned against four mindsets preventing security specialists from effectively dealing with cyber threats.

According to the defence contractor's Tim Scully, an overemphasis on all-encompassing defensive measures or on compliance with standards or regulations could be counterproductive.

Scully, who was also the chief executive officer of BAE subsidiary Stratsec, chaired a work group on Cyber Threat and Fortress Mentality at the second national cyber warfare conference in Canberra this week.

Fortress mindset

He described the "fortress mindset" as the traditional approach to security, where specialists aimed to keep all threats outside of their networks.

Defensive measures in a "fortress" approach focused on systems and infrastructure rather than focusing on protecting the organisation's most valuable information.

That approach was as naïve as thinking that everything inside the network was secure, he said.

“If your network is connected to the Internet, and you have something of value to a threat actor, you are likely already compromised," he said.


Sunday, September 18, 2011

Espionage Research Institute (ERI) 2011 Conference

Espionage Research Institute (ERI) 2011 Conference

The 2011 ERI Conference brought together a group of leading edge counterintelligence practitioners that respond to crisis situations and espionage incidents from both foreign and domestic threats.


Sept 18, 2011 - The 2011 ERI Conference brought a group of these counterespionage agents out of the shadows for a brief moment to share information with their brethren. The threats levied against corporations from either electronic surveillance (bugs) or the latest threats from malware (Advance Persistent Threats) require these specialists to keep abreast of the latest threats. Adhering to ERI’s motto: "The Biggest Mistake That We Can Make Would Be To Miss The Changes", and their membership meets annually to ensure they remain aware of the changes in the espionage industry and can effectively detect threats.

This year’s keynote address from Jarrett Kolthoff, CEO – SpearTip, a former U.S. Counterintelligence Agent, addressed the threats levied against corporations from both foreign and domestic competitors. Mr. Kolthoff provided insight on how many corporations are responding to these incidents and are holding the rogue employee and/or competitor accountable for their actions.

Other presenters at the conference brought some of their latest technology, such as the OSCOR GREEN from Research Electronics International (REI) The OSCOR Green was designed for commercial applications to detect illicit eavesdropping signals, perform site surveys for communications systems, conduct radio frequency (RF) emissions analysis, and investigate misuse of the RF spectrum.

AIR Patrol Corp, shared their latest in cellular detection technology.

Global TSCM Corp brought their latest technology and gave a TSCM products demo.

Professional Development TSCM Group Inc., presented on the Kestrel TSCM TM Professional Software a Canadian designed and developed TSCM total RF collection and analysis solution; scalable to address all operational threat levels.

Walleye Technologies, Inc. presented their new portable microwave imaging device for a wide variety of applications that require handheld imaging and microwave capabilities.

Other notable presentations from ERI members and TSCM Specialists included:

"The Future of TSCM" by Steve Whitehead, of Eavesdropping Detection Solutions. Gauteng, South Africa.

"GSM & Hybird Cellular Threats" by Jason Dibley & James Williams of QCC Interscan Ltd. London UK.

"TSCM" Inside Out" by Julian Claxton of Jayde Consulting Pty Ltd. Sydney, Australia

"Computer Security" by Dr. Gordon Mitchell of Future Focus, Inc. Washington State. USA.

"TSCM Challenges Today" by Ed Steinmetz of Steinmetz Associates. Philadelphia, Penn.

"Power Line Analysis using a SDR" by Michael Dever of Dever Clark & Associates of Canberra, Australia.

"Security Podcast Resources and building a network VoIP Tap" by Charles Patterson of Patterson Communications. Tarrytown, NY.

Glenn Whidden, President of ERI and a former CIA officer, created ERI in an effort to bring together TSCM specialists, security practitioners, businessmen and corporate security executives to share information about hostile global espionage activity directed against business and industry. This year’s event was chaired by J.D. LeaSure, President/CEO of ComSec LLC, which resulted in another tremendous success in bringing together this international consortium of "spy hunters". J.D. will also Chair next year’s event at ERI's Annual Membership Conference (To Be Announced). The conference will continue to highlight current and emerging threats, detection methods and effective countermeasures.

Each year, U.S. businesses lose billions of dollars to Corporate Espionage, Industrial Espionage and Economic Espionage. ERI's membership consists of a small, exclusive group of global Technical Surveillance Countermeasures (TSCM) and Cyber Counterintelligence experts whose private businesses are tasked with detecting and neutralizing the threats against your corporation.

For more information please contact ERI Conference chairman, J. D. LeaSure at: or Ph: 703-910-3330

The Espionage Research Institute is dedicated to collecting and promulgating information on hostile espionage activity, which is done through the process of accepting, screening and editing reports of hostile activity as they are received from ERI Associates and its Advisors.

Wednesday, September 14, 2011

Espionage Research Institute (ERI) 2011 Conference: Pits Spy Hunters Against Spies | PRLog

Espionage Research Institute (ERI) 2011 Conference: Pits Spy Hunters Against Spies | PRLog

ASIO chief spooked by cyber spies

THE advent of cyber espionage is serving only to reinvigorate the craft of espionage, making such spying easier than ever, the ASIO chief, David Irvine, said.

Mr Irvine told a national security conference in Canberra last night that espionage, which has taken a back seat to terrorism since the attacks of September 11, 2001, was alive and well.

''Foreign powers will continue to attempt to acquire sensitive political, commercial, military and other information from a variety of sources and means,'' he said.

Mr Irvine has been increasingly vocal on the subject of the cyber threat.

The declaration by Mr Irvine also comes as the government releases a public discussion paper designed to inform next year's cyber white paper - Australia's first attempt at an overarching cyber security strategy.

Recent incidents such as the leaking of more than 250,000 classified US diplomatic cables to WikiLeaks and the intrusion into the parliamentary email system - believed to be by Chinese spies - have underscored the threat.

How hackers find their targets

The rash of large-scale data breaches in the news this year begs many questions, one of which is this: how do hackers select their victims?

The answer: research.

Hackers do their homework; in fact, an actual hack typically takes place only after many hours of first studying the target.

Here’s an inside look at a hacker in action:

  1. Using search queries through such resources as Google and job sites, the hacker creates an initial map of the target’s vulnerabilities. For example, job sites can offer a wealth of information such as hardware and software platform usage, including specific versions and its use within the enterprise.
  2. The hacker fills out the map with a complete intelligence database on your company, perhaps using public sources such as government databases, financial filings and court records. Attackers want to understand such details as how much you spend on security each year, other breaches you’ve suffered, and whether you’re using LDAP or federated authentication systems.
  3. The hacker tries to identify the person in charge of your security efforts. As they research your Chief Security Officer or Chief Intelligence Security Officer (who they report to, conferences attended, talks given, media interviews, etc.) hackers can get a sense of whether this person is a political player or a security architect, and can infer the target’s philosophical stance on security and where they’re spending time and attention within the enterprise.

Monday, September 12, 2011

And, Speaking of Spies....2011 Espionage Research Institute Conference

2011 Espionage Research Institute Conference

This week marks the annual ERI conference in Reston, VA.

The Espionage Research Institute is dedicated to collecting and promulgating information on hostile espionage activity. That is done through the process of accepting, screening and editing reports of hostile activity as they are received from ERI Associates and its Advisors.

The motto of ERI is: "The Biggest Mistake That We Can Make Would Be To Miss The Changes". That expresses the basic reason that ERI exists. It attempts to keep all informed on hostile espionage activity that is directed against business and industry.

Stay tuned later this week for some interesting reports.... ~JDL

Double-O Who? Meet history's unsung spies

Ask most people to name a spy and they will say James Bond. If they are a little more cerebral they might say George Smiley, the spymaster who, having been immortalised by Sir Alec Guinness on the small screen, this Friday comes to the big screen in one of the most eagerly anticipated films of the autumn. In the latest version of John le Carré’s Tinker, Tailor, Soldier, Spy, Gary Oldman is taking on the role of Smiley, with a supporting cast that includes John Hurt and Colin Firth.

But back to our question, which was name a spy. Such is the potency of literature that most people have long since blurred in their imaginations the difference between fictional spies and real-life ones. This is partly because some of the best spy novels were written by former spies, notably Ian Fleming, Graham Greene and, of course, John le Carré.

So let us phrase the question more clearly. Name a real-life spy… Most people will go with the big three: Philby, Burgess and Maclean. Others that pole-vault to mind are Anthony Blunt, George Blake, Dame Stella Rimington, Mata Hari, Eddie Chapman (Agent Zig-Zag), and Peter “Spycatcher” Wright. Those wishing to put the vaulting bar a little higher might also name Guy Liddell, Oleg Gordievsky, Vera Atkins, Melita Norwood, the atomic spy Klaus Fuchs, Richard Sorge and that notorious Soviet spy Harold Wilson.

But what do all these real-life spies have in common?


How 9/11 Completely Changed Surveillance in U.S.


Former AT&T engineer Mark Klein handed a sheaf of papers in January 2006 to lawyers at the Electronic Frontier Foundation, providing smoking-gun evidence that the National Security Agency, with the cooperation of AT&T, was illegally sucking up American citizens’ internet usage and funneling it into a database.

The documents became the heart of civil liberties lawsuits against the government and AT&T. But Congress, including then-Sen. Barack Obama (D-Illinois), voted in July 2008 to override the rights of American citizens to petition for a redress of grievances.

Congress passed a law that absolved AT&T of any legal liability for cooperating with the warrantless spying. The bill, signed quickly into law by President George W. Bush, also largely legalized the government’s secret domestic-wiretapping program.

Obama pledged to revisit and roll back those increased powers if he became president. But, he did not.

Mark Klein faded into history without a single congressional committee asking him to testify. And with that, the government won the battle to turn the net into a permanent spying apparatus immune to oversight from the nation’s courts.


9/11 Never Forget...

Friday, September 9, 2011

Researchers’ Typosquatting Stole 20 GB of E-Mail From Fortune 500 Companies


Two researchers who set up doppelganger domains to mimic legitimate domains belonging to Fortune 500 companies say they managed to vacuum up 20 gigabytes of misaddressed e-mail over six months.

The intercepted correspondence included employee usernames and passwords, sensitive security information about the configuration of corporate network architecture that would be useful to hackers, affidavits and other documents related to litigation in which the companies were embroiled, and trade secrets, such as contracts for business transactions.

“Twenty gigs of data is a lot of data in six months of really doing nothing,” said researcher Peter Kim from the Godai Group. “And nobody knows this is happening.”

Doppelganger domains are ones that are spelled almost identically to legitimate domains, but differ slightly, such as a missing period separating a subdomain name from a primary domain name – as in the case of as opposed to the real domain that IBM uses for its division in Sweden.

Kim and colleague Garrett Gee, who released a paper this week (.pdf) discussing their research, found that 30 percent, or 151, of Fortune 500 companies were potentially vulnerable to having e-mail intercepted by such schemes, including top companies in consumer products, technology, banking, internet communication, media, aerospace, defense, and computer security.


Wednesday, September 7, 2011

Espionage? Second Web Firm Worried After Dutch Hack

A company that sells certificates guaranteeing the security of websites, GlobalSign, said Tuesday it is temporarily halting the issuance of new certificates over concerns it may have been targeted by hackers.

GlobalSign, the Belgian subsidiary of Japan's GMO Internet Inc., is one of the oldest such companies globally, and large, but much smaller than industry giants VeriSign and GoDaddy.

It said in a statement it does not know whether it has actually been hacked, but is taking threats by an anonymous hacker seriously in the wake of an attack on a smaller Dutch firm, DigiNotar, that came to light last week.

The DigiNotar attack is believed to have allowed the Iranian government to spy on thousands of Iranian citizens' communications with Google email during the month of August.

Fallout from the Dutch hack continued Tuesday as the Dutch government, which used DigiNotar to authenticate many of its sites, continued to seek replacements.

Meanwhile the Netherlands' national prosecutors said they were investigating DigiNotar, a subsidiary of Chicago-based Vasco Inc., for possible criminal negligence.

The company did not return phone calls seeking comment.


Tuesday, September 6, 2011

Hackers steal SSL certificates for CIA, MI6, Mossad

The tally of digital certificates stolen from a Dutch company in July has exploded to more than 500, including ones for intelligence services like the CIA, the UK’s MI6 and Israel’s Mossad, a Mozilla developer said on Sunday.

The confirmed count of fraudulently-issued SSL (secure socket layer) certificates now stands at 531, said Gervase Markham, a Mozilla developer who is part of the team that has been working to modify Firefox to blocks all sites signed with the purloined certificates.

Among the affected domains, said Markham, are those for the CIA, MI6, Mossad, Microsoft, Yahoo, Skype, Facebook, Twitter and Microsoft’s Windows Update service.

“Now that someone (presumably from Iran) has obtained a legit HTTPS cert for, I wonder if the US gov will pay attention to this mess,” Christopher Soghoian, a Washington DC-based researcher noted for his work on online privacy, said in a tweet Saturday. Soghoian was referring to assumptions by many experts that Iranian hackers, perhaps supported by that country’s government, were behind the attack.


Administration Wiretaps Israeli Embassy

Leak Offers Look at Efforts by U.S. to Spy on Israel
By SCOTT SHANE, New York Times

WASHINGTON — When Shamai K. Leibowitz, an F.B.I. translator, was sentenced to 20 months in prison last year for leaking classified information to a blogger, prosecutors revealed little about the case. They identified the blogger in court papers only as “Recipient A.” After Mr. Leibowitz pleaded guilty, even the judge said he did not know exactly what Mr. Leibowitz had disclosed.

“All I know is that it’s a serious case,” Judge Alexander Williams Jr., of United States District Court in Maryland, said at the sentencing in May 2010. “I don’t know what was divulged other than some documents, and how it compromised things, I have no idea.”

Friday, September 2, 2011

Julian Assange faces arrest in Australia over unredacted WikiLeaks cables

Julian Assange could face prosecution in Australia after publishing sensitive information about government officials amongst the 251,000 unredacted cables released this week.

WikiLeaks published its entire cache of US diplomatic cables without redactions to protect those named within, a move condemned by all five of the whistleblowing website's original media partners.

Australia's attorney general, Robert McClelland, confirmed in a statement on Friday that the new cable release identified at least one individual within the country's intelligence service. He added it is a criminal offence in the country to publish any information which could lead to the identification of an intelligence officer.

"I am aware of at least one cable in which an ASIO officer is purported to have been identified," he said. "ASIO and other Government agencies officers are working through the material to see the extent of the impact on Australian interests.


HTC Sneaks Spying App into Android 2.3.4 Phones

Looks like HTC has quietly slipped its users a spying app that tracks an alarming amount of user behavior and sends that data off to itself and perhaps others via a mysterious service in the cloud. The snooping app came nestled with the 2.3.4 Android update pushed out to some of its smartphones such as the Sensation 4G and EVO 4G.

TrevE and Team Synergy of the InfectedROM site (and XDA fame), discovered the app. HTC includes an application called Carrier IQ and Carrier IQ recently added a user-behavior logging feature called IQ Insight Experience Manager.

According to the Carrier IQ website: "IQ Insight Experience Manager uses data directly from the mobile phone itself to give a precise view of how users interact with both their phones and the services delivered through them, even if the phone is not communicating with the network. ... Identify exactly how your customers interact with services and which ones they use. See which content they consume, even offline."

But wait there's more. Turns out that after HTC collects these stats, CIQ isn't the only app with access to them.


Thursday, September 1, 2011

Expert says UK government is too preoccupied with launching cyber attacks

A security expert has claimed that the UK is devoting most of its cyber crime fighting efforts to cyber attack, leaving limited resources for defence.

Speaking exclusively to Computing, Ross Anderson, professor of security engineering at the Cambridge University computer laboratory, stated that 90 per cent of the government's recent funding injection into cyber security was going to the UK's offensive capability.

"The spooks - GCHQ [Government Communications Headquarters, pictured] - are getting 90 per cent of this new £650m for cyber security [they are responsible for cyber attacks]. The rest, about £65m, is going to the police."

Anderson blamed the imbalance on the fact that the UK's cyber defence capabilities are organisationally placed within GCHQ, the body responsible for electronic espionage, or cyber attack.

"Like the US, the UK has unfortunately got the government's offensive and defensive arms linked together.

"CESG [Communications-Electronic Security Group], which is supposedly defending the core functions of government against for example cyber espionage by the Chinese, is a small subsidiary of GCHQ whose job is exploiting those sources abroad.

"This mixed mission is very bad policy, because it means defensive interests are always less important than an offensive approach."

Court Affirms Legality Of Recording Police Officers

Last Friday, the U.S. First Circuit Court of Appeals issued a ruling that affirmed, stronger than ever, the rights of individuals to openly record the actions of police officers.

In 2007, a young lawyer named Simon Glik was walking through Boston Common when he saw three police officers arresting a teenager. Glik thought the officers were getting a little rough, so he flipped open his cellphone camera and started shooting video.

The officers arrested Glik for, in their minds, violating the state’s wire-tapping law, even though the whole incident happened out in public and Glik didn’t try to conceal the fact that he was recording.

The ACLU took up Glik’s cause and the courts threw out the charges against him. Since then, the Boston Police Department has been instructing personnel that the state’s wiretapping law does not apply to people making unconcealed audio or video recordings in public. But Glik and the ACLU have pressed on, suing the BPD and the individual officers for violating his First Amendment rights.

The officers moved to have the suit dismissed, saying they were just enforcing an interpretation of the law that was handed down to them by their superiors. But on Friday, the federal court disagreed.


Hacker to be sentenced in LA in 'sextortion' case

LOS ANGELES (AP) — By disguising malicious software as popular songs, hacker Luis Mijangos managed to tap into and control more than 100 computers of young women and teenage girls.

He read their emails, watched them through webcams without their knowledge and most damaging was his discovery of nude photos they had taken of themselves. Mijangos then threatened to post the images online unless his victims were willing to provide more racy photos or videos to him or if they went to police.

Mijangos, 32, of Santa Ana is scheduled to be sentenced Thursday in federal court in what authorities believe is one of the more unusual cases they've seen because they contend Mijangos wasn't interested in getting money. He was motivated by sex.

Prosecutors are asking a judge to impose a seven-year prison sentence against Mijangos, who pleaded guilty in March to one count each of computer hacking and wiretapping.

Calling it "sextortion," authorities said Mijangos infiltrated the most intimate parts of his victims' lives and scarred them for a lifetime.

"He could have hacked into their computers, obtained financial information, deleted the malware and left undetected," prosecutors wrote in court documents. "Instead he made contact with his victims and played psychological games with them intending to inflict emotional harm."

Prosecutors portrayed Mijangos as a savvy and sophisticated computer programmer who monitored every detail of those he watched over the course of 1½ years.


Businesses Increasingly Under Attack From Cyber-Security Threats

Cyber-Criminals Targeting Mobile Devices and Social Media Sites

SAN JOSE, Calif., Sept. 1, 2011 /PRNewswire via COMTEX/ -- SonicWALL, Inc., the leading provider of intelligent network security and data protection solutions, today issued its mid-year cyber-threat intelligence bulletin. The bulletin reveals that businesses are increasingly under attack by cyber-criminals who seek to exploit employees connecting to corporate networks via mobile devices and their rising use of social media. Growth in Android-based malware and social media scams such as click-jacking on Facebook and malicious links sent over Twitter are creating new and heightened levels of business vulnerability from data intrusion, theft and loss. Productivity and profitability are also compromised due to network and application downtime. Data for the bulletin was sourced from the SonicWALL Global Response Intelligent Defense (GRID) Network(TM), which gathers, analyzes and correlates billions of dynamic, real-time global cyber-threats.