US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet

An anonymous reader sends this news from the Washington Post: "U.S. intelligence services carried out 231 offensive cyber-operations in 2011, the leading edge of a clandestine campaign that embraces the Internet as a theater of spying, sabotage and war, according to top-secret documents [from Edward Snowden]. Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed 'covert implants,' sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions. ... The implants that [an NSA group called Tailored Access Operations (TAO)] creates are intended to persist through software and equipment upgrades, to copy stored data, 'harvest' communications and tunnel into other connected networks. This year TAO is working on implants that “can identify select voice conversations of interest within a target network and exfiltrate select cuts,” or excerpts, according to one budget document. In some cases, a single compromised device opens the door to hundreds or thousands of others."

wow

[alienzed]

that is so cool.

Re:wow

[Zaldarr]

Not to mention fucking terrifying.

Re:wow

[Digital+Ebola]

Yeah. And to think that they can't secure their own networks, hence that Snowden got this out.

Sometimes I wonder if the NSA planted some or all of this stuff to impress the hell out of the world and strike fear into the hearts of the Opposition. I mean, this is straight out of a Sci-Fi plot: Homer Simpsonvich brings one infected iPod into his FSB headquarters, and soon the whole goddamned place is full of programs that are listening in on anything in sight, autonomously making cuts to exfiltrate back to Ft. Meade, copying anything that looks interesting, and surviving whatever the Opponents do to the host machines.

Securing a network is always harder than attacking a network and you can never fully understand a person's intentions when you grant them access. I'm sure a small part of what they publish is a psyop of some kind but for the most part, yes, sci-fi is reality. We are not the only ones doing it and we may not even be the best.

When you start to consider everyone who is "operating" on the Internet, things get really scary, really quick. The new cold war will be one of constant paranoia of an attack that can influence a piece of critical infrastructure. There have been small rumored instances but until the Hiroshima of the online world happens, it will be a constant game of shadows and you never, ever, fully know or understand an operator's capabilities.

Sci-fi, indeed.

Re:wow

This is why the critical infrastructure, whose failure could cost lives and fortunes, doesn't belong on the network. The sluice gates on the dam, the control rods in the reactor, the ventilator machine standing between granny and the reaper—none of that belongs on a network. So what if you have to pay someone to get off his ass and check an inconvenient readout manually: at least that's a job created in an otherwise machine-driven economy.

Re:wow

[ron_ivi]

Norton 360 that is completely worthless against their root kit?

For all we know, Norton 360 might *be* their root kit.

Re:wow

[tragedy]

Considering that the US has been, in recent years espousing the theory that cyber-attacks should be treated as real acts of war, suitable for real retaliation with real weapons, I would say it's pretty terrifying.

Re:wow

[thoth]

So what if you have to pay someone to get off his ass and check an inconvenient readout manually: at least that's a job created in an otherwise machine-driven economy.

But that cuts into profits and corporations have shown repeatedly they'll throw anyone/anything under the bus to maintain their profit margin.

Re:wow

[fluffy99]

Norton 360 that is completely worthless against their root kit?

For all we know, Norton 360 might *be* their root kit.

So you use Kaspersky instead? You realize that it's banned by DOD because of "supply chain concerns".

Re:wow

[temcat]

Yeah, because it may contain competitor's rootkit instead of their own.

Re:wow

[rainer_d]

This is why the critical infrastructure, whose failure could cost lives and fortunes, doesn't belong on the network.

Didn't help Iran when STUXNET hit, did it?
The truth is: if you have no network-connection, people start using USB-sticks over and over - which creates a completely different attack-surface.
Air-gapping critical infrastructure isn't a bad idea - but it can't be an excuse to not secure these system at all.

Allies?

[rtb61]

Allies, "ALLIES", we don't need no stinkin' Allies. All of it, ALL OF IT, ours, we, want it all, exploit it, burn it, the whole world, it's ours, Ours, OURS.

Seriously out of control. Looks like Chinese hardware is the least of the worlds problems. With the US Stupidity Services trying to purposefully break everyone's networks and insert back doors that only they, and their contractors, and anyone who wants to pay those contractors knows about.

Morons there is no such thing as an exclusive back door. Once you broken the security of other countries networks, you leave access for anyone waiting to exploit, bet anything you like those morons did not at all to monitor and ensure those back doors were not exploited by others. I wonder how many times now the US government has blatantly lied about cyber attacks they launched that have been discovered and then blamed on other countries and pseudo organisation like Anonymous.

How many attacks have they launched they were designed to do nothing else but increase their budget?

Re:Allies?

[NoKaOi]

Personally, I take comfort in knowing that this will only be used against foreigner's computers, since I am a US citizen. Just like how we were assured the collection of phone data only applied to foreigners. Damn it, why does my CPU usage keep spiking?

Re:Allies?

[erikkemperman]

John Bolton [theguardian.com] has a more nuanced view. No doubt you will disagree.

I'm not particularly nuanced, I don't suppose. Point taken. But are you now posting op-eds in support of your claim? By John Bolton, no less... The pinnacle of nuance, to be sure. But all right, rather than shoot the messenger, which would be easy here, let's look at what he wrote. (Note to others, the following quotes are Bolton, not cold fjord)

Snowden initially violated his oath to safeguard the national security secrets entrusted to him by revealing National Security Agency (NSA) programs arguably affecting the privacy of US citizens

Conventiently not mentioning his other, more fundamental, oath to protect the US constitution? Also, "arguably affecting the privacy"... We can omit the "arguably" here, it seems to me; that has been Snowden's main point (which has not been creditably disputed, as far as I know).

Snowden's sympathizers and anti-American activists have so far largely controlled his story line

Cleverly mentioning "Snowden sympathizers" and "anti-American activists" in close conjunction. The implication being, without actually demonstrating, that they are one and the same. Echoes of Al-Qaeda and Iraq, a decade ago. Bolton's statement that these have "controlled the story line" is arguably true, but not for lack of trying.

We do not yet know whether Snowden jeopardized US agents, but vital sources and methods of intelligence gathering and operations are clearly at risk

Hm, that contradicts the point you were making about how thousands of operatives were already in grave danger. Although I suppose you will say that you were talking about UK operatives. Ok, I'll give you that, sort of.

Snowden has given Beijing something it couldn't achieve on its own: moral equivalence. Now, China can portray itself as a victim, besieged by America, and simply trying to defend itself.

Do you really not see the hypocrisy here? For years the West has accused China and Russia of doing exactly what they were themselves doing all along. So the "damage" here is that the falsely claimed moral highground is now exposed as dishonest fiction.

Snowden's initial leaks on NSA programs also caused substantial political harm, above and beyond the intelligence damage. Several European governments which co-operated with the US are now predictably running for the tall grass, endangering the continuity of existing programs and damaging prospects for future co-operation

Again, taking for granted that *of course* the US were spying on allies, this doesn't even need defending in Bolton's world. The damage is in showing the hypocrisy. Bolton thinks this is a wonderful argument, I say that this statement, coming from a senior US (ex)official, just discredits US diplomacy even further.

As with the Bradley Manning/WikiLeaks exposure of thousands of classified State Department and Pentagon cables, Europeans want to know why Washington can't protect sensitive information.

False, Europeans want to know why their supposed partners in Washington are treating them like adversaries. The bulk of the cables, I might add, turned out to be "embarrassing" rather than "dangerous" to the US.

But Beijing does not deserve moral equivalence, given the intensity of its cyber-attacks against America. The key point is that China struck first, developing a pronounced asymmetric advantage.

I don't know who struck first, if that even makes sense, but I notice Bolton doesn't give any argument to support his claim. What has been revealed though, is that the West was striking for a long time while publicly denying it.

Then he does a bit of character assassination, I am in no position to judge either way. My personal impression, though it should not count for much, is that Snowd

Conspiracy theory: Bitcoin crash of April 2013

[elucido]

Who believes the US government had something to do with it?
Suddenly after meeting with regulators the price recovers?
Conclusion: Promote regulation of the Bitcoin network as it's correlated with a rise in the price.

holy shit

[Laxori666]

Time for me to destroy my webcam and make sure no device on my computer has a microphone.

Re:holy shit

[wmac1]

Then you shouldn't take and store photos and videos (obviously using and on your computer). You shouldn't use phone (since it has a microphone and possibly camera).. You shouldn't use Windows, ... and Android, ...oh and Linux and almost every connected device and software.

Basically it is a frightening fact that we can hardly run from ubiquitous surveillance since the whole connected electronics devices can be used for spying on us. Unless you leave in a farm, do not have communication devices and spend cash only. But I doubt even that would be enough.

Can we have Orwell's 1984 instead?

It may be a coincidence

[sandbagger]

But I can't find a single typewriter in any antique shops any more.

Re:Now, for the other angle, is this treason?

[oheso]

Whistleblowing on a secret US government agency that's governed (if at all) by secret laws and secret courts, and is clearly out of control? Sorry, that would never cross the line into treason. It's the agency which is breaking the law.

Re:Now, for the other angle, is this treason?

[tragedy]

What operatives? None of the people involved in this are working undercover, they're working in cubicles in office blocks in the US.

Re:i thought snowden....

[DrLang21]

He had already leaked it all to the Guardian. The information is out now. He just can't effectively comment on any of it anymore.

Serious question for the Linux community

[Mr_Plattz]

Like everyone else on slashdot, I only run Debian and must say I smile when I see reports such as country sponsored malware strikes like this. But it does make me ask an honest question:

How can we be sure that the Linux kernel isn't compromised? I don't really have the time to go through all lines of code and I doubt my security analysis and development skills are up to the task anyway.

Re:Serious question for the Linux community

[tftp]

I bet that if such a backdoor was discovered by China or Russia, that they'd use it as a propaganda weapon and we'd thus know about it.

It would be more realistic to expect them to use the backdoor to their advantage, while it lasts.

Some backdoors are very hard to detect because there is no obvious bug or a backdoor in any one place; with the size of the code base as it is, who would be crawling through the source of some USB driver that works just fine? As a crude example:

static int a[MAX_LENGTH];
void ioctl_handler(int i, int d) {
int *p = &a[0] + GetOffset(i, MAX_LENGTH);
*p = d;
}

There is no bug here. Now, elsewhere:

int GetOffset(int i, int len) { return (i < len?) i : (len-1); }

Welcome to poking any RAM location of your choice (limited only by sizeof(int).)

Re:Serious question for the Linux community

[blackest_k]

I'm wondering if many of us have backdoored ourselves with Skype.

It has been reported that it accesses /ect/password and also reads the bookmarks in firefox. While the later seems harmless initially isn't this similar to the meta-data collected from email exchanges that the nsa is known to collect. I'm sure there is value in knowing what people are reading at some point you may become discontent enough to become a radical or terrorist.

Unfortunately Skype is generally installed by giving the skype installer root access. There is no need to find an exploit when the system user installs your trojan willingly.

We already know skype is not secure for communication and has changed from peer to peer communication to running via microsofts servers. However it is still pretty useful, about the best cross platform messenger client out there. I don't use skype to say anything that is likely to warrant any action from the nsa, so its not a real problem right?

However the access that skype has to my machine is bothering me especially the potential access to passwords, am I giving the nsa the equivalent of ssh access to my machine?

I believe its possible to install skype as its own user and without giving skype root at anytime but apart from some instructions on securing skype on arch wiki I can't find anything else.

Is there anyone here who can share how to install skype sandboxed so it has a much more limited access to peoples machines?

As someone who doesn't feel there is any reason for the nsa to want to snoop on him i still see some utility in skype (what is the cross platform alternative) but i really don't like the idea that the nsa already has access to my personal files and my passwords.

It is a bit cocky to be thinking you're secure since you don't run windows, when you may well have welcomed in the nsa giving them the keys to your 'secure' systems.

 

Re:at what point do illegal, secret acts of war

[Jmc23]

We aren't talking about the beacon of the free world, we're talking about the USA!

Re:Now, for the other angle, is this treason?

[elucido]

It is really, really easy to turn a blind eye to the evil one's government perpetrates when that evil is not directed at one's self or one's loved ones, and when in fact these benefit in some way from said evil.

Does all this evil keep our economy strong (possibly at the expense of other economies)? Does it keep stuff cheap at walmart? Does it keep the movies and tv programs flowing? Does it keep most of us basically comfortable in our lives? Then maybe we just won't bother sticking our necks out for a bunch of foreigners who offer nothing to us in return.

What is it that you want people to do exactly? Do you think we have any control over what intelligence agencies do? If we try to stop them then their allies will be in the position to do to us and our loved ones exactly what the US intelligence agencies are capable of doing to people in your country.

You don't seem to understand how things work. The US citizen cannot stop the US government because your government would work with the FBI to stop that. It would be called terrorism. The penalty for terrorism is harsh and can even include death.

If someone in your country tried to take on the intelligence agency of your country, then if your country is allied with the US government then the CIA would destroy those people/terrorists.

The only realistic solutions which aren't suicide or completely insane all take time. Decades. The government agencies can be made less abusive over time, and made to follow the laws of war or at least make it clear to us what rules they follow.

Re:Now, for the other angle, is this treason?

[c0lo]

If Snowden leaked this at this point he's exposing information on operations, methods, everything. At what point does it cross the line and become treason? Is there a line which gets crossed where every Snowden supporter would say "this has gone too far"?

As a non-US citizen and potentially impacted by the US govt actions, I don't have any incentive to say "this has gone too far".

Re:Now, for the other angle, is this treason?

[ljw1004]

It is NEVER treason to expose government wrongdoing or unconstitutional behavior. It is NEVER treason to expose government coverups or lies. It is NEVER treason to disclose programmes that should have had proper congressional or public oversight but didn't. Everything so far disclosed has fallen into the above categories. If ever disclosing one of these wrongdoings or unconstitutional behaviors or coverups has put an operative or operation in jeopardy - then the blame rests solely on the shoulders of whoever perpetrated that cover up. Otherwise, any wrongdoing could be hushed up simply by entangling it with something else.

At least, that's my view as a Snowden and Manning supporter

Re:Now, for the other angle, is this treason?

[aNonnyMouseCowered]

Or maybe you should be asking: should the government have no limit as to what it can do in the name of protecting the country from supposed foreign conspiracies.

"Persist across software and equipment upgrades"

[Beryllium+Sphere(tm)]

If they have really developed software which can do that, they should share their techniques with the commercial world. Software that can continue to run even after a system upgrade? Sign me up.

Re:Now, for the other angle, is this treason?

[Sabriel]

That's seriously a good question. The ironic answer is that the knowledge that would be sufficient to make an informed decision (as to where the line should be other than an annoyingly vague "whatever doesn't make it worse for humanity") is being withheld from us. Any actual example we could use would be based on what we already know, which isn't going to be whatever the government is still keeping secret - the good _and_ the bad.

Which puts us all between something of a rock and a hard place.

Having read this particular article, it doesn't mention any specific operations, nor any specific methods. I say "specific" because, while it does reveal that the US government is exploiting vulnerabilities in software and hardware (really not a surprise), it does not reveal specifics that would allow an enemy to distinguish between "US government exploit" and "random joe exploit".

I also found this part interesting: "The NSA designs most of its own implants, but it devoted $25.1 million this year to “additional covert purchases of software vulnerabilities” from private malware vendors, a growing gray-market industry based largely in Europe." Apparently, providing 25.1 million dollars of additional demand for unethical behaviour is now within the NSA's newest line in the sand, to go along with global warrant-less electronic surveillance of everyone including its own citizens within its own borders.

Which means here's the thing:

The US government crossed its constitutional line under a veil of secrecy from its own people and then said: I'll keep going.
Edward Snowden crossed his personal line under the orders of the US government and then said: I'm turning whistleblower.

So right now, I'm a lot more worried about the US government's limits than Snowden's.

Cyber Combat: Act of War

[sydneyfong]

Pentagon Sets Stage for U.S. to Respond to Computer Sabotage With Military Force

http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html

Re:Now, for the other angle, is this treason?

[sjames]

That depends of if we decide the NSA has gone far enough to be considered a domestic enemy of the people. It lies to congress, it lies to the citizens, and it may be lying to the president as well. That doesn't sound much like a legit government agency. It spies on Americans and subverts the Constitution. That sounds like something an enemy does.

All supposedly for catching terrorists, right?

[PapayaSF]

And yet Russia can call us up and say "Hey, there are two Chechen refugee brothers in Boston who we think are terrorists" and NOTHING HAPPENS.