Category Archives: COUNTRIES

Five Eyes, Nine Eyes & 14-Eyes Countries and VPNs Important to know when using (or planning to use) a VPN

The content herein is part of an article published in a VPN site where at the end of this short introduction there will be a link to take you to a lot more viewpoints & info. ENJOY.

This article will discuss available VPNs in relation to the 5 Eyes, the 9 Eyes and the 14 Eyes government surveillance alliances.

Encryption is the only way to protect private communications. While there are encrypted messaging systems that can be used for direct correspondence, virtual private networks (VPNs, also based on encryption) are the best tools for hiding internet activity, such as which websites are visited. Again, there are valid reasons to do so: to protect the privacy of religion, sexual orientation and sensitive medical conditions; all of which can be inferred from visited websites.

Background

During the second world war, US and UK intelligence agencies worked closely on code-breaking. After the war, the UK center at Bletchley Park evolved into the Government Communications Headquarters (GCHQ). The American service evolved into the National Security Agency (NSA). In 1946, the working relationship between the two countries was formalized in the UKUSA agreement. It worked on signals intelligence (SIGINT); that is, the interception and analysis of adversarial telecommunications.

In order to provide global coverage for communications interception, Australia, New Zealand and Australia joined the UK and the USA – and became known as the Five Eyes.

However, such is the NSA’s global dominance of intelligence gathering, other countries have sought to cooperate in return for specific ‘threat’ information from the NSA. This has led to other SIGINT groupings: the 9 Eyes and the 14 Eyes.

The operation of these intelligence agencies was long kept secret. As global communications have increased – and as perceived threats have grown (first in the Cold War between east and west and more recently in the ‘war on terror’), the 5 Eyes in particular began to secretly use technology to gather everything for later analysis. GCHQ, for example, had a secret project called Mastering the Internet. None of this was publicly known.

In 2013, NSA whistleblower Edward Snowden leaked thousands of top secret NSA and GCHQ documents showing, for the first time, the extent to which national governments spy on everybody. It is always done in the name of ‘national security’, and both the relevant agencies and their governments insist on their right to do so.

MORE HERE

Henry Sapiecha

Labor senator Sam Dastyari warned wealthy Chinese donor Huang Xiangmo his phone was tapped

Labor senator Sam Dastyari warned Chinese Communist Party-linked political donor Huang Xiangmo last year that his phone was likely tapped by government agencies, including the US government.

Before the two spoke, Mr Dastyari gave Mr Huang counter-surveillance advice, saying they should leave their phones inside and go outside to speak.

The face-to-face meeting between the pair in the grounds of Mr Huang’s Mosman mansion in Sydney last October came several weeks after Mr Dastyari quit the frontbench over his dealings with Mr Huang.

It also occurred after ASIO briefed senior political figures, including from the Australian Labor Party, that Mr Huang was of interest to the agency over his opaque links to the Chinese government.

Security agencies have the capacity to use mobile phones as surveillance devices without a user’s knowledge.

A Canberra source with knowledge of the meeting said on background that Mr Dastyari blamed the US government for the scandal that earlier enveloped him and Mr Huang and said he was the subject of surveillance, including by the US government.

Details of the phone tap warning and other dealings involving the pair have been collected by national security officials, Fairfax Media has confirmed, and the revelations are likely to spark debate about sweeping reforms proposed by the Turnbull government to counter foreign interference in Australia.

Attorney-General George Brandis said the revelation raised questions about Mr Dastyari’s loyalty.

“This comes at a time when members and senators are under intense scrutiny over whether they hold dual citizenship. Of the 226 Australians elected at the 2016 federal election, the person whose allegiance to Australia is most in question is Sam Dastyari,” Mr Brandis said.

The Mosman meeting occurred more than a month after media reports in early September last year that ASIO’s top spy, Duncan Lewis, had warned Labor “that some of their donors had strong links to the Chinese Government”.

Those same media reports also detailed dealings between Mr Dastyari and Mr Huang. Among them were that Mr Huang had paid a $5000 legal bill for Mr Dastyari, and that Mr Huang had told a Chinese Communist Party newspaper that “political demands and political donations” should be linked.

Also among the revelations that damaged Mr Dastyari were comments he reportedly made at a press conference with Mr Huang that contradicted Labor policy on the South China Sea, and echoed Beijing’s policy position.

These events led to Mr Dastyari’s resignation from the Labor frontbench on September 7 last year.

Two Labor sources have also confirmed that, shortly after these events, Opposition Leader Bill Shorten warned Mr Dastyari through a “back channel” that ASIO had concerns about Mr Huang. Mr Shorten’s office declined to answer questions about if or when this occurred, although a source with first-hand knowledge of the ASIO warning relayed to Mr Dastyari said it was generic and did not contain any classified information known to Mr Shorten.

On Monday, Fairfax Media asked Mr Dastyari why he had told Mr Huang his phone was tapped, and why he advised him to move outside his house and not to speak near his phone.

Mr Dastyari responded: “I reject any assertion that I did anything other than put to Mr Huang gossip being spread by journalists.”

Fairfax Media also asked Mr Dastyari why he met Mr Huang in person, rather than calling him, and why he thought a face-to-face meeting was appropriate weeks after the extensive public reporting about ASIO’s concerns regarding Chinese Communist Party-connected donors.

Mr Dastyari said: “After the events of last year, I spoke to Mr Huang to tell him that I did not think it was appropriate that we have future contact. I thought it was a matter of common courtesy to say this face to face.”

Mr Dastyari has since begun his public rehabilitation, and was promoted to deputy senate whip in February.

Mr Dastyari said on Monday: “I have never received a security agency briefing, or received any classified information about any matter, ever. I’ve never passed on any protected information – I’ve never been in possession of any.”

His statement did not address what fellow Labor officials had told him about Mr Huang.

Mr Huang, a billionaire property developer, has close ties to the Chinese consulate in Sydney and, until the weekend, headed a Sydney organisation aligned with the Chinese Communist Party’s political lobbying and propaganda agency, the United Front Work Department.

On Saturday, Mr Huang stepped down as chairman of the Australian Council for the Promotion of the Peaceful Reunification of China (ACPPRC), and was lauded as a “banner” and likened to a patriotic flag who had made “heroic achievements” in the past year.

On September 14, 2016, weeks prior to the Mosman meeting, US ambassador John Berry said the US was concerned about Chinese government involvement in Australian politics, in remarks reported in connection to Mr Dastyari’s dealings with Mr Huang.

On September 28, also prior to the meeting, Mr Huang dispatched members of the ACPPRC for a meeting in Beijing with a senior Chinese government official, who directed the members to “make allies to obtain international support” and contribute to the “great revitalisation of the Chinese nation”.

ASIO began an assessment of Mr Huang’s citizenship application in early 2016. The application remains blocked by ASIO and, earlier this year, national security officials interviewed Mr Huang at a secure Sydney CBD location.

Fairfax Media and Four Corners have previously revealed that after the citizenship request first stalled in early 2016, Mr Huang asked Mr Dastyari to intervene on his behalf. Mr Dastyari or his office called immigration officials four times in the first six months of 2016, but the senator has described this contact as routine.

The Turnbull government is planning to introduce news laws this year to counter foreign interference from Beijing and other nations and require agents or official advocates of foreign governments to register under a foreign agents registration act. The latter reform may concern ex-senior Liberal and Labor figures who work for companies or institutions controlled or directed by Beijing or its proxies.

A former intelligence officer told Fairfax Media that the instruction to Mr Huang to talk not within the vicinity of his phone amounts to counter-surveillance advice. Mr Dastyari is a security-conscious member of federal parliament who, along with many colleagues, uses encrypted applications to communicate.

Henry Sapiecha

Australia likely to get its own GDPR

Everyone in the Australian cybersecurity ecosystem has a role to play to ensure the security of the nation, according to Nationals Senator Bridget McKenzie.

The mandatory data breach notifications laws coming into effect in Australia next year will be followed by other laws to ensure everyone in the digital ecosystem — including government divisions, large corporates, small to medium-size enterprises (SMEs), and consumers — are playing their role in keeping Australia “cyber secure”, according to Senator Bridget McKenzie.

McKenzie, who is the chair of the Foreign Affairs, Defence, and Trade Legislation Committee, likened cyber breaches to the “system of disease in the pre-industrial revolution that just swept through”.

“Cyber breaches have the capacity to wipe out industries, wipe out systems, wipe out communities, if every member of that community or that cyber ecosystem isn’t following best practice when it comes to keeping their information secure,” McKenzie told ZDNet at the Australian Computer Society’s Reimagination Thought Leaders’ Summit.

“It’s not just defence’s job or ASIO’s or DSTO’s or the government’s indeed, but every SME and private homeowner needs to have an eye for cybersecurity, making sure their data’s safe.”

McKenzie said mandatory data breach notifications laws, set to come into effect next year, is a step towards keeping organisations alert and accountable, with other laws expected to be introduced in Australia in the upcoming years, possibly similar to those coming into effect next year in the European Union.

The European Union’s (EU) General Data Protection Regulation (GDPR) will require organisations around the world that hold data belonging to individuals from within the EU to provide a high level of protection and explicitly know where every piece of data is stored.

Organisations that fail to comply with the regulation requirements could be fined up to €20 million, or, in the case of an undertaking, up to 4 percent of the total worldwide annual turnover of the preceding financial year — whichever is higher.

“No longer can you say, ‘Oh I’ll leave it to someone else because the flow-on effects, the interconnectedness, the Internet of Things, is such that if one member of that web, if you like, has a security breach, it has flow-on effects for everybody involved,” McKenzie said.

Additionally, Australians need to have the confidence that they can share private information such as their health details and not have it end up in the public sphere, otherwise the nation will not be able to experience the full benefits of technology, McKenzie said.

Shadow Minister for the Digital Economy Ed Husic said, however, that the government has a long way to go in building that confidence, given 50,000 Australians have been affected by a government data breach that occurred in October. He noted that the breach was not a technological error, but a human error.

“How do we build consumer or citizen confidence about protection of privacy?” Husic said. “50,000 people were affected by a data breach across government, releasing details of passwords and credit cards. It’s not all tech related … people often blame tech for this. It’s people and the way that they use data and it’ll be interesting to see the details that come out on this in the next few days.”

“This data breach occurred back in October, no public explanation of it, no detail about what was known, what was being done to fix it. If we want people to be confident that data is being used well by government, then the government’s got a long way to go to build that confidence.”

Husic added that the government needs to lead by example; it should be notifying the public about data breaches if it wants businesses to do the same.

“[The government’s] got to do some things itself. And you can’t lecture business about getting focused on cybersecurity if you’re losing your own moral authority … because you’re not looking after data within your own batch,” he said.

McKenzie believes in Australia’s growing status as a cybersecurity hub, saying that the nation is equipped with the right expertise in this area. She added that Australia is in the process of creating a strong cybersecurity industry capable of exporting.

“Our law enforcement and intelligence agencies are world-class. We’re also part of Five Eyes, which means we have a lot of access to information and technology and collaboration opportunities,” she said. “We lead the world in quantum computing … and it [has the] potential to contribute further to security of data and security of communications particularly in the intelligence and defence spheres.

“We’ve really got some technical expertise, but also I think a richness around governance frameworks and excellence in regulatory frameworks that can also assist other governments and other organisations worldwide to understand best practices in the area.”

In September, Ambassador for Cyber Affairs Dr Tobias Feakin communicated a similar sentiment, saying Australia has an international standing in cybersecurity, and brings “key qualities” to the table.

Australia has also played a role in the creation of international peacetime norms for cyberspace, including chairing the first United Nations Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UN GGE) in 2013, and helping develop the 11 international norms agreed to in subsequent UN GGE meetings.

“We have regional knowledge beyond most. We have a trusted diplomatic brand, and that’s something that we intend to capitalise on. We have strategic and economic interests in the region. And we have long-standing development partnerships across the region already,” Feakin said at the second annual SINET61 conference in Sydney.

“We need to capitalise on those, make the most of them. Not just for us as a government, [and] for regional partners as well, but also for our private sector … We see this issue as central to our economic future,” he said.

“It’s only this year that it’s just reached the point, of tipping over, to 50 percent of all internet users living in the Asia-Pacific. But really, still, there’s huge economic growth to unravel there, because still 60 percent of all households don’t have internet coverage.”

Last month, launching the International Cyber Engagement Strategy, Foreign Minister Julie Bishop said that for the purpose of national security, cyberspace cannot be an ungoverned space.

“Just as we have international rules that guide how states behave, and how states should behave towards each other, the international rules-based order that’s been in place for about 70 years, so too must states acknowledge that activities in cyberspace are governed by the same set of rules as military and security activities in traditional domains,” Bishop said in October.

“The 2016 US presidential election focused the world’s attention on the potential for cyber operations to interfere with democratic processes. This cannot be allowed to continue. It strikes at the very heart of the sovereignty of nations.”

According to the International Cyber Engagement Strategy, Australia will develop an international “architecture for cooperation” including mechanisms to respond to unacceptable behaviour in cyberspace in a timely manner.

“Australia’s responses to malicious cyber activity could comprise law enforcement or diplomatic, economic, or military measures as appropriate for the circumstances. This could include, but is not restricted to, offensive cyber capabilities that disrupt, deny, or degrade the computers or computer networks of adversaries,” the strategy states.

The strategy also implies that the nation has the capability to identify the source of cyber attacks.

“Depending on the seriousness and nature of an incident, Australia has the capability to attribute malicious cyber activity in a timely manner to several levels of granularity — ranging from the broad category of adversary through to specific states and individuals,” the strategy states.

In September, the federal government pledged AU$50 million over seven years for the cybersecurity cooperative research centre (CRC), with over AU$89 million in further funding to come from 25 industry, research, and government partners.

The cybersecurity CRC will deliver solutions to increase the security of critical infrastructure, the government said at the time, which includes “frameworks, products, and approaches that will service existing and future ICT enterprises across a broad range of platforms and operating systems”.

Assistant Minister for Industry, Innovation and Science Craig Laundy said the activities of the cybersecurity CRC will contribute to the objectives laid out in Australia’s AU$240 million Cyber Security Strategy, which is aimed at defending the nation’s cyber networks from organised criminals and state-sponsored attackers.

Related Coverage

Just one day after its release, iOS 11.1 hacked by security researchers

The bugs were found in Apple’s Safari web browser.

With a physical key, Google says it can protect you from nation-state hackers

When two-factor doesn’t cut it against the most sophisticated adversary, Google thinks it has an answer.

IoT security: Keeping users on their toes means staying on yours

IoT has introduced new vulnerabilities that can put your network at risk. Providing users with ongoing security training — and examples that relate to their work — will help keep your data safe.

Hacking group targets banks with stealthy trojan malware campaign

Stolen credentials are used to launch attacks which include the ability to stream live video of the screens of infected users.

This destructive wiper ransomware was used to hide a stealthy hacking campaign

“ONI” ransomware deployed on hundreds of machines in an effort by attackers to cover tracks of “Night of the Devil” campaign — which exploited leaked-NSA exploits.

www.scamsfakes.com

www.crimefiles.net

Henry Sapiecha

Malaysia data breach compromises 46.2M mobile numbers

Suspected to have originated from a 2014 attack, the breach is estimated to affect 46.2 million mobile numbers and compromise data such as home addresses and SIM card information.

A massive cybersecurity breach is reported to have compromised personal data of 46.2 million mobile numbers in Malaysia, exposing details such as home addresses and SIM card information.

The breach affected both postpaid and prepaid numbers as well as subscribers from all major mobile carriers in the country, including Maxis, Altel, Digi, and Celcom, according to Lowyat.net. The local website earlier this month said it received information that personal data linked to millions of Malaysians were being peddled online.

Apart from customer data from local telcos, it added that the information included those that belonged to various websites such as Jobstreet.com, Malaysian Medical Association, and Malaysian Housing Loan Applications. Leaked data from Jobstreet.com, for instance, contained the candidate’s login name, nationality, and hashed passwords.

Timestamps in the compromised data suggested that the breach occurred between 2014 and 2015, said Lowyat.

Commenting on the breach, Darktrace’s Asia-Pacific managing director Sanjay Aurora said such “low and slow” attacks could lay stealthily in networks for years without anyone noticing. He added that traditional defense tools would not be able to identify and block such attacks.

“Lateral movements are incredibly difficult to catch, with attackers spending an average of 260 days in a network before striking,” Aurora explained. He pointed to the need for machine learning tools that could learn on-the-job and dynamically tweak its analysis based on new information.

“Alongside this, there needs to be a cultural change,” he added, stressing the need to stop victim-blaming so businesses would not fear coming forward.Lowyat

Lowyat said it had handed the information to industry regulator, Malaysian Communications And Multimedia Commission, which later released a statement confirming it was investigating the incident.

According to local reports, Communications and Multimedia Minister Datuk Seri Salleh Said Keruak said the police also was involved in the investigation.

Malaysia has a population of some 31.2 million, so some subscribers likely will hold more than one compromised mobile number. The report added that the list may contain inactive numbers as well as temporary ones issued to visitors to the country.

Henry Sapiecha

NATIONAL AFFAIRS 150 Australian jihadis pose terror threat if they return home: Julie Bishop

ABOUT 150 Australians are, or have been, fighting with Arab insurgents & Muslim Extremests in Syria and Iraq and pose a security threat if they return home, says Julie Bishop.

DO NOT ALLOW PEOPLE BACK INTO AUSTRALIA WHO CARRIED OUT ATTROCITIES IN SYRIA & IRAQ

The Foreign Minister’s warning came amid evidence convicted terrorist Khaled Sharrouf, who fled Australia earlier this year, has joined the Islamic State of Iraq and al-Sham’s uprising in northern Iraq.

As ISIS militants battle with Iraqi government troops, The Australian today revealed that Sharrouf — who left for Syria using his brother’s passport — was thought to be among the thousands of ISIS fighters swarming threatening Baghdad.

Intelligence agencies told Ms Bishop this morning that the cohort of about 150 Australian fighters “in Syria and beyond” initially supported “more moderate opposition groups” but are increasingly turning to “more extreme” groups such as ISIS.

“These are brutal people (in ISIS). The executions and the killings and their boasting of it on social media makes this a particularly virulent form of terrorism,” Ms Bishop told ABC Radio after the briefing.

“These people are so extreme that al-Qa’ida is even distancing itself from them.

“I had an intelligence briefing from our agencies this morning and our best estimate is that there are about 150 Australians … who have been or are still fighting with opposition groups in Syria and beyond.”

AUSSIE JIHADI: Joins Iraq conflict

ACTION: Calls to revoke radicals’ citizenship

Ms Bishop said she had cancelled numerous Australian passports belonging to suspected extremists and Australian intelligence agencies were working with regional partners to counter the threat posed by the fighters’ return.

“We are concerned that Australians are working with (these militants), becoming radicalised, learning the terrorist trade, and if they come back to Australia of course it poses a security threat and we’re doing what we can to identify them.”

Ms Bishop said it was an offence under Australian law to take part on either side of the Iraqi conflict, or support a listed terrorist organisation such as ISIS, with penalties of up to 25 years’ jail.

Tony Abbott said he was making preparations to ensure the safety of Australian personnel in Baghdad, should the Iraqi capital be attacked.

“It is a dangerous and difficult situation. You have a terrorist army consolidating its hold over a large swath of Iraq and Syria with the intention presumably of creating a terrorist state with dangerous and unpredictable consequences for the region and for the wider world,” Mr Abbott said.

“We are redoubling our vigilance at our borders to try to ensure that jihadists do not gain access to our country or are monitored if they have the right of access to this country.”

Immigration Minister Scott Morrison said he was able to cancel the visas of permanent residents suspected of fighting overseas, just as he cancelled the visa of Rebels Motorcycle Club president Alex “The Maltese Falcon” Vella last week.

“I’m not going to comment on any specific cases for obvious reasons, but Australians should know this — they’ve seen my decision in relation to another matter, Mr Vella, and they know what I do on character grounds more generally; so they’ll know I will act when I need to act, every time,” he told ABC TV.

Labor’s foreign affairs spokeswoman Tanya Plibersek described returning Australian fighters as a “very serious risk’’, and says she supports government efforts to stop the threat.

Overseas fighters returned well trained, radicalised, and with a “sick sort of street cred’’, she said.

“That allows them to convince other impressionable young people that perhaps going to fight is a good idea, or perhaps committing crimes here in Australia might be a good idea,’’ she said.

Ms Bishop, who has announced $5 million aid for refugees fleeing ISIS’s advance, conceded the Western and Iranian-backed government of Shia prime minister Nouri al-Maliki was “not a good” administration.

“It is the only government in place in Iraq at present. It’s not a good one and the problems between the Sunnis and the Shias are exacerbated by his manner of excluding them from the government.

“He’s now calling for national unity — that’s a start — we need to see a political solution because a military solution could be catastrophic.”

In the wake of authorities failing to stop Sharrouf from leaving Australia, the Independent National Security Legislation Monitor, Bret Walker SC, said there should be reporting requirements for those convicted of terror offences, and an associated national database established.

As The Australian reported in May, Sharrouf travelled to Syria with fellow Australian Mohamed Elomar, who is also believed to be fighting with ISIS. Elomar is the nephew of Mohamed Elomar, one of the ringleader’s of the 2005 Pendennis conspiracy. Sharrouf and Elomar Sr were convicted in the Pendennis trial. Sharrouf served three years and 11 months in jail for his role in the conspiracy, which saw 18 people convicted over a plot to attack targets in Sydney and Melbourne.

Before fleeing Australia, Sharrouf was facing charges relating to alleged weapons offences committed last year. His friends and family denied any knowledge of him fighting with ISIS, and claimed a Facebook account detailing Sharrouf’s activities in Iraq was a fake.

Additional Reporting: Paul Maley and Mark Schliebs

www.crimefiles.net

Henry Sapiecha

Malcolm Turnbull and Benjamin Netanyahu witness MOU on defence industry co-operation Australia & Israel

Jerusalem: The prime ministers of Australia and Israel have shared a warm bearhug and pledged deeper cooperation on cyber-security in the fight against global terror threats.

Mr Turnbull arrived in Jerusalem on Monday afternoon, local time, on a trip that had been delayed and truncated by the political fallout from the High Court’s dual citizenship ruling.

But there was no ill feeling on show at Benjamin Netanyahu’s headquarters, where he was welcomed by the Israeli prime minister pronouncing him “mishpacha” – family.

“Malcolm you are a true friend of Israel,” Mr Netanyahu said. “Our two nations understand each other in the deepest sense… and your personal commitment to Israel is absolutely clear.”

Mr Turnbull said it was a “long schlepp” from Australia but “it feels like family”.

“We are all fighting together against militant Islamist terrorism,” he said. “It’s a threat to Israel, it’s a threat to Australia and it’s a threat to all who value and cherish freedom.”

After two hours of meetings, including a one-on-one discussion then an official bilateral, the men witnessed the signing of a new memorandum of understanding on defence industry co-operation.

Mr Turnbull said they had spoken at length on the Islamist terror threat, and the role of technology in both enabling and fighting against it.

The prime ministers of Australia and Israel shared a warm bearhug and pledged deeper cooperation on cyber-security Photo: Dan Peled

Technology has “empowered individuals who seek to do us harm”, he said, and cyber security was more important than ever.

Israel is considered a cyber warfare superpower, alongside the US, Russia, China and the UK.

It accounts for 10 per cent of global sales of computer and network security technology.

But it also has significant offensive powers.

In October it emerged that in 2015 an Israeli security agency hacked into Russian antivirus firm Kaspersky, which enabled it to watch Russian spies as they worked to infiltrate sensitive US networks.

Israel was reported to have used cyber weapons to spy on the Iran nuclear negotiations in 2014 and 2015.

And Israel was reportedly behind the Stuxnet virus, dubbed the world’s first digital weapon, which was used to disrupt Iran’s uranium enrichment plants.

Last year Mr Turnbull announced a $230 million cyber security strategy, which would include an offensive capability to launch pre-emptive attacks on ‘cyber raiders’.

Mr Turnbull said Monday’s agreement would lead to closer collaboration between the two countries on cyber security.

“It is vitally important that we work more closely together, more of the time, to keep our people safe from terrorism,” he said.

A particular problem was the encrypted apps that terrorists used to communicate in secret, he said.

“We look forward to deeper collaboration on defence, particularly in the cyber domain,” he said.

After the meeting Mr Turnbull told media the two men had also discussed the Iran nuclear deal, which Israel opposes but Australia supports.

It has recently come under pressure from the US, where president Trump has disavowed but so far not scrapped the agreement.

Mr Turnbull said Australia “absolutely understand Israel’s very real concerns and anxieties about Iran moving to a nuclear weapons capability but we are not persuaded that moving away from the agreement … would be beneficial in preventing that type of proliferation.”

Asked on the state of domestic politics, Mr Turnbull denied it was in a state of turmoil after the High Court decision.

“The business of government goes on,” he said. “It’s business as usual.”

Asked if he’d had enough with politics, Mr Turnbull responded “I’ve never had more fun in my life.”

Henry Sapiecha

FBI Couldn’t Access Almost 7K Devices Because Of Encryption

The FBI hasn’t been able to retrieve data from more than half of the mobile devices it tried to access in less than a year, FBI Director Christopher Wray said Sunday, turning up the heat on a debate between technology companies and law enforcement officials trying to recover encrypted communications.

In the first 11 months of the fiscal year, federal agents were unable to access the content of more than 6,900 mobile devices, Wray said in a speech at the International Association of Chiefs of Police conference in Philadelphia.

“To put it mildly, this is a huge, huge problem,” Wray said. “It impacts investigations across the board—narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation.”

The FBI and other  have long complained about being unable to unlock and recover evidence from cellphones and other devices seized from suspects even if they have a warrant, while technology companies have insisted they must protect customers’ digital privacy.

The long-simmering debate was on display in 2016, when the Justice Department tried to force Apple to unlock an encrypted cellphone used by a gunman in a terrorist attack in San Bernardino, California. The department eventually relented after the FBI said it paid an unidentified vendor who provided a tool to unlock the phone and no longer needed Apple’s assistance, avoiding a court showdown.

The Justice Department under President Donald Trump has suggested it will be aggressive in seeking access to encrypted information from . But in a recent speech, Deputy Attorney General Rod Rosenstein stopped short of saying exactly what action it might take.

“I get it, there’s a balance that needs to be struck between encryption and the importance of giving us the tools we need to keep the public safe,” Wray said.

In a wide-ranging speech to hundreds of police leaders from across the globe, Wray also touted the FBI’s partnerships with local and federal law enforcement agencies to combat terrorism and violent crime.

“The threats that we face keep accumulating, they are complex, they are varied,” Wray said, describing threats from foreign terror organizations and homegrown extremists.

Wray also decried a potential “blind spot” for intelligence gathering if Congress doesn’t reauthorize an intelligence surveillance law set to expire at the end of the year. The Foreign Intelligence Surveillance Act allows the government to collect information about militants, people suspected of cybercrimes or proliferation of weapons of mass destruction, and other foreign targets outside the United States. Intelligence and law enforcement officials say the act is vital to national security.

A section of the act permits the government, under the oversight of the Foreign Intelligence Surveillance Court, to target non-Americans outside the United States.

“If it doesn’t get renewed or reauthorized, essentially in the form that it already is, we’re about to get another blind spot,” Wray said

Henry Sapiecha

ASIO restructuring strategy and resources in the face of cyber threat

The country’s intelligence agency has aligned its resources to focus on the growing threat of cyber espionage targeting ‘a range’ of Australian interests.

In the wake of accusations from United States intelligence agencies that Russia hacked into Democratic Party emails, thus helping Donald Trump to election victory last year, a report from Australia’s intelligence agency said the country’s national security resources are focused on preventing foreign threat actors from “targeting a range of Australian interests”.

In its 2016-17 Annual Report [PDF], the Australian Security Intelligence Organisation (ASIO) explained that Australia continued to be a target of espionage and foreign interference, noting in particular that foreign intelligence services sought access to privileged and/or classified information on Australia’s alliances and partnerships; the country’s position on international diplomatic, economic, and military issues; as well as energy and mineral resources, and innovations in science and technology-related fields.

ASIO called the threat from espionage and foreign interference to Australian interests “extensive, unrelenting, and increasingly sophisticated”.

“Foreign intelligence services are targeting a range of Australian interests, including clandestine acquisition of intellectual property, science and technology, and commercially sensitive information,” the report explains.

“Foreign intelligence services are also using a wider range of techniques to obtain intelligence and clandestinely interfere in Australia’s affairs, notably including covert influence operations in addition to the tried and tested human-enabled collection, technical collection, and exploitation of the internet and information technology.”

During the reported period, ASIO said it identified foreign powers clandestinely seeking to shape the opinions of members of the Australian public, media organisations, and government officials, motivated by the appeal of “advancing their country’s own political objectives”.

As highlighted by ASIO, rapid technological change continued to provide people who are engaging in activities that threaten Australia’s security with new tools to conceal their activities from security and law enforcement agencies. In particular, ASIO said the use of encrypted communications by security intelligence targets was — and still is — an area of particular concern.

“Australia continues to be a target of espionage through cyber means; the cyber threat is persistent, sophisticated, and not limited by geography,” ASIO warned.

“Increasingly, foreign states have acquired, or are in the process of acquiring, cyber espionage capabilities designed to satisfy strategic, operational, and commercial intelligence requirements.”

Watching carefully the area of investment flows, ASIO said that while Australia’s open and transparent economy, which invites foreign investment, is a welcome and important contributor to Australia’s national wealth, it is not without national security risks.

“For example, foreign intelligence services are interested in accessing bulk data sets and privileged public or private sector information, including Australian intellectual property. Developing and implementing effective mitigation strategies for these issues is critical to reducing the threat to an acceptable level,” the report says.

Another emerging issue of potential national security concern to ASIO is the lack of diversity of ownership within certain infrastructure sectors.

The agency also said that the number of cybersecurity incidents either detected or reported within Australia represents a fraction of the total threat the country legitimately faces.

While technology provided security and law enforcement agencies with new opportunities to identify activities of security concern, ASIO said building and maintaining technical collection capabilities to stay ahead of the threats proved to be resource intensive.

“Transforming existing agency information and communications technology infrastructure to effectively exploit new capabilities, manage the large volume and variety of data available, and to be adapted easily to new technologies is a major challenge, and one that will require significant, ongoing investment,” the agency wrote.

“In addition to technological challenges in the operating environment, we faced heightened threats to our staff, facilities, and information.”

ASIO said such challenges required the diversion of resources to “ensure the security and effectiveness” of the agency’s operations.

Throughout the period, ASIO said it worked closely with Australia’s national security partner agencies, which included work to progress shared national security objectives through joint agency bodies such as the federal, state, and territory Joint Counter Terrorism Teams (JCTT), the National Threat Assessment Centre (NTAC), the Jihadist Network Mapping and Targeting Unit, and the Australian Cyber Security Centre (ACSC).

Similarly, work with international peers was maintained with over 350 partner agencies in 130 countries, ASIO explained.

The intelligence agency specifically worked with counter-terrorism prosecution in New South Wales, Victoria, and Queensland, providing assistance and evidence on telecommunications intercepts, physical surveillance, listening, and tracking devices.

“In 2016-17, we continued to work closely with telecommunications companies regarding the security risks associated with the use of certain companies in their supply chains and risks arising from foreign ownership arrangements,” the report says.

“We provided sensitive briefings to the Australian government and the telecommunications sector to outline the threat and, where possible, recommended appropriate mitigation measures.”

ASIO said that through its work with ACSC, it regularly observed cyber espionage activity targeting Australia.

“Foreign state-sponsored adversaries targeted the networks of the Australian government, industry, and individuals to gain access to information and progress other intelligence objectives,” the agency wrote.

“ASIO provided support to the ACSC’s investigations of these harmful activities as well as the centre’s work to remediate compromised systems. The number of countries pursuing cyber espionage programs is expected to increase … as technology evolves, there will be an increase in the sophistication and complexity of attacks.”

It isn’t just foreign threats on ASIO’s radar, with the agency noting it remained alert to, and investigated threats from, malicious insiders.

“Those trusted employees and contractors who deliberately breach their duty to maintain the security of privileged information,” ASIO explained. “These investigations continued to be complex, resource-intensive, and highly sensitive.”

In-house, ASIO said it also worked to build an enterprise technology program to enable the agency to “excel in using technology and data” to achieve its purpose.

“Given the increasing opportunities and challenges brought about by rapid advances in technology, it is imperative that ASIO is a ‘data-enabled organisation’, connected to its partners, accountable to the people, innovative in its approach, and sustainable for the long term,” the report says.

From July 2018, Australia’s new Home Affairs ministry will be responsible for ASIO, Australian Federal Police, Border Force, Australian Criminal Intelligence Commission, Austrac, and the office of transport security. It will see Attorney-General George Brandis hand over some national security responsibility to Minister for Immigration and Border Protection Peter Dutton.

Of the ministerial changes and the recommendations of the 2017 Independent Intelligence Review, ASIO Director-General of Security Duncan Lewis said he believes the new measures will play an important role in strengthening the agency’s strategic direction, effectiveness, and coordination of Australia’s national security and intelligence efforts, at a time when “the nation is facing complex, long-term threats” to its security.

Henry Sapiecha

Data stolen in Australian defence contractor hack

Secret F-35, P-8, C-130 data stolen in Australian defence contractor hack

Around 30 gigabytes of ITAR-restricted aerospace and commercial data was exfiltrated by an unknown malicious actor during the months-long ‘Alf’s Mystery Happy Fun Time’ attack.

In November 2016, the Australian Signals Directorate (ASD) was alerted by a “partner organisation” that an attacker had gained access to the network of a 50-person aerospace engineering firm that subcontracts to the Department of Defence.

Restricted technical information on the F-35 Joint Strike Fighter, the P-8 Poseidon maritime patrol aircraft, the C-130 transport aircraft, the Joint Direct Attack Munition (JDAM) smart bomb kit, and “a few Australian naval vessels” was among the sensitive data stolen from a small Australian defence contractor in 2016.

The secret information was restricted under the International Traffic in Arms Regulations (ITAR), the US system designed to control the export of defence- and military-related technologies, according to Mitchell Clarke, an incident response manager at the ASD who worked on the case.

One document was a wireframe diagram of “one of the navy’s new ships”. A viewer could “zoom in down to the captain’s chair and see that it’s, you know, 1 metre away from nav chair”, Clarke said.

The data theft was first reported on Tuesday as part of the 2017 Threat Report from the Australian Cyber Security Centre (ACSC). Little information was given at the time. The victim was described as a “small Australian company with contracting links to national security projects”. The attacker had “sustained access to the network for an extended period of time” and had stolen a “significant amount of data”.

Clarke provided significantly more detail in his presentation to the national conference of the Australian Information Security Association (AISA) in Sydney on Wednesday.

ASD named this advanced persistent threat (APT) actor “APT ALF”, after a character in the long-running Australian TV soap opera Home and Away.

The attacker had in fact been in the network since at least mid July 2016, with data exfiltration starting around two weeks later. ASD refers to the three months between the attacker gaining access, and the ASD becoming aware of it, as “Alf’s Mystery Happy Fun Time”.

The attacker would have had little trouble gaining access.

The victim’s network was small. One person managed all IT-related functions, and they’d only been in the role for nine months. High staff turnover was typical.

There was no protective DMZ network, no regular patching regime, and a common Local Administrator account password on all servers. Hosts had many internet-facing services.

Access was initially gained by exploiting a 12-month-old vulnerability in the company’s IT Helpdesk Portal, which was mounting the company’s file server using the Domain Administrator account. Lateral movement using those same credentials eventually gave the attacker access to the domain controller and the remote desktop server, and to email and other sensitive information.

“This isn’t uncommon,” Clarke said. “Only about 12 months old, if you look at government, that’s not that out of date, unfortunately.”

The attacker needn’t have bothered with that, however. The ASD’s investigation found that internet-facing services still had their default passwords, admin::admin and guest::guest.

An important aspect of this incident is that a small company, with resources that were clearly inadequate given the sensitivity of the data they held, still managed to obtain and hold ITAR certification.

According to Clarke, an application for ITAR certification is usually only “two or three pages”, and asks only basic questions about organisations’ security posture.

“One of the learning outcomes from this particular case study for at least the Australian government is that we need to find a way to start to be a little bit more granular in our contracting to mandate what type of security controls are required,” Clarke said.

“That’s not for my team to answer, but that’s going to be an outcome of this sort of thing.”

Clarke emphasised the importance of following best practices to secure networks, including the ASD’s Essential Eight strategies to mitigate cybersecurity incidents.

USA Air Force’s Mini Crypto Chip Keeps Data Out Of Enemy Hands

When Airmen are active in the field, securing a line of communication is essential to keep sensitive intelligence away from enemy forces. To help navigate this digital world, the U.S. Air Force has created the new Mini Crypto chip to fortify communications and data between military systems.

“We think (Mini Crypto chip) will really help forward-deployed warfighters secure sensors, or communications devices, in areas where risk of interception is high, and still protect sensitive data, without burdening folks on the front lines with extra equipment or steps to safeguard the encryption device,” says Heidi Beason, the Mini Crypto program manager at the Air Force Life Cycle Management Center, Cryptologic and Cyber System Division, Joint Base-San Antonio, Texas.

At its core, the chip is an independent encryption engine that is small, lightweight, and creates its own session-based “key.” It has a power requirement of 400 milliwatts, “meaning it can be installed on equipment carried by one-person parties operating as scouts and forward air controllers.”

Once a session key is established between the sender and receiver, the key is used to read messages after the encryption process. The key management system boosts data protection and ticks off the National Security Agency check list, which is the highest standards for encryption.

“Communications devices all have a processor, where a message is formatted for transmission,” says Mini Crypto Deputy Program Manager Christopher Edsall.

“In the case of a computer, it’s the (central processing unit). Mini Crypto is located after the processing center, but before the transmission center, which is usually a radio. Another Mini Crypto chip is installed at the receiver end, after the receiving antennae, but before the CPU. The second Mini Crypto chip decrypts the received message as it comes through the radio where the unencrypted message is processed, and then it is displayed or heard,” Edsall adds.

The chip’s encryption creates a resource-intensive decryption process, according to Edsall. If the enemy does manage to make the data readable, the amount of time taken forfeits the information’s usefulness.

According to Beason, two years of program development led to the Mini Crypto chip design we see today. After a quick turnaround of concept, development, and testing, the device is now ready for production.