South Korean spy’s suicide reportedly linked to wiretap controversy

NIS South KoreaA suicide note found next to the body of a South Korean intelligence officer mentions a phone hacking scandal that has caused controversy in the country. The 45-year-old man, identified only as “Lim” by South Korean authorities, worked for the country’s primary intelligence organization, the National Intelligence Service (NIS). He was found dead late on Saturday morning inside his car, which had been parked on a deserted rural road on the outskirts of South Korean capital Seoul. According to local reports, authorities found a metal plate with burnt-out coal inside his car, which had been locked from the inside. Finding no apparent marks on his body, the police have ruled his death a suicide.

The man reportedly left a three-page handwritten note on the passenger seat of his car, which is said to contain his will and a list of the reasons that drove him to kill himself. South Korean media cited a “senior government insider” who said that among the reasons mentioned in the suicide note is a controversial phone tapping scandal that has made national news in recent days. According to the insider, the program is identified in the letter as a wiretapping scheme “of national importance”.

The program appears to refer to the the disclosure made this month by a group of unidentified hackers that exposed the dealings of a surveillance software manufacturer with a markedly poor civil-liberties record. The disclosure, made by British newspaper The Guardian, shows that the Italian company, Hacking Team Ltd, is believed to have sold powerful surveillance software to governments with a history of civil-rights violations, including Nigeria, Ethiopia, Saudi Arabia, Azerbaijan and Uzbekistan. Among the customers, however, are a number of countries with stronger civil-rights protections, including South Korea and Cyprus, which is a member of the European Union. Cyprus’ intelligence chief resigned earlier this month as a result of the disclosure. According to technical experts, the software sold by Hacking Team can intercept data exchanged via cellular phones and other wireless devices. It can also spy on all communications devices connected to the Internet using malware that is undetectable by commonly used antivirus software. Moreover, software supplied by Hacking Team cannot be removed from a compromised cellular device unless it is reset at the factory.

NIS authorities in Seoul issued a press statement last week, claiming that the phone hacking software had been used only against North Korean targets abroad, including agents of Pyongyang operating around the world. But human rights organizations, as well as opposition parties in South Korea, said they believed the software had been used to monitor domestic dissent. Earlier this year, a former director of NIS was jailed for organizing an online propaganda campaign to dissuade citizens to vote for the liberal opposition. The NIS issued a statement last week saying that it would be willing to share the operational details and records of the controversial software with lawmakers in order to dispel rumors that it was used against domestic political activity.

Author: Ian Allen | Date: 20 July 2015 | Permalink:

We must spy because of Turks, ISIS, says outgoing Cyprus spy chief

CyprusThe head of the main intelligence agency of the island state of Cyprus has resigned after an invoice leaked online showed that the agency made several purchases of controversial surveillance software. Andreas Pentaras, who has led the Cyprus Intelligence Service (KYP) since 2013, resigned on Saturday, less than a week after an unidentified group of hackers posted the controversial invoice online. The document, leaked to British broadsheet The Guardian and posted on Cypriot news site Sigmalive, shows that the KYP made numerous purchases of communications surveillance software from an Italian manufacturer with a markedly poor standing among civil-liberties advocates. The company, Hacking Team Ltd, is believed to have sold powerful surveillance software to governments that have documented records of civil-rights violations, including Nigeria, Ethiopia, Saudi Arabia, Azerbaijan and Uzbekistan.

According to technical experts in Cyprus, the software purchased by KYP can intercept data exchanged via cellular phones and other wireless devices. It can also spy on all communications devices connected to the Internet using malware that is undetectable by commonly used antivirus software. Moreover, software supplied by Hacking Team cannot be removed from a compromised cellular device unless it is reset at the factory. Pentaras also came under pressure to resign because the interception of communications is currently outlawed by the Cypriot Constitution. In 2011, the Cypriot parliament amended the Constitution to allow communications interception in extreme circumstances, but the legal interpretation of the amendment has yet to be officially outlined and approved. Technically, therefore, the interception of communications by the KYP remains illegal.

In an official statement issued on Friday, Pentaras said the surveillance software was purchased because of “the need and importance of maintaining a reliable operational intelligence service due to the circumstances caused by the occupation and due to the asymmetric threats caused by the instability in our region”. He was referring to the presence of up to 45,000 Turkish troops in the northern part of the island, which Turkey invaded in 1974 in response to a military coup organized by a group of far-right colonels who ruled Greece at the time. Pentaras was also referring to the arrest last month of a suspected Lebanese Hezbollah operative, who was captured in the Cypriot city of Larnaca while in possession of 67 thousand packages of ammonium nitrate. In September of last year, Pentaras said it was possible that Sunni nationalists in occupied north Cyprus were assisting the Islamic State of Iraq and Syria (ISIS).

According to Cypriot media, the country’s President, Nicos Anastasiades, accepted Pentaras’ resignation, saying he did so “in order to protect the commendable accomplishments of the KYP in recent years”. Late on Saturday, another Cypriot senior official, Public Health Minister Filippos Patsalis, surrendered from his post. Sources from Nicosia said that Patsalis’ resignation was not related to the KYP controversy.

Author: Joseph Fitsanakis | Date: 13 July 2015 | Permalink:

Norway probes intercept equipment found near PM’s home

Parliament of NorwayBy JOSEPH FITSANAKIS |
Authorities in Norway are probing a possible espionage operation by a foreign intelligence agency, following the discovery of several electronic surveillance devices located near government buildings in downtown Oslo. The presence of the devices was revealed on December 12 in a leading article by Norwegian daily newspaper Aftenposten, which published the findings of what it said was a two-month technical investigation into the matter. The paper said its reporters teamed up with two leading companies specializing technical surveillance countermeasures. According to the article, investigators came up with a network of surveillance devices disguised to look like cell phone base stations, known as transceivers. But the devices were actually International Mobile Subscriber Identity (IMSI) catchers, essentially fake cell phone towers that are often used clandestinely to intercept telephone traffic among users, as well as their movements. Aftenposten said that the devices, whose unauthorized use is illegal in Norway, had been placed outside the official residence and office of the prime minister, outside the houses of parliament, as well as near major banks and corporate headquarters. IMSI catchers cannot access the content of cellular communications, as most providers encrypt them nowadays; but they can record the telephone numbers of users, as well as pen-register data —namely who calls whom, when, for how long, etc. Additionally, if those behind the surveillance knew the telephone numbers of targeted subscribers, they could keep track of their physical movements through their phone’s GPS system, and identify who they contact on their cellular devices. The newspaper said the surveillance devices were almost certainly installed to monitor the activities of senior Norwegian government officials, as well as perhaps senior executives of companies headquartered in the Norwegian capital. On Monday, Norway’s National Security Authority (NSM) said it thought Aftenposten’s claims were probably correct. NSM Director Kjetil Nilsen said the main question was now who was behind the installations. Norwegian Police Security Service (PST) spokeswoman Siv Alsen told reporters on Monday that “the possibility that this is coming from foreign state agencies” could not be dismissed. She added that the PST would now proceed to probe whether the surveillance network was the work of foreign spies or organized criminal networks. Norway, a founding member of the North Atlantic Treaty Organization, is traditionally seen as an ally of the United States and has seen its relations with Russia and China strained in recent years.

NSA spies on every cell phone company in the world, new data shows

NSA headquartersBy IAN ALLEN |
The United States National Security Agency has spied on virtually every cell phone manufacturer and provider in the world in an attempt to uncover security weaknesses that can be exploited for surveillance, according to newly leaked data. It also appears that the NSA has worked to sabotage the technical security features of commercial telecommunications systems in order to be able to spy on their users. The documents were released on Thursday by The Intercept’s Ryan Gallagher, who said he acquired them from American defector and former NSA computer technician Edward Snowden. The documents reveal the existence of an NSA project codenamed AURORAGOLD, which appears to have been operational since at least 2010. It has targeted telephone companies in virtually every country in the world, including in the US, as well as in nations closely aligned with Washington, such as Australia, Germany, United Kingdom, France and New Zealand. The project has been carried out by at least two separate NSA units, whose existence appears to have been publicly disclosed for the first time. One is the Wireless Portfolio Management Office, which is tasked with outlining and implementing the NSA’s strategy for penetrating wireless telecommunications systems. The other is the Target Technology Trends Center, whose mission is to track the development of emerging communications technologies so as to detect security innovations that could prevent the NSA from spying on their users. The leaked documents show that, as of late spring of 2012, the NSA had collected detailed technical information on nearly 70 percent of the world’s cellular telecommunications networks and was preparing to spy on the email accounts of their employees. The goal was to acquire technical blueprints and other planning papers that could help the NSA penetrate those networks. According to Gallagher, the broad scope of AURORAGOLD appears to be aimed at “ensuring virtually every cellphone network in the world is NSA-accessible”. But the publication quotes leading cellphone security experts who express strong skepticism over the NSA program. One of them, the University of Virginia’s Karsten Nohl, warns against any policy that aims to deliberately install security vulnerabilities on telecommunications networks. “Once NSA introduces a weakness, a vulnerability, it’s not only the NSA that can exploit it”, he says. Another security expert, F-Secure’s Mikko Hypponen, cautions that criminals and spies from every country could be among AURORAGOLD’s “inadvertent beneficiaries”. The Intercept spoke to an NSA spokeswoman, who said the Agency was committed to ensuring “an open, interoperable and secure global Internet”. But she declined to discuss AURORAGOLD.

News you may have missed #885

Shin BetBy IAN ALLEN |
►►Americans’ cellphones targeted in secret US spy program. The US Justice Department is scooping up data from thousands of mobile phones through devices deployed on airplanes that mimic cellphone towers, a high-tech hunt for criminal suspects that is snagging a large number of innocent Americans, according to people familiar with the operations. The US Marshals Service program, which became fully functional around 2007, operates Cessna aircraft from at least five metropolitan-area airports, with a flying range covering most of the U.S. population, according to people familiar with the program.
►►Israel’s usually secretive spy agencies get into public spat. Israel’s domestic intelligence agency, known as the Shin Bet, has been trading barbs with the military over whether faulty army intelligence left Israel unprepared for war with the militant group Hamas in the Gaza Strip. The spat went high-profile this week when Israel’s Channel 2 aired a report featuring Shin Bet officials –-rendered in pixilated, shadowed form-– claiming the military had brushed aside the agency’s assessment, months before fighting erupted in July, that an armed conflict with Hamas was in the making.
►►Poland mulls military intelligence brigade close to Belarus border. Polish Armed Forces will make emphasis on the unfolding of reconnaissance troops and will set up a separate brigade and military command in the north-east of the country, National Defense Minister Tomasz Siemoniak said on Thursday. The region he visited is located along the border with Belarus and close to the border with Russia’s westernmost Kaliningrad region, an exclave on the south-east shore of the Baltic Sea.

China hacking Hong Kong protesters’ smartphones, says security firm

Hong Kong protestersBy IAN ALLEN |
A mobile telephone security company has said the government of China is probably behind a sophisticated malware designed to compromise the smartphones of protesters in Hong Kong. Ever since the Hong Kong ‘umbrella revolution’ began to unfold, countless reports have referred to the use of smartphone applications as organizing tools by the protesters. According to one account, an application called FireChat was downloaded by more than 100,000 smartphone users in Hong Kong in less than 24 hours. FireChat is said to allow protesters to continue communicating with each other even when their individual devices are unable to connect to a mobile network. But a California-based mobile telephone security firm has warned that the Chinese government could be using such enabling applications to compromise the smartphones of pro-democracy protesters in the former British colony. Lacoon Mobile Security, which specializes in assessing and mitigating mobile security threats, said on Tuesday that it had detected several types of malware camouflaged as mobile phone applications designed to help the protesters organize. In a statement posted on its website, the security firm said that, once downloaded by a smartphone user, the malware gives an outsider access to the address book, communication logs and other private data stored on the unsuspecting user’s device. Lacoon added that what made the malware unusual was that it came in two different versions; one appears to target smartphones that run Apple’s iOS operating system, while the other is designed to compromise phones using Google’s Android software. The company noted that the types of malware that are circulating among Hong Kong protesters were some of the most sophisticated it had ever seen. They made use of a method called mRAT, which stands for multidimensional requirements analysis tool. Among other things, mRAT allows a hacker to take surreptitious pictures using the phone camera of a compromised smartphone. According to Lacoon, the design of the malware in question is so advanced that it is “undoubtedly backed by a nation state”. Read more of this post

Hidden spy software found in Chinese-made smartphones

A popular brand of Chinese-made smartphones, which are sold internationally by several major retailers, has been found to contain pre-installed monitoring software, according to a German security firm. The revelation was made on Tuesday by G Data Software, which is based in Bochum, Germany, and has a subsidiary in the United States. The firm, which was founded in 1985, said it discovered the spy software hidden deep inside the proprietary software found on the Chinese-made Star N9500. The product in question is a cheap smartphone based on the popular Samsung Galaxy S4, and can be purchased from numerous Internet retailers, including online outlets such as A G Data spokesperson, Thorsten Urbanski, told reporters in Germany that his company purchased several Star N9500 telephones from an online retailer after receiving multiple messages from users of the telephone in Germany, who said the device’s operating system appeared to contain malicious software. The security firm said the Star N9500’s operating system contains hidden software applications that could allow a third party to access and steal the telephone user’s personal information. There are also secret applications that could permit a hacker to place calls from the telephone, or utilize the device’s microphone and camera without the consent of its owner. What is more, the stolen data was sent to a server based in China. G Data investigators added that their team of experts sought for “over a week” to track down the manufacturer of the Star N9500 but were unable to do so. German media reported that journalists from The Associated Press also tried to locate the manufacturer of the smartphone, by contacting several companies located in China’s southern province of Shenzhen, known as the center of the country’s telecommunications industry. Read more of this post


Get every new post delivered to your Inbox.

Join 1,057 other followers