Monthly Archives: January 2015

Top cop Nick Kaldas claims ‘massive wrongdoing’ and cover-up in police bugging of his children scandal

Subject of 'intense electronic and other surveillance': Police Deputy Commissioner Nick Kaldas, far right.

Deputy police commissioner Nick Kaldas has accused an internal affairs unit formerly run by two of NSW’s most senior officers – Commissioner Andrew Scipione and his deputy, Catherine Burn – of “massive wrongdoing and habitual illegal acts” in relation to a covert bugging operation more than a decade ago.

In a submission to a parliamentary inquiry examining the operation, codenamed Mascot, Mr Kaldas also sensationally claims illegal activities by the police Special Crime and Internal Affairs (SCIA) unit were “sanctioned and covered up” by the Police Integrity Commission.

Mr Kaldas was one of more than 100 police and civilians bugged by Operation Mascot between 1999-2001.

Mr Scipione was commander of SCIA  at the time, while Ms Burn was head of the team which ran Operation Mascot.

The operation exploded into controversy when it emerged at least one journalist and police not under suspicion of wrongdoing were among those whose names appeared on covert surveillance warrants issued by the Supreme Court.

An internal police operation, Strike Force Emblems, was launched into Operation Mascot in 2003. Its report has never been released, although details have been previously revealed by Fairfax Media.

In his submission Mr Kaldas says documents submitted to the committee show “a level of intense electronic and other surveillance [was] … carried out on every part of my life, home and work, including my ex-wife and children, and was clearly unjustified but in the end yielded not one allegation to be put to me at the end of the operation”.

The submission was published on Thursday morning, as the parliamentary inquiry began hearings into a two-year investigation by the NSW Ombudsman Bruce Barbour into Strike Force Emblems.

Mr Kaldas and Ms Burn are due to give evidence on Friday. Mr Scipione and Mr Barbour are scheduled to appear on Tuesday.

In her submission to the inquiry, Ms Burn strongly denied any wrongdoing.

Ms Burn denies she directed internal affairs police “to use illegal warrants to secretly record conversations of my rivals in the police force”, in particular Mr Kaldas, when she did not suspect him of wrongdoing.

Ms Burn also denied directing use of illegal warrants to bug Mr Kaldas “as part of a personal vendetta”.

The inquiry – which is opposed by the NSW government, was established in response to concerns about the time being taken for Mr Barbour to complete his investigations and the nature of his inquiries.

Earlier on Thursday, committee chairman Robert Borsak accused NSW attorney-general Brad Hazzard of seeking to “bribe” him into withdrawing from the inquiry, which the government opposes.

The inquiry heard from Channel Seven journalist Steve Barrett, whose name appeared on one of the bugging warrants.

Barrett said he was mystified as to why he appeared on the warrant but suggested that either Supreme Court judges had been “duped” or “no one checked”.

ooo

Henry Sapiecha

Snowden files show Canada spy agency operates global Internet watch: CBC

A sign is pictured outside the Communications Security Establishment (CSE) headquarters in Ottawa January 28, 2015. REUTERS-Chris Wattie

(Reuters) – Canada’s electronic spy agency has been intercepting and analyzing data on up to 15 million file downloads daily as part of a global surveillance program, according to a report published on Wednesday.

Critics said the revelations – made in 2012 documents obtained by U.S. whistleblower Edward Snowden – showed much more oversight was needed over the Communications Security Establishment, or CSE.

The documents are the first indication from the Snowden files to show Canada has launched its own massive, globe-spanning Internet surveillance in a bid to counter extremists.

The covert dragnet, nicknamed Levitation, has covered allied countries and trading partners such as the United States, Britain, Brazil, Germany, Spain and Portugal, the report by CBC News and journalist Glenn Greenwald said.

CBC said the CSE nets what it said the agency calls 350 “interesting download events” each month.

CSE is a secretive body, which like the U.S. National Security Agency, or NSA, monitors electronic communication and helps protect national computer networks. It is not allowed to target Canadians or Canadian corporations.

In the past, CSE has faced allegations that it has improperly intercepted Canadians’ phone conversations and emails. CSE says it has safeguards in place to protect any information about Canadians it might inadvertently collect.

An independent watchdog monitors CSE, but the watchdog’s powers are limited. Opposition parties moved in Parliament last October to give it a more robust role but were defeated by the governing Conservatives.

“We need to make sure there is proper public oversight of our national security agencies … we have very serious concerns about how this government is keeping Canadians safe,” said Justin Trudeau, leader of the opposition Liberal Party.

The Liberals lead most polls ahead of an October 2015 election.

Among CSE’s hauls, the eavesdropping program has discovered a German hostage video and an uploaded document that revealed the hostage strategy of an al-Qaeda wing in North Africa, the CBC said.

The agency did not confirm the report, saying in a statement that “CSE’s foreign signals intelligence has played a vital role in uncovering foreign-based extremists’ efforts to attract, radicalize, and train individuals to carry out attacks”.

The Snowden documents show the agency has sifted through 10 million to 15 million uploads a day of videos, music documents and other files hosted by 102 file-sharing websites.

Canada is part of the Five Eyes intelligence-sharing network, along with the United States, Britain, Australia and New Zealand.

In 2013, Brazilian President Dilma Rousseff demanded an explanation from Canada after a media report, also based on Snowden documents, said CSE spied on the South American country’s mines and energy ministry.

Wesley Wark, one of Canada’s top security experts, said Levitation might well be covered by CSE’s foreign intelligence mandate, but questioned its effectiveness.

“Does this massive trawling of free download sites aimed at detecting terrorist communications or identities really deliver useful intelligence?” asked Wark, a University of Ottawa professor, noting CSE had talked of only two successes.

In November 2013, the CBC cited other Snowden documents that it said showed Canada had allowed the NSA to conduct widespread surveillance during the 2010 Group of 20 summit in Toronto.

Last August, the government watchdog said CSE should tighten its procedures for handling the private calls and emails it intercepts.

OOO

Henry Sapiecha

 

Public hearing into proposed Maritime Patrol Aircraft Replacement facilities

Public hearing into proposed
Maritime Patrol Aircraft Replacement facilities

The Public Works Committee is conducting a public hearing into the proposed facilities, infrastructure and airfield requirements for the Maritime Patrol Aircraft Replacement Capability Project (AIR7000 Phase 2B).The project being examined by the Committee will provide the facilities, infrastructure and airfield works to support the new aircraft. The works will take place at the main operating base, RAAF Base Edinburgh (SA), the forward operating bases, RAAF Bases Darwin (NT), Pearce (WA) and Townsville (Qld), and HMAS Stirling (WA).Works are expected to begin in October 2015 at RAAF Base Edinburgh and HMAS Stirling, with works at the forward operating bases planned to commence in 2018. All works are expected to be completed by the end of 2020. The estimated cost of the project is $707.9 million, excluding GST.Public Hearing Venue: Education Development Centre, 4 Milner St, Hindmarsh, SA
Date: Thursday, 29 January 2015
Time: 2.00pm to 3.00pm

Members of the public are welcome to attend.

Full details on the project are available on the Committee’s website: www.aph.gov.au/pwc

NB the Public Works Committee is neither involved in the tendering process nor the awarding of contracts. Enquiries on those matters should be addressed to the Department of Defence.

For interview: Contact the office of Mr Graham Perrett MP, Deputy Chair, on (07) 3344 2622.

For further information, including the public hearing times, and copies of submissions when they become available, please visit the Committee website http://www.aph.gov.au/pwc or contact the Committee Secretariat on (02) 6277 4636.

Media release date: 28 January 2015

Public hearings on Data Retention Bill

Public hearings on Data Retention Bill

Parliament’s Intelligence and Security Committee will hold public hearings this Thursday and Friday for its inquiry into the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014.A wide range of government and non-government organisations will be represented at the hearings, including telecommunications companies, IT industry bodies, legal experts, media and consumer organisations.The Committee will also hear from state and federal police forces, as well as independent statutory authorities including the Commonwealth Ombudsman, the Australian Privacy Commissioner, the Inspector-General of Intelligence and Security and the Australian Human Rights Commission.

The Data Retention Bill seeks to implement a mandatory telecommunications data retention regime. It contains measures to require telecommunications suppliers in Australia to retain certain data for two years. The data would not include a person’s web-browsing history, or the content of a communication, email or social media post. The Bill would also limit those able to access telecommunications and stored data to enforcement agencies with a demonstrated need and with appropriate internal procedures to protect privacy.

The Chair of the Committee, Mr Dan Tehan MP, said “While the Committee’s first hearing in December focused on the nature of the proposed data set and the utility of that data for law enforcement and security agencies, at this week’s hearings we expect to discuss a very broad range of issues.

“We will be considering the appropriateness of the data retention regime proposed in this Bill and its application to the investigation and prosecution of serious criminal offences and to countering threats to national security. Safeguards and oversight will be a key focus for the Committee.”

Details of the hearings are as follows:                                                     Thursday, 29 January 2015 – 8.30am to 6.20pm
Committee Room 2R1, Parliament House, Canberra

Friday, 30 January 2015 – 8.00am to 1.30pm
Committee Room 2R1, Parliament House, Canberra

The committee has received nearly 200 written submissions to date from a broad range of sources. The due date for submissions passed on 19 January, and the Committee intends to report by 27 February 2015.

Further information about the inquiry, including programs for the two hearings and copies of submissions, can be accessed via the Committee’s website at http://www.aph.gov.au/pjcis. The Bill and Explanatory Memorandum can be accessed via http://www.aph.gov.au/Parliamentary_Business/Bills_Legislation.

For media comment, please contact the Office of the Chair, Dan Tehan MP, on 6277 4393 (Parliament House) or 03 5572 1100 (Electorate).
For inquiry information, please contact the Committee Secretariat on 02 6277 2360 or email dataretention@aph.gov.au.

Media release date: 28 January 2015

ooo

Henry Sapiecha

China says Snowden’s stealth F-35 jet hack accusations ‘groundless’

ooo

(Reuters) – China dismissed accusations that it stole F-35 stealth fighter plans as groundless on Monday, after documents leaked by former U.S. intelligence contractor Edward Snowden on a cyber attack were published by a German magazine.

The Pentagon has previously acknowledged that hackers had targeted sensitive data for defense programs such as the F-35 Joint Strike Fighter, but stopped short of publicly blaming China for the F-35 breach.

Defense experts say that China’s home-grown stealth jets had design elements resembling the F-35.

The Pentagon and the jet’s builder, Lockheed Martin Corp, had said no classified information was taken during the cyber intrusion.

German magazine Der Spiegel on Saturday published a cache of Snowden documents, including a top secret U.S. government presentation that said China stole “many terabytes” of data on the F-35 program, including radar designs and engine schematics.

“The so-called evidence that has been used to launch groundless accusations against China is completely unjustified,” Foreign Ministry spokesman Hong Lei told reporters.

ooo

Hong said the “complex nature” of cyber attacks makes it difficult to pinpoint the relevant attacker, adding that China wanted to work with other countries to prevent hacking.

“According to the materials presented by the relevant person, some countries themselves have disgraceful records on cyber security,” Hong added.

Snowden’s 2013 revelations of the broad reach of the National Security Agency’s (NSA) spying program sparked international outrage.

Lockheed Martin is producing the F-35 for the U.S. military and allies in a $399 billion project, the world’s most expensive weapons program.

It is intended to deliver advanced stealth capabilities, improved manoeuvrability and high-tech sensors, but the program has struggled with delays and budget overruns.

China unveiled its highly anticipated J-31 twin-engine fighter jet at an air show late last year in a show of muscle during a visit to the country by U.S. President Barack Obama.

The aircraft’s maker, Aviation Industry Corp of China, caused a stir when its president, Lin Zuoming, said the jet could “take down” the F-35.

President Xi Jinping has pushed to toughen the country’s 2.3 million-strong armed forces as China takes a more assertive stance in the region, particularly in the South China and East China seas.

ooo

Henry Sapiecha

UK and U.S. intelligence agencies to increase cyber security co-operation

Britain's Prime Minister David Cameron speaks at a debate to promote the EU-US trade deal, in Brussels

(Reuters) – Britain and the United States will increase cooperation on cyber security, Prime Minister David Cameron said, setting up “cyber cells” to share intelligence and conduct simulated attacks to test the defences of organisations such as banks.

Cameron is on a two-day visit to Washington focused on the economy and security, and is due to have a second meeting with President Barack Obama on Friday at the White House.

“We have got hugely capable cyber defences, we have got the expertise and that is why we should combine as we are going to, set up cyber cells on both sides of the Atlantic to share information,” Cameron told the BBC in an interview aired on Friday.

The cooperation between Britain’s GCHQ eavesdropping agency and the U.S. National Security Agency will include joint war games, with the first exercise later this year to involve the Bank of England and commercial banks in both the City of London and Wall Street, the BBC reported.

“This is a real signal it is time to step up the efforts and to do more,” said Cameron.

The British leader said he also planned to discuss with Obama how the two countries could work more closely with big Internet companies such as Facebook and Google to monitor communications between terror suspects.

ooo

Henry Sapiecha

RACECAR DRIVER NASCAR’s Busch says ex-girlfriend is ‘assassin’

ooo

May 16, 2014; Indianapolis, IN, USA; IndyCar Series driver Kurt Busch sits in his car during practice for the day for the 2014 Indianapolis 500 at Indianapolis Motor Speedway. Brian Spurlock-USA TODAY Sports

(Reuters) – NASCAR champion Kurt Busch, testifying about a request for a protective order against him, said his ex-girlfriend is a trained assassin sent on covert missions who once returned to their hotel room in a blood-splattered evening gown.

Busch is casting Patricia Driscoll as a jilted lover who wants to destroy the race car driver’s reputation.

“Everyone on the outside can tell me I’m crazy, but I lived it on the inside,” Busch testified Tuesday in a Delaware court.

Busch, a winner of 25 races and the NASCAR champion in 2004, said he and Driscoll were once in El Paso, Texas, where Driscoll had left that night in camouflage and boots.

She returned to the hotel at which he was staying wearing a trench coat, Busch testified, and under it she was wearing an evening gown splattered with blood and other matter.

Busch said Driscoll was dispatched on missions across Central and South America and Africa.

Driscoll has accused the 36-year-old driver of slamming her head against the bedroom wall of his motorhome while they were at Dover International Speedway. Busch has denied he ever physically abused Driscoll.

Busch, during the four-day hearing that concluded Tuesday, said he ended his relationship with Driscoll last autumn because she was taking up too much of his time and he needed to focus on racing.

Driscoll, 37, runs her own surveillance system company and oversees the Armed Forces Foundation, a non-profit to support the military that has partnered with NASCAR.

It could be weeks before Commissioner David Jones issues a final decision on a protection order.

ooo

Henry Sapiecha

 

Thieves Stole Usernames, Passwords & Used them to Break into Airline Accounts

ooo

DALLAS (AP) — Thieves with stolen usernames and passwords have broken into customer accounts at American and United airlines and in some cases booked free trips or upgrades.

The airlines say the incidents happened in late December. American began notifying affected customers by email, a spokeswoman said.

ooo

Some travel websites are fighting this type of fraud by adding steps to the login process, and they warn against using the same username and password on more than one site.

United Airlines spokesman Luke Punzenberger said thieves booked trips or made mileage transactions on up to three dozen accounts. United notified customers in late December, and Punzenberger said the airline would restore miles to anyone who had them stolen.

American Airlines spokeswoman Martha Thomas said that about 10,000 accounts were affected and some have been frozen while the airline and customer set up new accounts, starting with customers who have at least 100,000 miles. She said the airline has learned of two cases in which somebody booked a free trip or upgrade without the account holder’s knowledge.

Thomas said that American would pay for a credit-watch service for one year for affected customers.

Both were quick to say that nobody hacked their systems — that thieves got usernames and passwords somewhere else and tried to use them to log into American’s AAdvantage and United’s MileagePlus, hoping that the login information would be the same. They said that other information such as entire credit-card numbers was not exposed.

The representatives said they did not know how thieves acquired the usernames and passwords.

Punzenberger said that United has begun requiring customers to also enter their MileagePlus number when logging in.

Hilton Hotels recently began requiring members of its rewards program to click a link declaring that “I am not a robot,” then enter a numeral generated by the site to complete the login process.

ooo

Henry Sapiecha

Perhaps New Government enforced Cyber Security Regulations should be in place?

ooo

If President Barrack Obama has his way, companies may soon have new cybersecurity regulations to deal with.

In light of breaches at companies like Home Depot and Target, the president is proposing legislation that would require companies to inform their customers whether their data has been compromised within 30 days called the Personal Data Notification and Protection Act.  The act would also make it a crime to sell customers’ identities overseas.

While it is unclear whether or not any legislation will be passed, it is worth keeping an eye on for the business continuity community.

At the very least, this bill is going to result in a new federal regulation to comply with in the event it is passed.  It is too early in the game to tell what exactly those regulations will be, as the act will likely undergo changes before it goes to a vote, but it is entirely possible that companies will need to make some changes to their current plans or programs.  Even if a company already has a policy about notifying customers about their data being in jeopardy, new federal regulations will require action.

It seems as if the government is beginning to take cyber security more seriously.  With all the major data breaches last year, including the Sony hack that has since been traced to North Korea, it is clear that cyber threats aren’t going away anytime soon.  Whether or not the Personal Data Notification and Protection Act becomes the law of the land, it’s time for businesses to seriously start looking at their cyber security policies and making sure they are up to date.

ooo

Henry Sapiecha