In a leaked "weaponized information" catalog, Indian cyberarms dealer offers blackest-ever SEO

1472825788119723

In 2014, an Indian company called Aglaya brought a 20-page brochure to ISS World (AKA the Wiretappers' Ball -- the annual trade fair where governments shop for surveillance technology): the brochure laid out the company's offerings, which ranged from mobile malware for Ios and Android to a unique "Weaponized Information" selection that combined denial-of-service with disinformation to "discredit a target" online. Read the rest

French spy boss admits France cyberattacked Iran, Canada, Spain, Greece, Norway, Ivory Coast, Algeria, and others

050 056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1191

Bernard Barbier presided over DGSE, France's answer to NSA, during the agency's period of fast growth, spending €500M and adding 800 new staffers; in a recent speech to a French engineering university Ecole Centrale Paris, Barbier spilled a ton of secrets, apparently without authorisation. Read the rest

A powerful attacker is systematically calibrating an internet-killing tool

050 056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1181

Someone -- possibly the government of China -- has launched a series of probing attacks on the internet's most critical infrastructure, using carefully titrated doses of denial-of-service to precisely calibrate a tool for shutting down the whole net. Read the rest

Was NSA Hacked? Leak from 'Shadow Brokers' suggests so, Russian intelligence suspected

GARY CAMERON/REUTERS

As our Cory Doctorow reported previously, a previously unheard of hacker group calling themselves The Shadow Brokers announced this week it had stolen a trove of ready-to-use cyber weapons from The Equation Group (previously), an advanced cyberweapons dealer believed to be operating on behalf of, or within, the NSA.

The Shadow Brokers are auctioning the weaponized malware off to the highest bidder. Read the rest

Chinese opsec funnies: your foreign boyfriend is a western spy!

WXAX12-1

In this Chinese government comic book, women are warned that mysterious foreign strangers who pitch woo at them are secretly Western spies trying to get at their government secrets. Read the rest

Turns out the U.S. military really is dropping “cyber bombs” on ISIS

Daily Beast

There's been an awful lot of talk about “cyber pathogens” and “cyber bombs” lately from the mouths of American officials discussing terrorism, and how we will vanquish it. President Obama mentioned “cyber ops” against Islamic State terrorists in one recent address. Today, we know a little more about what was behind last week's cyber-hawkish hacking headlines.

Read the rest

U.S. military claims to be dropping 'cyber bombs' on ISIS

Robert Work, U.S. Deputy Secretary of Defense,  April 7, 2016.  REUTERS

America's military forces are dropping "cyber bombs" on Islamic State terrorist groups for the first time, Deputy Defense Secretary Robert Work told reporters accompanying him on a military flight on Tuesday.

The ISIS internet attacks, whatever the particulars really may be, are part of a stepped-up coordinated effort to put increasing pressure on the militant organization.

Read the rest

Everybody knows: FBI won't confirm or deny buying cyberweapons from Hacking Team

1449679579152245

Back in July, a hacker dumped the emails and other files from Hacking Team, Italy's notorious cyber-arms dealer. Coincidentally, Vice had recently filed a Freedom of Information Act request with the FBI, asking if they were buying cyberweapons from Hacking Team. Read the rest

Cyber-arms dealer offers $1M for weaponizable Iphone bugs

ios-9-jailbreak

Zerodium, a new firm started by the founder of notorious French arms dealers Vupen, have put out the $1M bounty for unpublished vulnerabilities in the Iphone; they plan on keeping these vulns a secret so that they can be turned into cyberweapons and sold to repressive governments who want to use them to spy on their citizens using their own phone cameras, mics, and keyboards. Read the rest

The End of the Internet Dream: the speech that won Black Hat (and Defcon)

"The End of the Internet Dream," cyberlawyer Jennifer Granick's keynote at Black Hat, was all anyone could talk about at this year's Defcon -- Black Hat being the grown-up, buttoned-down, military-industrial cousin to Defcon's wild and exuberant anarchy. Read the rest

Shining light on the shadowy, "superhuman" state-level Equation Group hackers

For more than decade, a shadowy, heavily resourced, sophisticated hacker group that Kaspersky Labs calls the Equation Group has committed a string of daring, cutting-edge information attacks, likely at the behest of the NSA. Read the rest

Hackers in Iran set up fake news websites in cyberattack on US

"An elaborate, three-year cyberespionage campaign against United States military contractors, members of Congress, diplomats, lobbyists and Washington-based journalists has been linked to hackers in Iran." The NYT's Nicole Perlroth has more from a report released this week by the Dallas computer security firm iSight Partners. Read the rest

US gov may block Chinese nationals from Defcon hacker event

The US government may use visa restrictions to ban hackers from China from participating in the 2014 Defcon hacker conference in Las Vegas. The move is part of a larger effort by the US to combat Chinese internet espionage.

Read the rest

US indictment of Chinese hackers is kinda awkward

A map of China is seen through a magnifying glass on a computer screen showing binary digits in Singapore in this January 2, 2014 photo illustration. Picture taken January 2, 2014. REUTERS/Edgar Su.

The Justice Department this week indicted five hackers linked to China’s People’s Liberation Army. The hackers are accused of stealing data from six US companies, and represent a "cyberwar" escalation with China: what was a diplomatic discomfort is now a criminal matter. "But cybersecurity policy-watchers say that the arrival of the indictments in the wake of Snowden’s serial revelations could both lessen the charges’ impact and leave American officials open to parallel criminal allegations from Chinese authorities," writes Wired's Andy Greenberg. Read the rest

Leaked doc shows USA has started an Internet War: Schneier

Bruce Schneier points out that the leaked top-secret list of electronic attack targets picked by the Obama administration is tantamount to a declaration of Internet War on foreign powers, and shows the US government planning attacks that make the much-vaunted Chinese attacks on the USA look tame by comparison.

That's the key question: How much of what the United States is currently doing is an act of war by international definitions? Already we're accusing China of penetrating our systems in order to map "military capabilities that could be exploited during a crisis." What PPD-20 and Snowden describe is much worse, and certainly China, and other countries, are doing the same.

All of this mapping of vulnerabilities and keeping them secret for offensive use makes the Internet less secure, and these pre-targeted, ready-to-unleash cyberweapons are destabalizing forces on international relationships. Rooting around other countries' networks, analyzing vulnerabilities, creating back doors, and leaving logic bombs could easily be construed as an act of war. And all it takes is one over-achieving national leader for this all to tumble into actual war.

It's time to stop the madness. Yes, our military needs to invest in cyberwar capabilities, but we also need international rules of cyberwar, more transparency from our own government on what we are and are not doing, international cooperation between governments and viable cyberweapons treaties. Yes, these are difficult. Yes, it's a long slow process. Yes, there won't be international consensus, certainly not in the beginning. But even with all of those problems, it's a better path to go down than the one we're on now.

Read the rest

Wired profiles NSA's Keith Alexander, the general leading America into cyberwar

Illustration for WIRED by Mark Weaver

"Infiltration. Sabotage. Mayhem. For years four-star general Keith Alexander has been building a secret Army capable of launching devastating cyberattacks. Now it's ready to unleash hell."

In this month's Wired Magazine, James Bamford profiles Keith Alexander, the man who runs cyberwar efforts for the United States, "an empire he has built over the past eight years by insisting that the US’s inherent vulnerability to digital attacks requires him to amass more and more authority over the data zipping around the globe."

The claims in Edward Snowden's leaks are the tip of one big, secret iceberg.

Read: NSA Snooping Was Only the Beginning. Meet the Spy Chief Leading Us Into Cyberwar (Wired.com) Read the rest

Another Top Secret leak: Obama's cyber-war hit-list

Glenn Greenwald and the Guardian have published details of another Top Secret US surveillance/security document. This one is a presidential order from Obama to his top spies directing them to draw up a hit-list of "cyber war" targets to be attacked by American military hacking operations.

The 18-page Presidential Policy Directive 20, issued in October last year but never published, states that what it calls Offensive Cyber Effects Operations (OCEO) "can offer unique and unconventional capabilities to advance US national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging".

It says the government will "identify potential targets of national importance where OCEO can offer a favorable balance of effectiveness and risk as compared with other instruments of national power".

The directive also contemplates the possible use of cyber actions inside the US, though it specifies that no such domestic operations can be conducted without the prior order of the president, except in cases of emergency.

The document further contemplates preemptive first strikes on foreign targets.

As Greenwald points out, this document has been published on the eve of a meeting between Obama and the Chinese Premier Xi Jinping. China has been publicly accused by the USA of carrying out electronic attacks on American infrastructure, and Xi has rebutted by saying that the US has engaged in aggressive "cyber-war" attacks on Chinese infrastructure. This document lends credence to Xi's claim.

Obama orders US to draw up overseas target list for cyber-attacks Read the rest

More posts