How China grabbed NSA hacking tools and used them to attack U.S. allies

Chinese spies got a hold of NSA hacking tools, and “repurposed them in 2016 to attack American allies and private companies in Europe and Asia,” reports the NYT. How'd they get those cyberweapons? Symantec researchers “believe the Chinese did not steal the code but captured it from an N.S.A. attack on their own computers — like a gunslinger who grabs an enemy’s rifle and starts blasting away.” Read the rest

Former NSA contractor Harold Martin pleads guilty to 'willful retention of national defense information'

Former NSA contractor Harold Martin today changed his plea to guilty, on charges of willful retention of national defense information. Read the rest

NSA domestic surveillance debate returns to Congress with 'Ending Mass Collection of Americans’ Phone Records Act'

“It’s time, finally, to put a stake in the heart of this unnecessary government surveillance program and start to restore some of Americans’ liberties,” Wyden said in a statement.

Wyden to Trump: End NSA domestic phone spying program permanently.

The National Security Agency is reportedly considering ending the mass surveillance program that gathered data about hundreds of millions of telephone call records each year, including ones by Americans. Read the rest

The NSA has reportedly stopped data-mining Americans' phone and SMS records

Since 2001, the NSA has secretly ingested the calling records of virtually every US mobile phone subscriber, with the covert participation of the mobile carries; the program -- authorized by a secret order of then-president GW Bush -- remained secret until it was disclosed through documents provided to journalists by the whistleblower Edward Snowden. Read the rest

Ex-NSA American mercenaries for UAE used 'Karma' to hack journalists and human rights activists

Former NSA spies have been working for the government of the United Arab Emirates as hacker mercenaries, helping the UAE attack journalists, dissidents, and human rights activists. This is a great read, and a shocking story from Reuters. Read the rest

Plug in at an NSA charging station

Let me think about that... nope.

(h/t Bob Lord) Read the rest

Former NSA contractor Reality Winner sentenced to 5+ years in prison for leaking secret report on Russian election hacking to The Intercept

Former Air Force language specialist and intelligence contractor Reality Winner has been sentenced to 63 months in prison. Read the rest

The true story of Notpetya: a Russian cyberweapon that escaped and did $10B in worldwide damage

Andy Greenberg (previously) is a veteran Wired security reporter who has chronicled the frightening and chaotic world of cyberwar since its earliest days; in a forthcoming book called "Sandworm," Greenberg tells the fascinating and terrible tale of Notpetya (previously), a Russian cyberweapon (built on leaked NSA cyberweapons!) that disguised itself as criminal ransomware, but which was designed to identify and destroy key Ukrainian computer systems and networks. Read the rest

Which windowless American buildings are secret AT&T/NSA listening posts?

In 2016, Ryan Gallagher and Henrik Moltke published a long, Snowden-derived investigation into AT&T's secret NSA listening station in New York City, and AT&T's extensive complicity in mass, warrantless surveillance on Americans and foreigners. Read the rest

Reality Winner will plead guilty to Espionage Act charges for leaking NSA doc on Russia election hack

Reality Winner, 26, is the whistleblower accused of releasing an NSA document on Russia's attack on U.S. voting systems to reporters at The Intercept. Read the rest

Turning the NSA's vintage internal security posters into t-shirts

Techdirt is in the throes of a two-part revelation: 1. the US government's works are public domain and can be freely commercialized, and; 2. many of the weird things that spy agencies make can be turned into ironic, cool, and sometimes fun and/or beautiful objects of commerce. Read the rest

Vintage internal security posters, pried loose from the NSA's archives

Government Attic used the Freedom of Information Act to force the NSA to cough up its "old security posters from the 1950s and 1960s"; after two years' delay, the NSA finally delivered 139 pages' worth of gorgeous, weird, revealingly paranoid internal materials, produced by an incredibly prolific internal security office who constantly refreshed their poster designs (presumably to keep them from disappearing into the background), all funded with US public money and thus in the public domain for your remixing pleasure (a few dozen of my favorites below!). Read the rest

NSA report discloses that the agency tripled its surveillance of Americans in 2017

One effect of the Snowden leaks is that the NSA now makes an annual disclosure of the extent of its domestic surveillance operations; that's how we know that the NSA collected 534 million phone call and text message records (time, date, location, from, to -- but not the content), which more than triples its surveillance takings in 2016. Read the rest

Senate confirms Paul Nakasone to head NSA and U.S. Cyber Command

The U.S. Senate today confirmed President Donald Trump’s selection to lead the National Security Agency and U.S. Cyber Command. Paul Nakasone will replace Mike Rogers, who is retiring. Read the rest

ISO rejects the NSA's IoT crypto standard, believing it to be backdoored

For three years, International Standards Organization has been wrangling over which cryptographic algorithms will be incorporated into a standard for interoperability in "Internet of Things" gadgets; at issue has been the NSA's insistence that "Simon" and "Speck" would be the standard block cipher algorithms in these devices. Read the rest

Epidemic of cryptojacking can be traced to escaped NSA superweapon

The epidemic of cryptojacking malware isn't merely an outgrowth of the incentive created by the cryptocurrency bubble -- that's just the motive, and the all-important the means and opportunity were provided by the same leaked NSA superweapon that powered last year's Wannacry ransomware epidemic. Read the rest

More posts