Category Archives: INFORMATION GATHERING

Call for stricter access to Medicare cards after numbers sold on dark web

Australians could be handed greater control over who can access their Medicare card details amid fears the information can be too easily obtained.

An independent report, released on Saturday, has suggested tighter security following a review ordered by the federal government in July after a small batch of card numbers were sold on the dark web.

Medicare healthcare cards in Sydney, Wednesday, Jan. 21, 2015. The Federal government has indicated there could be further changes to planned Medicare reforms after dumping a controversial GP rebate. (AAP Image/Joel Carrett) NO ARCHIVING

It noted that while there had been no risk to patients’ health records as a result of the sale, Medicare card numbers are susceptible to theft for identity fraud and other “illicit activities”.

Illegally obtained Medicare details can also be used to fraudulently make claims and access taxpayer-funded health services.

The report has recommended that doctors and other health professionals be required to get consent from patients – either in writing or verbally – before accessing their Medicare numbers.

“In addition to providing patients with more control, this would also increase consumer awareness about how their Medicare information is used and shared,” it said.

The federal government is also being urged to phase out the ability to access Medicare numbers over the phone.

Roughly 580,000 calls are made to the Department of Human Services requesting card access, but security checks aren’t as robust as the online portal.

“The information required in the provider security check to access a Medicare card number could be accessible by someone other than the provider,” the report found.

While the review panel didn’t see any evidence of fraudulent requests for Medicare numbers over the phone, it “remains concerned about the potential risks presented by the channels”.

It recommends that, while phasing it out, conditions for the release or confirmation of card information by phone should be strengthened with additional security questions to whoever is calling in the request.

The panel – led by Peter Shergold, former secretary of the Department of Prime Minister and Cabinet – stopped short of calling for mandatory identity checks whenever someone uses their Medicare card, but suggested health professionals be required to take “reasonable steps” to confirm a patient’s identity when they are first treated.

It has also recommended that Australians be able to request an audit log of people who have sought access to their card number through the online portal, and that batch requests for numbers over the web be limited to 50 numbers at a time day – a dramatic reduction in the existing 500 record limit.

Last financial year, about 10.2 million searches for Medicare card numbers were made via the online service.

Human Services Minister Alan Tudge and Health Minister Greg Hunt welcomed the report and promised the government will respond by the end of the year.

AAP  www.scamsfakes.com    www.newcures.info

Henry Sapiecha

Famed Hacker Kevin Mitnick Shows You How to become Invisible Online

If you’re like me, one of the first things you do in the morning is check your email. And, if you’re like me, you also wonder who else has read your email. That’s not a paranoid concern. If you use a web-based email service such as Gmail or Outlook 365, the answer is kind of obvious and frightening.

About the author

Kevin Mitnick (@kevinmitnick) is a security consultant, public speaker, and former hacker. The company he founded, Mitnick Security Consulting LLC, has clients that include dozens of the Fortune 500 and world governments. He is the author of Ghost in the Wires, The Art of Intrusion, and The Art of Deception.

Even if you delete an email the moment you read it on your computer or mobile phone, that doesn’t necessarily erase the content. There’s still a copy of it somewhere. Web mail is cloud-based, so in order to be able to access it from any device anywhere, at any time, there have to be redundant copies. If you use Gmail, for example, a copy of every email sent and received through your Gmail account is retained on various servers worldwide at Google. This is also true if you use email systems provided by Yahoo, Apple, AT&T, Comcast, Microsoft, or even your workplace. Any emails you send can also be inspected, at any time, by the hosting company. Allegedly this is to filter out malware, but the reality is that third parties can and do access our emails for other, more sinister and self-serving, reasons.

While most of us may tolerate having our emails scanned for malware, and perhaps some of us tolerate scanning for advertising purposes, the idea of third parties reading our correspondence and acting on specific contents found within specific emails is downright disturbing.

The least you can do is make it much harder for them to do so.

Start With Encryption

Most web-based email services use encryption when the email is in transit. However, when some services transmit mail between Mail Transfer Agents (MTAs), they may not be using encryption, thus your message is in the open. To become invisible you will need to encrypt your messages.

Most email encryption uses what’s called asymmetrical encryption. That means I generate two keys: a private key that stays on my device, which I never share, and a public key that I post freely on the internet. The two keys are different yet mathematically related.

For example: Bob wants to send Alice a secure email. He finds Alice’s public key on the internet or obtains it directly from Alice, and when sending a message to her encrypts the message with her key. This message will stay encrypted until Alice—and only Alice—uses a passphrase to unlock her private key and unlock the encrypted message.

So how would encrypting the contents of your email work?

The most popular method of email encryption is PGP, which stands for “Pretty Good Privacy.” It is not free. It is a product of the Symantec Corporation. But its creator, Phil Zimmermann, also authored an open-source version, OpenPGP, which is free. And a third option, GPG (GNU Privacy Guard), created by Werner Koch, is also free. The good news is that all three are interoperational. That means that no matter which version of PGP you use, the basic functions are the same.

When Edward Snowden first decided to disclose the sensitive data he’d copied from the NSA, he needed the assistance of like-minded people scattered around the world. Privacy advocate and filmmaker Laura Poitras had recently finished a documentary about the lives of whistle-blowers. Snowden wanted to establish an encrypted exchange with Poitras, except only a few people knew her public key.

Snowden reached out to Micah Lee of the Electronic Frontier Foundation. Lee’s public key was available online and, according to the account published on the Intercept, he had Poitras’s public key. Lee checked to see if Poitras would permit him to share it. She would.

Given the importance of the secrets they were about to share, Snowden and Poitras could not use their regular e‑mail addresses. Why not? Their personal email accounts contained unique associations—such as specific interests, lists of contacts—that could identify each of them. Instead Snowden and Poitras decided to create new email addresses.

How would they know each other’s new email addresses? In other words, if both parties were totally anonymous, how would they know who was who and whom they could trust? How could Snowden, for example, rule out the possibility that the NSA or someone else wasn’t posing as Poitras’s new email account? Public keys are long, so you can’t just pick up a secure phone and read out the characters to the other person. You need a secure email exchange.

By enlisting Lee once again, both Snowden and Poitras could anchor their trust in someone when setting up their new and anonymous email accounts. Poitras first shared her new public key with Lee. Lee did not use the actual key but instead a 40-character abbreviation (or a fingerprint) of Poitras’s public key. This he posted to a public site—Twitter.

Sometimes in order to become invisible you have to use the visible.

Now Snowden could anonymously view Lee’s tweet and compare the shortened key to the message he received. If the two didn’t match, Snowden would know not to trust the email. The message might have been compromised. Or he might be talking instead to the NSA. In this case, the two matched.

Snowden finally sent Poitras an encrypted e‑mail identifying himself only as “Citizenfour.” This signature became the title of her Academy Award–winning documentary about his privacy rights campaign.

That might seem like the end—now they could communicate securely via encrypted e‑mail—but it wasn’t. It was just the beginning.

Picking an Encryption Service

Both the strength of the mathematical operation and the length of the encryption key determine how easy it is for someone without a key to crack your code.

Encryption algorithms in use today are public. You want that. Public algorithms have been vetted for weakness—meaning people have been purposely trying to break them. Whenever one of the public algorithms becomes weak or is cracked, it is retired, and newer, stronger algorithms are used instead.

The keys are (more or less) under your control, and so, as you might guess, their management is very important. If you generate an encryption key, you—and no one else—will have the key stored on your device. If you let a company perform the encryption, say, in the cloud, then that company might also keep the key after he or she shares it with you and may also be compelled by court order to share the key with law enforcement or a government agency, with or without a warrant.

When you encrypt a message—an e‑mail, text, or phone call—use end‑to‑end encryption. That means your message stays unreadable until it reaches its intended recipient. With end‑to‑end encryption, only you and your recipient have the keys to decode the message. Not the telecommunications carrier, website owner, or app developer—the parties that law enforcement or government will ask to turn over information about you. Do a Google search for “end‑to‑end encryption voice call.” If the app or service doesn’t use end-to-end encryption, then choose another.

If all this sounds complicated, that’s because it is. But there are PGP plug-ins for the Chrome and Firefox Internet browsers that make encryption easier. One is Mailvelope, which neatly handles the public and private encryption keys of PGP. Simply type in a passphrase, which will be used to generate the public and private keys. Then whenever you write a web-based email, select a recipient, and if the recipient has a public key available, you will then have the option to send that person an encrypted message.

Beyond Encryption: Metadata

Even if you encrypt your e‑mail messages with PGP, a small but information-rich part of your message is still readable by just about anyone. In defending itself from the Snowden revelations, the US government stated repeatedly that it doesn’t capture the actual contents of our emails, which in this case would be unreadable with PGP encryption. Instead, the government said it collects only the email’s metadata.

What is email metadata? It is the information in the To and From fields as well as the IP addresses of the various servers that handle the email from origin to recipient. It also includes the subject line, which can sometimes be very revealing as to the encrypted contents of the message. Metadata, a legacy from the early days of the internet, is still included on every email sent and received, but modern email readers hide this information from display.

That might sound okay, since the third parties are not actually reading the content, and you probably don’t care about the mechanics of how those emails traveled—the various server addresses and the time stamps—but you’d be surprised by how much can be learned from the email path and the frequency of emails alone.

According to Snowden, our email, text, and phone metadata is being collected by the NSA and other agencies. But the government can’t collect metadata from everyone—or can it? Technically, no. However, there’s been a sharp rise in “legal” collection since 2001.

You’d be surprised by how much can be learned from the email path and the frequency of emails alone.

To become truly invisible in the digital world you will need to do more than encrypt your messages. You will need to:

Remove your true IP address: This is your point of connection to the Internet, your fingerprint. It can show where you are (down to your physical address) and what provider you use.
Obscure your hardware and software: When you connect to a website online, a snapshot of the hardware and software you’re using may be collected by the site.
Defend your anonymity: Attribution online is hard. Proving that you were at the keyboard when an event occurred is difficult. However, if you walk in front of a camera before going online at Starbucks, or if you just bought a latte at Starbucks with your credit card, these actions can be linked to your online presence a few moments later.

To start, your IP address reveals where you are in the world, what provider you use, and the identity of the person paying for the internet service (which may or may not be you). All these pieces of information are included within the email metadata and can later be used to identify you uniquely. Any communication, whether it’s email or not, can be used to identify you based on the Internal Protocol (IP) address that’s assigned to the router you are using while you are at home, work, or a friend’s place.

IP addresses in emails can of course be forged. Someone might use a proxy address—not his or her real IP address but someone else’s—that an email appears to originate from another location. A proxy is like a foreign-language translator—you speak to the translator, and the translator speaks to the foreign-language speaker—only the message remains exactly the same. The point here is that someone might use a proxy from China or even Germany to evade detection on an email that really comes from North Korea.

Instead of hosting your own proxy, you can use a service known as an anonymous remailer, which will mask your email’s IP address for you. An anonymous remailer simply changes the email address of the sender before sending the message to its intended recipient. The recipient can respond via the remailer. That’s the simplest version.

One way to mask your IP address is to use the onion router (Tor), which is what Snowden and Poitras did. Tor is designed to be used by people living in harsh regimes as a way to avoid censorship of popular media and services and to prevent anyone from tracking what search terms they use. Tor remains free and can be used by anyone, anywhere—even you.

How does Tor work? It upends the usual model for accessing a website. When you use Tor, the direct line between you and your target website is obscured by additional nodes, and every ten seconds the chain of nodes connecting you to whatever site you are looking at changes without disruption to you. The various nodes that connect you to a site are like layers within an onion. In other words, if someone were to backtrack from the destination website and try to find you, they’d be unable to because the path would be constantly changing. Unless your entry point and your exit point become associated somehow, your connection is considered anonymous.

To use Tor you will need the modified Firefox browser from the Tor site (torproject.org). Always look for legitimate Tor browsers for your operating system from the Tor project website. Do not use a third-party site. For Android operating systems, Orbot is a legitimate free Tor app from Google Play that both encrypts your traffic and obscures your IP address. On iOS devices (iPad, iPhone), install the Onion Browser, a legitimate app from the iTunes app store.

In addition to allowing you to surf the searchable Internet, Tor gives you access to a world of sites that are not ordinarily searchable—what’s called the Dark Web. These are sites that don’t resolve to common names such as Google.com and instead end with the .onion extension. Some of these hidden sites offer, sell, or provide items and services that may be illegal. Some of them are legitimate sites maintained by people in oppressed parts of the world.

It should be noted, however, that there are several weaknesses with Tor: You have no control over the exit nodes, which may be under the control of government or law enforcement; you can still be profiled and possibly identified; and Tor is very slow.

That being said, if you still decide to use Tor you should not run it in the same physical device that you use for browsing. In other words, have a laptop for browsing the web and a separate device for Tor (for instance, a Raspberry Pi minicomputer running Tor software). The idea here is that if somebody is able to compromise your laptop they still won’t be able to peel off your Tor transport layer as it is running on a separate physical box.

Create a new (invisible) account

Legacy email accounts might be connected in various ways to other parts of your life—friends, hobbies, work. To communicate in secrecy, you will need to create new email accounts using Tor so that the IP address setting up the account is not associated with your real identity in any way.

Creating anonymous email addresses is challenging but possible.

Since you will leave a trail if you pay for private email services, you’re actually better off using a free web service. A minor hassle: Gmail, Microsoft, Yahoo, and others require you to supply a phone number to verify your identify. Obviously you can’t use your real cellphone number, since it may be connected to your real name and real address. You might be able to set up a Skype phone number if it supports voice authentication instead of SMS authentication; however, you will still need an existing email account and a prepaid gift card to set it up.

Some people think of burner phones as devices used only by terrorists, pimps, and drug dealers, but there are plenty of perfectly legitimate uses for them. Burner phones mostly provide voice, text, and e‑mail service, and that’s about all some people need.

However, purchasing a burner phone anonymously will be tricky. Sure, I could walk into Walmart and pay cash for a burner phone and one hundred minutes of airtime. Who would know? Well, lots of people would.

First, how did I get to Walmart? Did I take an Uber car? Did I take a taxi? These records can all be subpoenaed. I could drive my own car, but law enforcement uses automatic license plate recognition technology (ALPR) in large public parking lots to look for missing and stolen vehicles as well as people on whom there are outstanding warrants. The ALPR records can be subpoenaed.

Even if I walked to Walmart, once I entered the store my face would be visible on several security cameras within the store itself, and that video can be subpoenaed.

Creating anonymous email addresses is challenging but possible.

Okay, so let’s say I send a stranger to the store—maybe a homeless person I hired on the spot. That person walks in and buys the phone and several data refill cards with cash. Maybe you arrange to meet this person later away from the store. This would help physically distance yourself from the actual transaction.

Activation of the prepaid phone requires either calling the mobile operator’s customer service department or activating it on the provider’s website. To avoid being recorded for “quality assurance,” it’s safer to activate over the web. Using Tor over an open wireless network after you’ve changed your MAC address should be the minimum safeguards. You should make up all the subscriber information you enter on the website. For your address, just Google the address of a major hotel and use that. Make up a birth date and PIN that you’ll remember in case you need to contact customer service in the future.

After using Tor to randomize your IP address, and after creating a Gmail account that has nothing to do with your real phone number, Google sends your phone a verification code or a voice call. Now you have a Gmail account that is virtually untraceable. We can produce reasonably secure emails whose IP address—thanks to Tor—is anonymous (although you don’t have control over the exit nodes) and whose contents, thanks to PGP, can’t be read except by the intended recipient.

To keep this account anonymous you can only access the account from within Tor so that your IP address will never be associated with it. Further, you should never perform any internet searches while logged into that anonymous Gmail account; you might inadvertently search for something that is related to your true identity. Even searching for weather information could reveal your location.

As you can see, becoming invisible and keeping yourself invisible require tremendous discipline and perpetual diligence. But it is worth it. The most important takeaways are: First, be aware of all the ways that someone can identify you even if you undertake some but not all of the precautions I’ve described. And if you do undertake all these precautions, know that you need to perform due diligence every time you use your anonymous accounts. No exceptions.

Excerpted from The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data, Copyright © 2017 by Kevin D. Mitnick with Robert Vamosi. Used with permission of Little, Brown and Company, New York. All rights reserved.

 www.scamsfakes.com

www.crimefiles.net

www.freephonelink.net

www.policesearch.net

www.ispysite.com

Henry Sapiecha

Evidence points to another Snowden at the NSA it appears

nsa-building-usa image www.intelagencies.com

In the summer of 1972, state-of-the-art campaign spying consisted of amateur burglars, armed with duct tape and microphones, penetrating the headquarters of the Democratic National Committee. Today, amateur burglars have been replaced by cyberspies, who penetrated the DNC armed with computers and sophisticated hacking tools.

Where the Watergate burglars came away empty-handed and in handcuffs, the modern- day cyber thieves walked away with tens of thousands of sensitive political documents and are still unidentified.

Now, in the latest twist, hacking tools themselves, likely stolen from the National Security Agency, are on the digital auction block. Once again, the usual suspects start with Russia – though there seems little evidence backing up the accusation.

In addition, if Russia had stolen the hacking tools, it would be senseless to publicize the theft, let alone put them up for sale. It would be like a safecracker stealing the combination to a bank vault and putting it on Facebook. Once revealed, companies and governments would patch their firewalls, just as the bank would change its combination.

A more logical explanation could also be insider theft. If that’s the case, it’s one more reason to question the usefulness of an agency that secretly collects private information on millions of Americans but can’t keep its most valuable data from being stolen, or as it appears in this case, being used against us.

In what appeared more like a Saturday Night Live skit than an act of cybercrime, a group calling itself the Shadow Brokers put up for bid on the Internet what it called a “full state-sponsored toolset” of “cyberweapons.” “!!! Attention government sponsors of cyberwarfare and those who profit from it !!!! How much would you pay for enemies cyberweapons?” said the announcement.

The group said it was releasing some NSA files for “free” and promised “better” ones to the highest bidder. However, those with loosing bids “Lose Lose,” it said, because they would not receive their money back. And should the total sum of the bids, in bitcoins, reach the equivalent of half a billion dollars, the group would make the whole lot public.

While the “auction” seemed tongue in cheek, more like hacktivists than Russian high command, the sample documents were almost certainly real. The draft of a top-secret NSA manual for implanting offensive malware, released by Edward Snowden, contains code for a program codenamed SECONDDATE. That same 16-character string of numbers and characters is in the code released by the Shadow Brokers. The details from the manual were first released by The Intercept last Friday.

The authenticity of the NSA hacking tools were also confirmed by several ex-NSA officials who spoke to the media, including former members of the agency’s Tailored Access Operations (TAO) unit, the home of hacking specialists.

“Without a doubt, they’re the keys to the kingdom,” one former TAO employee told the Washington Post. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.” Another added, “From what I saw, there was no doubt in my mind that it was legitimate.”

Like a bank robber’s tool kit for breaking into a vault, cyber exploitation tools, with codenames like EPICBANANA and BUZZDIRECTION, are designed to break into computer systems and networks. Just as the bank robber hopes to find a crack in the vault that has never been discovered, hackers search for digital cracks, or “exploits,” in computer programs like Windows.

Credit: MATT MAHURIN

Credit: MATT MAHURIN

The most valuable are “zero day” exploits, meaning there have been zero days since Windows has discovered the “crack” in their programs. Through this crack, the hacker would be able to get into a system and exploit it, by stealing information, until the breach is eventually discovered and patched. According to the former NSA officials who viewed the Shadow Broker files, they contained a number of exploits, including zero-day exploits that the NSA often pays thousands of dollars for to private hacking groups.

The reasons given for laying the blame on Russia appear less convincing, however. “This is probably some Russian mind game, down to the bogus accent,” James A. Lewis, a computer expert at the Center for Strategic and International Studies, a Washington think tank, told the New York Times. Why the Russians would engage in such a mind game, he never explained.

Rather than the NSA hacking tools being snatched as a result of a sophisticated cyber operation by Russia or some other nation, it seems more likely that an employee stole them. Experts who have analyzed the files suspect that they date to October 2013, five months after Edward Snowden left his contractor position with the NSA and fled to Hong Kong carrying flash drives containing hundreds of thousands of pages of NSA documents.

So, if Snowden could not have stolen the hacking tools, there are indications that after he departed in May 2013, someone else did, possibly someone assigned to the agency’s highly sensitive Tailored Access Operations.

In December 2013, another highly secret NSA document quietly became public. It was a top secret TAO catalog of NSA hacking tools. Known as the Advanced Network Technology (ANT) catalog, it consisted of 50 pages of extensive pictures, diagrams and descriptions of tools for every kind of hack, mostly targeted at devices manufactured by U.S. companies, including Apple, Cisco, Dell and many others.

Like the hacking tools, the catalog used similar codenames. Among the tools targeting Apple was one codenamed DROPOUTJEEP, which gives NSA total control of iPhones. “A software implant for the Apple iPhone,” says the ANT catalog, “includes the ability to remotely push/pull files from the device. SMS retrieval, contact-list retrieval, voicemail, geolocation, hot mic, camera capture, cell-tower location, etc.”

Another, codenamed IRATEMONK, is, “Technology that can infiltrate the firmware of hard drives manufactured by Maxtor, Samsung, Seagate and Western Digital.”

In 2014, I spent three days in Moscow with Snowden for a magazine assignment and a PBS documentary. During our on-the-record conversations, he would not talk about the ANT catalog, perhaps not wanting to bring attention to another possible NSA whistleblower.

I was, however, given unrestricted access to his cache of documents. These included both the entire British, or GCHQ, files and the entire NSA files.

But going through this archive using a sophisticated digital search tool, I could not find a single reference to the ANT catalog. This confirmed for me that it had likely been released by a second leaker. And if that person could have downloaded and removed the catalog of hacking tools, it’s also likely he or she could have also downloaded and removed the digital tools now being leaked.

In fact, a number of the same hacking implants and tools released by the Shadow Brokers are also in the ANT catalog, including those with codenames BANANAGLEE and JETPLOW. These can be used to create “a persistent back-door capability” into widely used Cisco firewalls, says the catalog.

Consisting of about 300 megabytes of code, the tools could easily and quickly be transferred to a flash drive. But unlike the catalog, the tools themselves – thousands of ones and zeros – would have been useless if leaked to a publication. This could be one reason why they have not emerged until now.

Enter WikiLeaks. Just two days after the first Shadow Brokers message, Julian Assange, the founder of WikiLeaks, sent out a Twitter message. “We had already obtained the archive of NSA cyberweapons released earlier today,” Assange wrote, “and will release our own pristine copy in due course.”

The month before, Assange was responsible for releasing the tens of thousands of hacked DNC emails that led to the resignation of the four top committee officials.

There also seems to be a link between Assange and the leaker who stole the ANT catalog, and the possible hacking tools. Among Assange’s close associates is Jacob Appelbaum, a celebrated hacktivist and the only publicly known WikiLeaks staffer in the United States – until he moved to Berlin in 2013 in what he called a “political exile” because of what he said was repeated harassment by U.S. law enforcement personnel. In 2010, a Rolling Stone magazine profile labeled him “the most dangerous man in cyberspace.”

In December 2013, Appelbaum was the first person to reveal the existence of the ANT catalog, at a conference in Berlin, without identifying the source. That same month he said he suspected the U.S. government of breaking into his Berlin apartment. He also co-wrote an article about the catalog in Der Spiegel. But again, he never named a source, which led many to assume, mistakenly, that it was Snowden.

In addition to WikiLeaks, for years Appelbaum worked for Tor, an organization focused on providing its customers anonymity on the Internet. But last May, he stepped down as a result of “serious, public allegations of sexual mistreatment” made by unnamed victims, according to a statement put out by Tor. Appelbaum has denied the charges.

Shortly thereafter, he turned his attention to Hillary Clinton. At a screening of a documentary about Assange in Cannes, France, Appelbaum accused her of having a grudge against him and Assange, and that if she were elected president, she would make their lives difficult. “It’s a situation that will possibly get worse” if she is elected to the White House, he said, according to Yahoo News.

It was only a few months later that Assange released the 20,000 DNC emails. Intelligence agencies have again pointed the finger at Russia for hacking into these emails.

Yet there has been no explanation as to how Assange obtained them. He told NBC News, “There is no proof whatsoever” that he obtained the emails from Russian intelligence. Moscow has also denied involvement.

There are, of course, many sophisticated hackers in Russia, some with close government ties and some without. And planting false and misleading indicators in messages is an old trick. Now Assange has promised to release many more emails before the election, while apparently ignoring email involving Trump. (Trump opposition research was also stolen.)

Edward Snowden speaks via video link from Moscow to attendees at a discussion about an International Treaty on the Right to Privacy, Protection Against Improper Surveillance and Protection of Whistleblowers in New York City, September 24, 2015. REUTERS/Andrew Kelly

Edward Snowden speaks via video link from Moscow to attendees at a discussion about an International Treaty on the Right to Privacy, Protection Against Improper Surveillance and Protection of Whistleblowers in New York City, September 24, 2015. REUTERS/Andrew Kelly

In hacktivist style, and in what appears to be phony broken English, this new release of cyberweapons also seems to be targeting Clinton. It ends with a long and angry “final message” against “Wealthy Elites . . . breaking laws” but “Elites top friends announce, no law broken, no crime commit[ed]. . . Then Elites run for president. Why run for president when already control country like dictatorship?”

Then after what they call the “fun Cyber Weapons Auction” comes the real message, a serious threat. “We want make sure Wealthy Elite recognizes the danger [of] cyberweapons. Let us spell out for Elites. Your wealth and control depends on electronic data.” Now, they warned, they have control of the NSA’s cyber hacking tools that can take that wealth away. “You see attacks on banks and SWIFT [a worldwide network for financial services] in news. If electronic data go bye-bye where leave Wealthy Elites? Maybe with dumb cattle?”

Snowden’s leaks served a public good. He alerted Americans to illegal eavesdropping on their telephone records and other privacy violations, and Congress changed the law as a result. The DNC leaks exposed corrupt policies within the Democratic Party.

But we now have entered a period many have warned about, when NSA’s cyber weapons could be stolen like loose nukes and used against us. It opens the door to criminal hackers, cyber anarchists and hostile foreign governments that can use the tools to gain access to thousands of computers in order to steal data, plant malware and cause chaos.

It’s one more reason why NSA may prove to be one of Washington’s greatest liabilities rather than assets.

About the Author

James Bamford is the author of The Shadow Factory: The Ultra-Secret NSA From 9/11 to the Eavesdropping on America. He is a columnist for Foreign Policy magazine.

www.ispysite.com

Beautiful_Russian_2_300_250

Henry Sapiecha

 

“Skynet” is 4 real, and maybe flag you as a terrorist

National security

terminator-skynet image www.intelagencies.com

A scene from “Terminator.” (Screenshot: Warner Bros. via CNET/CBS Interactive)

It may not be quite the self-aware computer network that takes over millions of computers and machines, but “Skynet” is real.

Documents published by The Intercept, leaked by NSA whistleblower Edward Snowden, confirm that the Skynet program exists — at least in name only. Its name comes from the intelligent computer defense system in the “Terminator” films, which later destroys most of humanity in a nuclear apocalypse.

The National Security Agency program analyzes location and metadata from phone records to detect potentially suspicious patterns, according to the publication. In one example, it was used to identify people that act as couriers between al-Qaeda leadership. (This may have been the program that helped identify Osama bin Laden’s courier, leading to his targeted killing in Pakistan by US forces in 2011.)

According to one of the documents, it uses “behavior-based analytics,” such as low-use phones that only take incoming calls, SIM card or handset swapping, or frequent disconnections from the phone network (such as powering down cellphones). Also, repeated trips mapped out by location data, including visits to other countries or airports, can flag a person as being suspicious — or a potential terrorist.

More than 55 million cell records collected from major Pakistani telecom companies were fed into the Skynet system to determine targets of interest, the document said.

But questions remain around why the program flagged a prominent Al Jazeera journalist as a “member” of al-Qaeda. It’s probably not a surprise that the system alerted on Ahmad Muaffaq Zaidan, a Syrian national, based on his frequent travel between Afghanistan and Pakistan. But the fact that it identified him as a member of a terrorist group is a mystery, as well as a great concern.

Zaidan “absolutely” denied that he is a member of al-Qaeda, and criticized the US government’s “attempt at using questionable techniques to target our journalists.”

5FY6RBJU

Henry Sapiecha

Inside the global terror watch-list that secretly shadows millions

The database contains profiles on millions of “heightened-risk individuals,” and is used by dozens of leading banks, governments, and spy agencies

thomson-reuters-times-square image www.intelagencies.com

Thomson Reuters building in Times Square, New York. (Image: file photo)

There is a private intelligence database, packed full of personal details of millions of “heightened-risk” individuals, which is secretly having a devastating effect on those who are on it. Most have no idea they’re under the watchful gaze of some of the world’s largest and most powerful organizations, governments, and intelligence agencies.

But for its worth and value, it wasn’t nearly kept secure enough.

A copy of the database, dating back to mid-2014, was found on an unsecured server hosted by a London-based compliance company, which specializes in “know your customer” profiling and anti-money laundering services.

Chris Vickery, a security researcher at MacKeeper, who found the database, told me that it was stored on a server configured for public access.

This influential yet entirely unregulated database called World-Check lists over 2.2 million corporations, charities, and individuals — some notable, like politicians and senior government officials — which might be connected to illegal activities, like sanctions, violations or financial mismanagement.

Some have been pinned under the database’s “terrorism” category, or are thought to be connected to financing violence.

This data could affect a person’s ability to be lent money by a bank, their employment opportunities, and even influence the people who do business with them — simply based on a designation.

Word of the database first widely emerged earlier this year when Vice News disclosed the existence of the project. It said the database was “secretly wielding power over the lives of millions” who are said to have “hidden risk,” such as those who are violating sanctions or have laundered money or a connection to criminals — which has been linked to account closures and bank blacklisting. As the news site pointed out, simply being a high-profile individual can label someone at risk of bribery.

The report said the database now has over 2.7 million entries — including over 93,000 records relating to those associated with terrorism.

No wonder it’s popular with law enforcement agencies and government departments, which subscribe to the database in an effort to uncover potentially improper conduct. Most of the world’s largest banks and law firms, and over 300 government and intelligence agencies are subscribers, according to a 2015 sales document from its owner, information and finance giant Thomson Reuters, which in 2011 bought the company for $530 million .

Because of the sensitivity of the data, access is limited to a few thousand customers, which have been carefully vetted and are bound by secrecy and non-disclosure agreements.

Vickery reported the leak to Thomson Reuters, but he still went public in an effort to spark a debate on whether these profiling databases are being run appropriately.

“If governments and banks are going to alter lives based upon information in a database like this, then there needs to be some sort of oversight,” he said in an email.

The problem is, there isn’t.

Vickery shared access to the database with ZDNet.

Each profile lists a person’s potential risks such as “narcotics” or “terrorism,” “organized crime,” or “politically exposed person.” Given the list’s potential power to alter a person’s opportunities, many would not approve of their name being on it.

Take one example. Maajid Nawaz ran for the British parliament as a Liberal Democrat in the last election, as profiled by Vice. He is a former member of the radical Islamic group Hizb ut-Tahrir, which calls for its own Islamic state. He was detained in Egypt for five years, but is best known for his publicized and well-documented transition away from radical views. He later set up a think-tank dedicated to challenging the extremist narrative, and advised former prime ministers from Tony Blair onwards on Islamic extremism. And yet, after looking up his profile on the World-Check database, created in 2002, it’s still maintained with a “terrorism” tag and updated as recently as August 2013, despite “no further information recorded,” let alone any connection to extremists or terrorists.

nawaz copy www.intelagencies.com

He called the database “archaic,” and said that the inclusion of his name has had a “material impact” on his life.

It’s not just individuals who are designated as affiliates with terrorism, despite equally publicly available data to suggest the contrary.

A BBC investigation last year showed the process behind banking giant HSBC’s bid to shut down accounts associated with several prominent British Muslims. A mosque in North London was given a “terrorism” label, despite new management that was installed more than a decade ago.

Other names in the database include diplomats and ambassadors, and senior ranking officials associated with global financial institutes, such as the World Bank, as was previously reported.

Based on how profiles are built, potentially anyone with an internet footprint could be included.

Much of the data comes from law enforcement sources, political information, articles, blog posts, and social media, among other sources. From the records we looked at, the data would often contain names, locations, and dates of birth and details of education. but also in some cases social security numbers, and citizenship and passport numbers were included.

The profiles themselves often have little or no justification for the entry. From our searches, we found high ranking global government officials who were named in the files yet there was no visible or clear justification for why they were there. In most cases there were just a handful of external links to publicly available documents, like speeches, election results or pages linking to official government websites for justification of their presence.

Many of the “reports” list a person’s risk as “to be determined,” suggesting there were no improprieties, illegal activities, or even an apparent reason for a profile, except for their status as a public figure.

The database we examined is two years old, and the records may have changed since, however.

A spokesperson for Thomson Reuters didn’t specifically respond to a question in relation to how profiles are built, vetted, or designated, but pointed me to the World Check privacy policy, which reiterates its effort to get data based on information in the public domain.

This entire market of “know your customer” and profiling remains unregulated and ungoverned — despite being used by some of the most powerful countries and organizations today. This industry is growing at a rapid rate — some say by over $30 billion by the start of the next decade. Even though the service has to stand up to strict European and UK data protection rules, a lack of public scrutiny and accountability makes that task almost impossible.

Those who are named in the database have little or no recourse to have their data corrected or removed.

In Nawaz’s case, Thomson Reuters reportedly removed his profile earlier this year. But given that the contents of the database are shrouded in secrecy, not everyone will have the same luck, let alone know they’re on a database in the first place.

SDNN
Henry Sapiecha

IBM to set up cyber centre in Canberra

Led by a former federal police assistant commissioner, the new centre is intended to bring together business and government to tackle security issues.

IBM-Logo-in-blue image www.intelagencies.com

IBM has announced that it will create a National Cyber Security Centre (NCSC) in Canberra, to be headed by Kevin Zuccato, a former Australian Federal Police assistant commissioner and head of the Australian High Tech Crime Centre.

The company said the NCSC would allow access to IBM’s threat-sharing platform used by more than 2,000 businesses around the world, provide emergency response teams for security incidents, and would be partnering with its Australian Security Development Lab on the Gold Coast.

“With the establishment of the IBM National Cyber Security Centre in Canberra, we will provide a destination for government and organisations to proactively collaborate on strategy and policy,” said Kerry Purcell, IBM ANZ managing director. “The NCSC will drive a culture of innovation and openness, essential if we are to tackle this growing issue for every organisation.”

IBM did not specify the timing of the centre’s opening, nor the number of employees it would have.

The new centre will align with the federal government’s cyber strategy, IBM said, and will look to support both government and business in improving information security capabilities.

Announced in April, the AU$240 million Cyber Security Strategy had as its centrepiece the sharing of threat information between business and government, using the existing Australian Cyber Security Centre (ACSC) and new portals in capital cities.

As part of the package, the government said it would create two new roles: Minister assisting the prime minister on cyber security, and special adviser on cyber security within the Department of Prime Minister and Cabinet — the latter of which was filled by former e-safety commissioner Alastair MacGibbon.

In its Defence White Paper, launched in February, the Australian government said it would spend between AU$300 million and AU$400 million over the decade to the 2025-26 financial year on its Cyber Security Capability Improvement program

SPP

Henry Sapiecha

 

Dozens of government agencies request access to citizen metadata without warrants

man peeps behind blind image www.intelagencies.com

Nearly all the agencies which accessed citizens’ private information in the past have applied for continued access. Photo: Louise Kennerley

Nearly all of the government agencies which last year snooped on citizens’ phone and internet records without warrants have reapplied to access the data following the introduction of legislation which was meant to reduce the scope of access.

Sixty-one non-law enforcement federal and state agencies, including organisations such as Australia Post and Sydney’s Bankstown City Council, have applied to access citizens’ metadata for pursuing criminal activity or protecting public revenue.

The telecommunications data may include information such as phone numbers and addresses of people who called each other, or email addresses and the times messages were sent.

Attorney-General George Brandis image www.intelagencies.com

Attorney-General George Brandis has yet to decide which agencies may have access to telecommunications metadata.

By comparison, the latest official government report on metadata access, covering a period before new mandatory data retention legislation came into effect in October last year, showed 69 agencies accessed metadata. At that time they were automatically authorised to access this data, however following the legislation, non-law enforcement agencies must now apply directly to federal Attorney-General George Brandis for temporary approval to access metadata for up to 40 parliamentary sitting days.

No warrant is required to access the data.

A spokesperson for the Attorney-General’s department said Mr Brandis had not temporarily approved metadata access to any agencies who requested access.

The list of agencies was revealed in a Freedom of Information request filed by former Electronic Frontiers Australia vice chair Geordie Guy, and released to the public on Monday.

More agencies may have requested metadata access since Mr Guy’s FOI request was filed in November last year.

Digital rights group Electronic Frontiers Australia has called on Mr Brandis to reject most of the agencies’ applications.

EFA executive director Jon Lawrence said “only two or three” agencies would have legitimate reasons to access the private information.

“If the Attorney-General is serious about the integrity of his legislation and about protecting the civil liberties of all Australians, then he must act swiftly to reject the majority of these applications,” Mr Lawrence said.

In previous years local city councils have come under fire for using information gleaned from residents’ metadata to chase small-time infringers and recoup fines.

Melbourne’s Knox City Council last year accessed call charge records, and name and address details, to prosecute people who damaged property or were guilty of cruelty against animals or illegal signage, a council spokesperson said.

Bankstown City Council in Sydney appears to be the only council so far to have reapplied for access under the new regime.

A Bankstown spokesperson previously told Fairfax media the council used data to catch residents who dumped waste illegally. The agency made 13 information requests in the year to June 2015.

EFA’s Mr Lawrence said such matters were “hardly a national security issue” which might have justified its access to private information.

Other government agencies which have reapplied to access private communication records include Australia Post — which made 625 information requests last year — state racing bodies, the RSPCA and the Tax Office.

Australia Post has previously said that it requests phone records from telecommunication companies so it can chase people who steal phones or SIM cards from its stores, or pursue people who make “serious threats” to staff or engage in corruption and fraud.

The frequency of metadata requests from non-law enforcement agencies grew 9 per cent last year.

Below is the full list of agencies that applied for access to the data, except for four that were redacted in the FOI documents as their disclosure would be “contrary to the public interest”.

1. Australian Financial Security Authority, Commonwealth
2. Australian Health Practitioner Regulation Agency (AHPRA), Commonwealth
3. Australian Postal Corporation, Commonwealth
4. Australian Taxation Office, Commonwealth
5. Australian Transaction Reports and Analysis Centre, Commonwealth
6. Civil Aviation, Safety Authority (CASA), Commonwealth
7. Clean Energy Regulator, Commonwealth
8. Department of Agriculture, Commonwealth
9. Department of Defence (ADFIS and IGD), Commonwealth
10. Department of the Environment, Commonwealth
11. Department of Foreign Affairs and Trade, Commonwealth
12. Department of Health, Commonwealth
13. Department of Human Services, Commonwealth
14. Department of Social Services, Commonwealth
15. Fair Work Building and Construction, Commonwealth
16. National Measurement Institute, Commonwealth
17. ACT Revenue Office, ACT
18. Access Canberra (Department of Treasury and Economic Development), ACT
19. Bankstown City Council, NSW
20. Consumer Affairs, VIC
21. Consumer, Building and Occupational Services (Consumer Affairs and Fair Trading – Department of Justice), TAS
22. Consumer and Business Services, SA
23. Department of Agriculture, Fisheries and Forestry, QLD
24. Department of Commerce, WA
25. Department of Corrective Services, WA
26. Department of Environment and Heritage Protection, QLD
27. Department of Economic Development, Jobs, Transport & Resources (Fisheries), VIC
28. Department of Environment, Land, Water and Planning, VIC
29. Department of Environment Regulation, WA
30. Department of Fisheries, WA
31. Department of Justice and Regulation (Consumer Affairs), VIC
32. Department of Justice and Regulation (Sheriff of Victoria), VIC
33. Department of Mines and Petroleum, WA
34. Department of Primary Industries (Fisheries), NSW
35. Environment Protection Authority, SA
36. Greyhound Racing Victoria, VIC
37. Harness Racing New South Wales, NSW
38. Health Care Complaints Commission, NSW
39. Legal Services Board, VIC
40. NSW Environment Protection Authority, NSW
41. NSW Fair Trading, NSW
42. Office of Environment & Heritage, NSW
43. Office of Fair Trading (Department of Justice And Attorney-General Office of the Director General), QLD
44. Office of State Revenue, NSW
45. Office of State Revenue, QLD
46. Office of the Racing Integrity Commissioner, VIC
47. Primary Industries and Regions South Australia (PIRSA), SA
48. Queensland Building and Construction Commission, QLD
49. Racing and Wagering Western Australia, WA
50. Racing NSW, NSW
51. Racing Queensland, QLD
52. Roads and Maritime Services NSW, NSW
53. Royal Society for the Prevention of Cruelty to Animals (RSPCA), VIC
54. State Revenue Office, VIC
55. Taxi Services Commission, VIC
56. RevenueSA, SA
57. Victorian WorkSafe Authority, VIC

ooo

Henry Sapiecha

French Government Knew The Terrorist Attack Would Happen In Paris!

Published on Nov 16, 2015

In this video Luke Rudkowski shows you stunning new information that proves the French government had direct foreknowledge of the terrorist attacks that took place on 11/13/15. He goes over documents, sources and reports that connect the dots with one another, that provides important information to understanding this terrorist attack.

ooo

Henry Sapiecha

UK refuses to reveal how many lawmakers are under surveillance

UK Home secretary Theresa May did confirm that members of devolved parliaments and the European Parliament are not subject to wiretap protections.

UK home secretary Theresa May speaking on BBC radio image www.intelagencies.com

UK home secretary Theresa May speaking on BBC radio (Image: BBC/Twitter; file photo)

The UK’s home secretary Theresa May has refused to confirm how many fellow lawmakers have had their communications intercepted by British intelligence agencies.

In a brief confrontation in the parliament’s House of Commons on Monday, fellow Conservative Peter Bone MP said May’s refusal to answer was an “indication” that some members of parliament (MPs) have been subject to surveillance by UK intelligence agencies.

The emergency session follows a ruling last week that determined the so-called Wilson Doctrine, a promise made by former prime minister Harold Wilson that said members of parliament won’t have their mail opened or phones tapped by the intelligence agencies without his direct knowledge, was no longer valid.

May said the doctrine “still applies,” but confirmed that devolved members of parliament in Scotland (MSPs), Wales, and Northern Ireland, as well as members of the European Parliament (MEPs), are not protected by the doctrine.

Joanna Cherry MP, a Scottish member of parliament, criticized May’s response, asking why the government thinks the Scottish parliament is “less deserving” of the doctrine’s protection. She added that the home secretary’s “caveated” comments about the doctrine in 2014 suggested the doctrine may have been partly suspended around the time of the Scottish national independence referendum, a national vote that saw Scotland remain as part of the United Kingdom.

Caroline Lucas MP, who brought the case under debate to the Investigatory Powers Tribunal, said lawmakers had been “misled” over the level of protections MPs are afforded under the doctrine.

Doctrine ‘cannot work sensibly’

Until last week, the doctrine was kept in force by every prime minister since Wilson, but was expanded in 2002 when former prime minister Tony Blair said the doctrine applied to “all forms” of communications.

But last week, James Eadie QC told the Investigatory Powers Tribunal (IPT), which hears complaints against the intelligence agencies, that the doctrine “simply cannot work sensibly” in an age of bulk data collection and mass surveillance, and did not have the force or weight of the law.

The IPT said that the UK’s spy agencies MI5, MI6, and GCHQ — the eavesdropping agency whose activities were detailed in an extensive range of documents leaked by whistleblower Edward Snowden — have their own separate policies that do not require for the prime minister to be informed where parliamentary communications were collected.

MPs were quick to respond with anger, amid concerns that emails sent to and from parliamentary offices may have been collected or spied on.

In a letter to the prime minister David Cameron, Scottish first minister Nicola Sturgeon asked for clarification, arguing “the confidentiality of communications between parliamentarians and their constituents is of the utmost importance,” according to The Guardian.

MPs not ‘above the law’

Many of the lawmakers on Monday argued that the need to protect their communications from surveillance was to protect whistleblowers, and not about driving a wedge of privilege between them and the public.

David Davis MP, a Conservative politician known for being pro-civil liberties, and who has almost always voted against requiring the mass retention of information about communications, said MPs need the doctrine’s protections against government surveillance because their job is to “hold the government to account.”

He argued that MPs often “deal with campaigners, journalists, whistleblowers, and our own constituents” in bringing to light wrongdoing disclosed by members of the public, including police and public-sector workers, and employees of big corporations.

Chris Bryant MP, who called for the emergency debate following last week’s ruling, argued that MPs “cannot ever be above the law,” a sentiment echoed by others, including the home secretary.

Bryant, a Labour MP with a long record of voting in favor of data retention and communications collection legislation, accused May of withholding any public statement about a change in the doctrine’s standing because it wasn’t “compatible” with the current state of national security.

Davis, in agreement with Lucas and others, said the the doctrine must be enshrined into law.

May will “soon” introduce the so-called “snoopers’ charter,” first mentioned earlier this year in the Queen’s annual speech.

Known as the Investigatory Powers Bill, the Conservative government said the draft law would give authorities “tools” to keep the public safe by addressing gaps in existing intelligence gathering.

Dominic Grieve MP, chair of the Security and Intelligence Committee which oversees the intelligence agencies, said the committee will examine how parliamentarians will be treated under the new draft bill.

ooo

Henry Sapiecha

RUSSIAN HACKERS GET INTO THE DOW JONES BUSINESS PROFITS FORECAST SYSTEM

A man types on a computer keyboard in Warsaw in this February 28, 2013 illustration file picture. REUTERS/Kacper Pempel/Files

Russian hackers had infiltrated Dow Jones & Co to steal information to trade on before it was made public, and the breach was “far more serious than a lower-grade intrusion” disclosed by the company, Bloomberg reported, citing sources.

The Federal Bureau of Investigation, Secret Service and the Securities and Exchange Commission are leading an investigation, which began at least a year ago, Bloomberg reported. (bloom.bg/1LSxcUI)

“We have received no information from the authorities about any such alleged matter,” Dow Jones spokeswoman Colleen Schwartz said in an email, adding that the company was looking into the report.

Dow Jones, the publisher of the Wall Street Journal and a unit of Rupert Murdoch’s News Corp, disclosed last week a breach of its systems that put payment card and contact information of about 3,500 individuals at risk.

Dow Jones had said that there was unauthorized access to its systems at certain times between August 2012 and July 2015.

“We are aware of the Dow Jones intrusion and looking into it,” FBI spokeswoman Kelly Langmesser said via email.

Langmesser added that she could not confirm anything else in the Bloomberg report.

The hackers sought information including stories being prepared for publication, Bloomberg said on Friday, citing two people familiar with the investigation.

The Secret Service could not be immediately reached for comment on the Bloomberg report. The SEC declined to comment

OOO

Henry Sapiecha