In the 1970s, the Soviets managed to intercept top secret communications in the US embassy in Moscow and nobody could figure out how. While an antenna was eventually found hidden in the embassy's chimney, it took years to determine how what data was being collected for transmission and how. As a last resort, all equipment at the embassy was shipped back to the US for analysis. From IEEE Spectrum:

After tens of thousands of fruitless X-rays, a technician noticed a small coil of wire inside the on/off switch of an IBM Selectric typewriter. (NSA engineer Charles) Gandy believed that this coil was acting as a step-down transformer to supply lower-voltage power to something within the typewriter. Eventually he uncovered a series of modifications that had been concealed so expertly that they had previously defied detection.

A solid aluminum bar, part of the structural support of the typewriter, had been replaced with one that looked identical but was hollow. Inside the cavity was a circuit board and six magnetometers. The magnetometers sensed movements of tiny magnets that had been embedded in the transposers that moved the typing “golf ball” into position for striking a given letter.

Other components of the typewriters, such as springs and screws, had been repurposed to deliver power to the hidden circuits and to act as antennas. Keystroke information was stored and sent in encrypted burst transmissions that hopped across multiple frequencies.

For more on this fascinating story, check out former intelligence officer and technologist Eric Haseltine's new book: "The Spy in Moscow Station"

image: IBM Selectric by Oliver Kurmis (CC BY 2.5 Read the rest

The Cyber Independent Testing Lab is a security measurement company founded by Mudge Zadko (previously), late of the Cult of the Dead Cow and l0pht Heavy Industries and the NSA's Tailored Access Operations Group; it has a unique method for assessing the security of devices derived from methods developed by Mudge at the NSA. Read the rest

Well, pretty much everyone saw this lawsuit coming. Read the rest

Andy Greenberg (previously) is Wired's senior security reporter; he did amazing work covering Russian cyberwarfare in Ukraine, which he has expanded into a forthcoming book: Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers (I read it for a blurb and a review; it's excellent). Read the rest

The American ransomware epidemic shows no signs of slowing, as the confluence of underinvestment in IT and information security and the NSA's reckless stockpiling of computer vulnerabilities means that petty criminals can extort vast sums from distant municipalities by seizing their entire networked infrastructure. Read the rest

Trump Administration wants Congress to bring N.S.A.’s deactivated Call Records program back to life.

The whistleblower Edward Snowden announced today that he has written a memoir, Permanent Record, which will go on sale worldwide in more than 20 languages on September 17. Read the rest

The city council of Riviera Beach, Florida has voted unanimously to pay $600,000 to criminals who seized control of the city's computers through a ransomware attack, after three weeks of being locked out of the city systems (the city has also voted to spend $1m replacing its computers). Read the rest

Chinese spies got a hold of NSA hacking tools, and “repurposed them in 2016 to attack American allies and private companies in Europe and Asia,” reports the NYT. How'd they get those cyberweapons? Symantec researchers “believe the Chinese did not steal the code but captured it from an N.S.A. attack on their own computers — like a gunslinger who grabs an enemy’s rifle and starts blasting away.” Read the rest

Former NSA contractor Harold Martin today changed his plea to guilty, on charges of willful retention of national defense information. Read the rest

“It’s time, finally, to put a stake in the heart of this unnecessary government surveillance program and start to restore some of Americans’ liberties,” Wyden said in a statement.

The National Security Agency is reportedly considering ending the mass surveillance program that gathered data about hundreds of millions of telephone call records each year, including ones by Americans. Read the rest

Since 2001, the NSA has secretly ingested the calling records of virtually every US mobile phone subscriber, with the covert participation of the mobile carries; the program -- authorized by a secret order of then-president GW Bush -- remained secret until it was disclosed through documents provided to journalists by the whistleblower Edward Snowden. Read the rest

Former NSA spies have been working for the government of the United Arab Emirates as hacker mercenaries, helping the UAE attack journalists, dissidents, and human rights activists. This is a great read, and a shocking story from Reuters. Read the rest

Stop by and charge your phones @shmoocon! Courtesy of @NSAGov pic.twitter.com/yxIL8mohvi

— Rob Joyce (@RGB_Lights) January 18, 2019

Let me think about that... nope.

(h/t Bob Lord) Read the rest

Former Air Force language specialist and intelligence contractor Reality Winner has been sentenced to 63 months in prison. Read the rest

Andy Greenberg (previously) is a veteran Wired security reporter who has chronicled the frightening and chaotic world of cyberwar since its earliest days; in a forthcoming book called "Sandworm," Greenberg tells the fascinating and terrible tale of Notpetya (previously), a Russian cyberweapon (built on leaked NSA cyberweapons!) that disguised itself as criminal ransomware, but which was designed to identify and destroy key Ukrainian computer systems and networks. Read the rest