Slashdot Mirror
CIA Co-Developed 'Athena' Windows Malware With US Cyber Security Company, WikiLeaks Reveals (bleepingcomputer.com)
An anonymous reader writes: Today, WikiLeaks leaked documentation about a tool called Athena. According to leaked documents, which WikiLeaks previously claimed it received from hackers and CIA insiders, Athena is an implant -- a CIA technical term for "malware" -- that can target and infect any Windows system, from Windows XP to Windows 10, Microsoft's latest OS version. Documents leaked today are dated between September 2015 and February 2016, showing that the CIA had the ability to hack Windows 10 months after its launch, despite Microsoft boasting about how hard it would be to hack its new OS. [...] The documents reveal that CIA had received help from a non-government contractor in developing the malware. The company is Siege Technologies, a cyber-security company based in New Hampshire, which was acquired on November 15, 2016, by Nehemiah Security, another US company, based in Tysons, Virginia, on the outskirts of Washington and near CIA's headquarters, in a zone peppered with various military and defense contractors.
"Siege Technologies, a cyber-security company based in New Hampshire, which was acquired on November 15, 2016, by Nehemiah Security, another US company, based in Tysons, Virginia, on the outskirts of Washington and near CIA's headquarters, in a zone peppered with various military and defense contractors."
Many of which are CIA front companies. Essentially the CIA contracts with companies it controls moving the money away from any elected meddling - aka oversight. The money is then used to fund "special projects" that don't need to be reported to anyone.
No, everyone is responsible. All the spy agencies are involved, and corporations are clearly involved. It was done under Bush/Cheney and Obama, and so far the American public has failed to complain enough, and the media have failed their role as watchdogs. It is everybody's fault. If people don't start complaining a lot more to their representatives, and vote in more honest representatives, it will only get worse.
A brain is a terrible thing to waste... Mind? That's debatable.
And by the way, Obama is not the left. He may be the center-right, but he has nothing to do with the Bernie Left. The spy agencies are all right wing. The military is right wing, the wars are done by right wing Democrats and Republicans colluding together. The people least responsible for the spying and the wars are all those lefty anti-war and-spying protesters. But I still maintain that just about everyone is to blame, including the public who barely pays attention to anything other than their phone.
A brain is a terrible thing to waste... Mind? That's debatable.
The "resistance" from the left is identical to all the pop-up Communist groups the CIA funded in South America. Everything hit topic from the intersectional corner of bad ideas is designed to form rifts in the community to prevent a unified voter base. You can't occupy wallstreet when part of the crowd calls you racist for daring to speak for them, and the entire movement has to spend all their time checking their privilege.
Yeah yeah, we heard all about the CIA, etc back in '75. Nothing came of it then either. But that heart attack gun is pretty cool, doncha think?
As for the 'left' in the United States, there isn't one to speak of, certainly not in their government. And the voting records confirm that.
“He’s not deformed, he’s just drunk!”
I've seen firsthand the enemy your talking about, and the great majority of them that *I* came into contact with could not even read their own language, let alone operate sophisticated computer systems. While I'm sure there are upper echelons that DO leverage technology in a way that would justify tools such as these, I doubt they are rocking Samsung smart TVs, ordering takeout on the latest iphone, or operating stable and reliably connected windows based personal computers.
Your argument has been employed in the defense of terrible weapons and processes for centuries. Sometimes, it's correct as much as it's ugly. Other times, it's just mouth frothing for more powers/power/abilities, and justification for the boot that grinds.
The ability to (maybe) compromise the enemy commanders smartphone via the mobileapps he's using, or own his smart TV for surveillance purposes is next to useless against the real high value targets. On the flip side, these tools are incredibly effective for illegal use against our own people, our allies, and other western cultures. Add the risk of catastrophic damage to systems throughout the world being incredibly high when these tools inevitably leak to the public and the scale starts to tip to the side of WTF-land.
If these tools had been developed on Mars, and stored on the moon, they would still be used against innocents, and leaked to the public eventually.
Sometimes the only way to win is not to play.
You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
Standard US person ideology. "It's great we can murder foreigners. Only our law and our people's rights matter."
You finance ISIS and other terrorist groups and then proceed to feel good about killing the assholes. Pretend to save innocent lives. No one but yourselves is buying this BS anymore.
Read your own intelligence reports, read your previous secretary of state emails (“Al-Qaeda is on our side in Syria.”). Stop being a murder supporter.
Stop storing important files on any Microsoft product.
Build a walk in secure vault and hold meetings well away from any devices, Microsoft, Apple or other products.
Consider access your vault area? Elevator, common areas, areas open to the public, areas open to clearers, other contractors, other workers in the same building or secure complex.
Building doors, office doors can be held open, waited until opened.
Take notes on paper, use a typewriter. Secure all paperwork after an important meeting.
Do not have a photocopier near the vault. Ensure all photocopies are secure under CCTV, have a camera to image all copied pages and track paper counts.
No user digital devices should be near your most vital work so secure anything in an office setting that can make a copy.
Air gap any networks that deal with users, your nations courts wanting user details, all US brands, services. Keep your company secrets away from any US brands or users, networks that are open to other requests.
When a product or service is ready for the public, use US brands for later global integration but keep all emerging and work in progress away from any US products, hardware, software, experts and services.
Dont hire workers that are not trustworthy. That foreigner left their own nation to work for any good wage, who else are they working for?
If the clandestine services cant get into your secure and air gapped networks, expect staff to be approached. Have your security ready for once trusted staff to be turned by offers of cash or US paperwork.
Look back over the education of your staff, are they local, smart, loyal, happy, have issues, addictions, faith or cult? Did they tell the truth in their resume? Are they political, have any hidden issues in their past that could be used to make them spy for another nation? Find out before other nations clandestine services make a cash offer. Would they respond to their own faith more than protecting your nation or company?
Start looking over your logs, past average "malware" intrusion attempts, hire good experts to look at network security and improve it given the Microsoft OS issues.
Hide your brands real secrets, and then use Microsoft products to create a fiction on your brands networks.
Get a few staff members to write up fictional projects, busy work, ideas, support, project names, patents, new crypto, software, hardware, amazing advancements.
Put that disinformation strategy on Microsoft computers and have it face your open networks. See who comes looking given the attractive keyword fiction created. Use very unique project names.
Use US approved crypto, OS, network standards for the creative fictional digital files. Keep up with anti virus software and log everything.
Also read up on past projects (1920-2000) against brands and nations that create products, services and that advanced crypto, science, technology of interest to the USA.
What offer got made to staff or methods used to walk out documents.
Wait and see if perfect new applicants seem to be a prefect fit for the fictional projects in the skill sets they present.
Understand that if your brand is able to out smart US brands and bring new, better, cheaper, faster, more secure products to the world your brand is been watched.
Fix the software, network, OS and hardware issues, understand what could motivate trusted staff to sell, give away, copy or trade your brands secrets. Dont allow a stranger or best "new" "friend" of a staff member to just wonder around your company. No all long term collection methods need internet access. Never hire people your security team cant find information on. Make sure all staff resumes match reality not just a quick look over other altered digital databases.
Hire only local quality workers for all work. Buying networked hardware on the open market in your brands own name and then having it imported is a risk for hardware alteration.
Domestic spying is now "Benign Information Gathering"
Wikileaks won an award for some stuff about Kenya not long before the Manning leak.
You only think Wikileaks is US-centric because your local media is (understandably) US-centric.