Category Archives: England

How to become a great spy agency in the 21st century: Incubate startups..!!

What results when a top secret intelligence agency turns to entrepreneurs to assist in the building of new tools to protect a nation from cyberattacks? This is it….

Intelligence agencies are great at finding out and keeping secrets, and at working patiently in the shadows. Startups are good at promoting themselves, moving fast, and breaking things—in an effort to build the next big technology. It’s hard to think of two mindsets that are further apart.

However in a world of constantly evolving cybersecurity threats, Britain’s GCHQ spy agency decided to open a startup accelerator to bridge the gap between the two: to see, if it was a little more open, it could help the private sector build tools to prevent cyberattacks in the future..

Britain’s Government Communications Headquarters (GCHQ) has a century-long history of helping to protect the country from threats, both international and domestic.

Although it wouldn’t be known as GCHQ for decades to come, its work began during World War I when a number of intercept stations were established to seize and decrypt messages sent by Germany and its allies. Its most famous incident came in early 1917 when analysts were able to intercept and decrypt a telegram sent by the German foreign minister Count Zimmermann, in which was revealed that Germany planned to reward Mexico with US territory if it joined the war. The release of the message was one of the factors which brought the United States’ firepower into the war.

During World War II, the organisation, then called the Government Code and Cypher School (GC&CS), was located at Bletchley Park where it tirelessly undertook to decrypt Hitler’s “unbreakable” ciphers—work credited with shortening the war significantly.

SEE: Defending against cyberwar: How the cybersecurity elite are working to prevent a digital apocalypse (TechRepublic cover story)

Following the war and having outgrown its previous site, GC&CS was renamed GCHQ. Its headquarters were moved just outside of Cheltenham, Gloucestershire, in the west of England, where it remains today.

It now has 6,000 staff and an annual budget of £2.6bn, while still being tasked to keep Britain safe from a variety of threats including terrorism, serious crime, espionage, and cyberattacks, as well as providing support to law enforcement and the military when required.

But its work is not without controversy. In 2013, whistleblower Edward Snowden lifted the lid on PRISM, an expansive online surveillance programme by GCHQ, along with the US National Security Agency. The programme collected data on all online and telephone communications made inside the UK.

But while the agency is best known for snooping, it also has a secondary role in providing security advice.

“We’re a security organisation. If you drive past us you see a lot of razor wire and that can sometimes create an internal, introverted culture,” said Chris Ensor, deputy director of cyber skills and growth at the National Cyber Security Centre (also known as NCSC, the cybersecurity arm of GCHQ).

“For the last 100 years, GCHQ has had an intelligence mission and a security mission. It’s the intelligence which is portrayed in the news or in films like James Bond and we’re always the spy centre. But actually we’ve had a security mission for a long, long time,” said Ensor.

Threats to national security evolve over time and today cyberattacks are considered to be among the biggest risks to the country—alongside terrorism, espionage, and weapons of mass destruction.

That means GCHQ’s security mission has extended to protecting the UK from cyberattacks and hackers, particularly those targeting critical national infrastructure. Indeed, the NCSC was set up to tackle cyberthreats, replacing three separate cybersecurity organisations: the Centre for Cyber Assessment, Computer Emergency Response Team UK, and GCHQ’s information security arm.

Five Eyes, Nine Eyes & 14-Eyes Countries and VPNs Important to know when using (or planning to use) a VPN

The content herein is part of an article published in a VPN site where at the end of this short introduction there will be a link to take you to a lot more viewpoints & info. ENJOY.

This article will discuss available VPNs in relation to the 5 Eyes, the 9 Eyes and the 14 Eyes government surveillance alliances.

Encryption is the only way to protect private communications. While there are encrypted messaging systems that can be used for direct correspondence, virtual private networks (VPNs, also based on encryption) are the best tools for hiding internet activity, such as which websites are visited. Again, there are valid reasons to do so: to protect the privacy of religion, sexual orientation and sensitive medical conditions; all of which can be inferred from visited websites.

Background

During the second world war, US and UK intelligence agencies worked closely on code-breaking. After the war, the UK center at Bletchley Park evolved into the Government Communications Headquarters (GCHQ). The American service evolved into the National Security Agency (NSA). In 1946, the working relationship between the two countries was formalized in the UKUSA agreement. It worked on signals intelligence (SIGINT); that is, the interception and analysis of adversarial telecommunications.

In order to provide global coverage for communications interception, Australia, New Zealand and Australia joined the UK and the USA – and became known as the Five Eyes.

However, such is the NSA’s global dominance of intelligence gathering, other countries have sought to cooperate in return for specific ‘threat’ information from the NSA. This has led to other SIGINT groupings: the 9 Eyes and the 14 Eyes.

The operation of these intelligence agencies was long kept secret. As global communications have increased – and as perceived threats have grown (first in the Cold War between east and west and more recently in the ‘war on terror’), the 5 Eyes in particular began to secretly use technology to gather everything for later analysis. GCHQ, for example, had a secret project called Mastering the Internet. None of this was publicly known.

In 2013, NSA whistleblower Edward Snowden leaked thousands of top secret NSA and GCHQ documents showing, for the first time, the extent to which national governments spy on everybody. It is always done in the name of ‘national security’, and both the relevant agencies and their governments insist on their right to do so.

MORE HERE

Henry Sapiecha

Massive international cyber attack hits computers across Europe, Asia and Russia

London: A huge cyber attack struck computers across Europe and Asia on Friday, crippling health services and closing emergency rooms in Britain.

The attack involved ransomware, a kind of malware that encrypts data and locks out the user. According to security experts, it exploited a vulnerability that was discovered and developed by the National Security Agency (NSA) in the US.

The hacking tool was leaked by a group calling itself the Shadow Brokers, which has been dumping stolen NSA hacking tools online since the beginning of last year. Microsoft rolled out a patch for the vulnerability last March, but hackers took advantage of the fact that vulnerable targets – particularly hospitals – had yet to update their systems.

The malware was circulated by email; targets were sent an encrypted, compressed file that, once loaded, allowed the ransomware to infiltrate its targets.

Employees of Britain’s National Health Service (NHS) were warned about the ransomware threat early on Friday, but by then it was too late.

As the disruptions rippled through hospitals, doctors’ offices and ambulance services across Britain, the NHS declared the attack a “major incident” and patients were asked to only seek assistance for serious medical emergencies.

Hospitals and telecommunications companies across Europe, Russia and Asia were affected, according to MalwareHunterTeam, a security firm that tracks ransomware attacks.

Spain’s Telefonica and Russia’s MegaFon were among the telecommunications targets.

Attacks were being reported in Britain and 11 other countries, including Turkey, Vietnam, the Philippines, Japan, with the majority of affected computers in Russia. The computers all appeared to be hit with the same ransomware, and similar ransom messages demanding about $US300 to unlock their data.

The attack on the NHS seemed perhaps the most audacious of the attacks, because it had life-or-death implications for hospitals and ambulance services.

Tom Donnelly, a spokesman for NHS Digital, the arm of the health service that handles cybersecurity, said in a phone interview that 16 organisations, including “hospitals and other kinds of clinician services,” had been hit. Officials later updated that number to at least 25.

Hospitals and doctors’ surgeries were forced to turn away patients and cancel appointments as the attack crippled computer systems.

The Spanish government said a large number of companies, including telecommunications giant Telefonica, had been infected. Portugal Telecom was also hit but no services were impacted, a spokeswoman for the company said.

“Seeing a large telco like Telefonica get hit is going to get everybody worried. Now ransomware is affecting larger companies with more sophisticated security operations,” Chris Wysopal, chief technology officer with cyber security firm Veracode, said.

In Spain, some big firms took pre-emptive steps to thwart ransomware attacks following a warning from the National Cryptology Centre of “a massive ransomware attack.” It said hackers used a version of a virus known as WannaCry that targets Microsoft Corp’s widely used Windows operating system.

Iberdrola and Gas Natural, along with Vodafone’s unit in Spain, asked staff to turn off computers or cut off internet access in case they had been compromised, representatives from the firms said.

Reuters

www.scamsfakes.com

www.crimefiles.net

Henry Sapiecha

Apple Boss Tim Cook Says He’ll Defy Britain’s Government Spy Law Data Access Plan

Italy Apple Cook_image www.intelagencies.com

Apple CEO Tim Cook, right, listens to former Italian premier and President of Bocconi University Mario Monti as they attend the inauguration of the academic year at the Bocconi, in Milan, Italy, Tuesday, Nov.10, 2015. (AP Photo/Luca Bruno)

Tech giant Apple will resist the British government’s efforts to get access to encrypted data through a new spying law, CEO Tim Cook said Wednesday.

Last week, Britain published a draft law that seeks to ensure that telecommunication companies “provide wider assistance to law enforcement and the security and intelligence agencies in the interests of national security.”

That worries firms like Apple, whose iMessage service offers “end-to-end” encryption, meaning the company doesn’t have the ability to read messages sent over the app.

Cook told students at Trinity College Dublin that Apple didn’t plan to introduce a “back door” ability to decrypt the messages.

“We will productively work with the governments to try to convince them that’s also in their best interests in the national security sense,” he said.

Cook said weakening encryption would be bad for online security, because “if you leave a back door in the software then there’s no such thing as a back door for the good guys only.”

“If there’s a back door anybody can come in,” he said.

British Home Secretary Theresa May said last week that the draft Investigatory Powers Bill “will not ban encryption or do anything to undermine the security of people’s data.”

But civil liberties and privacy groups have expressed alarm at its provisions, which include requiring communications companies to hold onto customers’ web traffic records for up to a year. The draft bill also says service providers will be legally obliged to assist the authorities in getting access to customers’ devices.

The bill has yet to be approved by Parliament.

ig

Henry Sapiecha

Internet Firms Warn UK Against ‘Dangerous’ Changes To Law

electricity background red pink surreal image www.intelagencies.com

Major U.S. Internet companies have urged the British government to reconsider a plan to make telecommunications firms help spies hack into computers and phones.

The draft Investigatory Powers Bill would require telecoms companies to keep records of customers’ Web histories for up to a year, and to help security services gain access to suspects’ electronic devices.

In a joint submission to a committee of British lawmakers, Facebook, Google, Microsoft, Twitter and Yahoo said that “to the extent this could involve the introduction of risks or vulnerabilities into products or services, it would be a very dangerous precedent to set.”

They urged the government to reconsider, and warned against changes that would weaken online encryption, which they called a “fundamental security tool.”

The submission was made last month and published Thursday by the committee, which is reviewing the proposed legislation.

Apple has also objected to the British proposals, saying they could weaken online security by providing a backdoor to users’ data for “bad guys” as well as “good guys.”

The British government insists the bill won’t weaken or ban online encryption.

If approved by Parliament, the bill will let police and spies access Internet connection records — a list of websites, apps and messaging services someone has visited, though not the individual pages they looked at or the messages they sent.

Civil liberties groups have also expressed alarm at the bill. A previous version of the legislation was thrown out by lawmakers in 2013 as overly intrusive.

The government says it will set out final proposals in the spring.

oo

Henry Sapiecha

Britain Seeks Greater Access To Citizens’ Online Activity

Cybersecurity image www.intelagencies.com

The British government plans to make telecommunication firms keep records of every website that customers visit under a new law regulating cyber-snooping.

The draft Investigatory Powers Bill is designed to regulate authorities’ access to Internet activity, replacing a patchwork of laws, some dating from the Web’s infancy.

Home Secretary Theresa May said Wednesday that the bill would let police and spies access Internet connection records – a list of websites and social media apps someone has visited, though not the individual pages they looked at or messages they sent.

May said the data was “simply the modern equivalent of an itemized phone bill,” but civil liberties groups say it marks a big expansion of snooping powers.

The bill will be reviewed by legislators before it’s submitted to Parliament for approval.

ooo

Henry Sapiecha

UK refuses to reveal how many lawmakers are under surveillance

UK Home secretary Theresa May did confirm that members of devolved parliaments and the European Parliament are not subject to wiretap protections.

UK home secretary Theresa May speaking on BBC radio image www.intelagencies.com

UK home secretary Theresa May speaking on BBC radio (Image: BBC/Twitter; file photo)

The UK’s home secretary Theresa May has refused to confirm how many fellow lawmakers have had their communications intercepted by British intelligence agencies.

In a brief confrontation in the parliament’s House of Commons on Monday, fellow Conservative Peter Bone MP said May’s refusal to answer was an “indication” that some members of parliament (MPs) have been subject to surveillance by UK intelligence agencies.

The emergency session follows a ruling last week that determined the so-called Wilson Doctrine, a promise made by former prime minister Harold Wilson that said members of parliament won’t have their mail opened or phones tapped by the intelligence agencies without his direct knowledge, was no longer valid.

May said the doctrine “still applies,” but confirmed that devolved members of parliament in Scotland (MSPs), Wales, and Northern Ireland, as well as members of the European Parliament (MEPs), are not protected by the doctrine.

Joanna Cherry MP, a Scottish member of parliament, criticized May’s response, asking why the government thinks the Scottish parliament is “less deserving” of the doctrine’s protection. She added that the home secretary’s “caveated” comments about the doctrine in 2014 suggested the doctrine may have been partly suspended around the time of the Scottish national independence referendum, a national vote that saw Scotland remain as part of the United Kingdom.

Caroline Lucas MP, who brought the case under debate to the Investigatory Powers Tribunal, said lawmakers had been “misled” over the level of protections MPs are afforded under the doctrine.

Doctrine ‘cannot work sensibly’

Until last week, the doctrine was kept in force by every prime minister since Wilson, but was expanded in 2002 when former prime minister Tony Blair said the doctrine applied to “all forms” of communications.

But last week, James Eadie QC told the Investigatory Powers Tribunal (IPT), which hears complaints against the intelligence agencies, that the doctrine “simply cannot work sensibly” in an age of bulk data collection and mass surveillance, and did not have the force or weight of the law.

The IPT said that the UK’s spy agencies MI5, MI6, and GCHQ — the eavesdropping agency whose activities were detailed in an extensive range of documents leaked by whistleblower Edward Snowden — have their own separate policies that do not require for the prime minister to be informed where parliamentary communications were collected.

MPs were quick to respond with anger, amid concerns that emails sent to and from parliamentary offices may have been collected or spied on.

In a letter to the prime minister David Cameron, Scottish first minister Nicola Sturgeon asked for clarification, arguing “the confidentiality of communications between parliamentarians and their constituents is of the utmost importance,” according to The Guardian.

MPs not ‘above the law’

Many of the lawmakers on Monday argued that the need to protect their communications from surveillance was to protect whistleblowers, and not about driving a wedge of privilege between them and the public.

David Davis MP, a Conservative politician known for being pro-civil liberties, and who has almost always voted against requiring the mass retention of information about communications, said MPs need the doctrine’s protections against government surveillance because their job is to “hold the government to account.”

He argued that MPs often “deal with campaigners, journalists, whistleblowers, and our own constituents” in bringing to light wrongdoing disclosed by members of the public, including police and public-sector workers, and employees of big corporations.

Chris Bryant MP, who called for the emergency debate following last week’s ruling, argued that MPs “cannot ever be above the law,” a sentiment echoed by others, including the home secretary.

Bryant, a Labour MP with a long record of voting in favor of data retention and communications collection legislation, accused May of withholding any public statement about a change in the doctrine’s standing because it wasn’t “compatible” with the current state of national security.

Davis, in agreement with Lucas and others, said the the doctrine must be enshrined into law.

May will “soon” introduce the so-called “snoopers’ charter,” first mentioned earlier this year in the Queen’s annual speech.

Known as the Investigatory Powers Bill, the Conservative government said the draft law would give authorities “tools” to keep the public safe by addressing gaps in existing intelligence gathering.

Dominic Grieve MP, chair of the Security and Intelligence Committee which oversees the intelligence agencies, said the committee will examine how parliamentarians will be treated under the new draft bill.

ooo

Henry Sapiecha

UK and U.S. intelligence agencies to increase cyber security co-operation

Britain's Prime Minister David Cameron speaks at a debate to promote the EU-US trade deal, in Brussels

(Reuters) – Britain and the United States will increase cooperation on cyber security, Prime Minister David Cameron said, setting up “cyber cells” to share intelligence and conduct simulated attacks to test the defences of organisations such as banks.

Cameron is on a two-day visit to Washington focused on the economy and security, and is due to have a second meeting with President Barack Obama on Friday at the White House.

“We have got hugely capable cyber defences, we have got the expertise and that is why we should combine as we are going to, set up cyber cells on both sides of the Atlantic to share information,” Cameron told the BBC in an interview aired on Friday.

The cooperation between Britain’s GCHQ eavesdropping agency and the U.S. National Security Agency will include joint war games, with the first exercise later this year to involve the Bank of England and commercial banks in both the City of London and Wall Street, the BBC reported.

“This is a real signal it is time to step up the efforts and to do more,” said Cameron.

The British leader said he also planned to discuss with Obama how the two countries could work more closely with big Internet companies such as Facebook and Google to monitor communications between terror suspects.

ooo

Henry Sapiecha