News you may have missed #857 (hacking edition)

Mossad sealBy IAN ALLEN | intelNews.org
►►UK spies hacked Belgian phone company using fake LinkedIn page. British spies hacked into the routers and networks of a Belgian telecommunications company Belgacom by tricking its telecom engineers into clicking on malicious LinkedIn and Slashdot pages, according to documents released by NSA whistleblower Edward Snowden. The primary aim, reports the German newsmagazine Der Spiegel, which obtained the documents, was to compromise the GRX router system that BICS controlled, in order to intercept mobile phone traffic that got transmitted by the router.
►►Indonesian hackers behind attack on Australian spy service website. Indonesian hackers are believed to have brought down the website of the Australian Secret Intelligence Service, Australia’s leading spy agency. The page was not working on Monday afternoon after hackers launched a “denial of service” attack. A “404 not found” message typically appears when a website crashes under a “denial of service” attack. The cyber attack is reportedly a response to revelations that Australia had been spying on its closest neighbor through its Jakarta embassy.
►►Hamas blasts alleged Mossad website. Hamas officials released a warning about a website called Holol (“solutions”), claiming it is a ruse set up by Israel’s Mossad intelligence agency to recruit Gazans as informants. The website’s “Employment” page states, “due to our connections with the Israeli Civil Administration, we can help you bypass the bureaucratic tape and procedural processes which prevent you from leaving Gaza”. The site also offers Israeli medical assistance, “due to connections with the Ministry of Health and the Israeli Civil Administration”. Palestinians interested in contacting the website’s officials are asked to provide their full name, telephone number, email, topic of inquiry, and an explanation of why they are asking for help. Last month, Lebanese group Hezbollah accused the Mossad of being behind a website seeking information on Hezbollah’s intelligence wing.

About these ads

Mysterious website seeks intelligence on Hezbollah operatives

Hezbollah party workersBy JOSEPH FITSANAKIS | intelNews.org
Intelligence circles in the Middle East are abuzz with news of a mysterious website that appears to offer substantial financial rewards in exchange for information about alleged members of militant group Hezbollah. The website, located at stop910.com, describes its mission as helping end “Hezbollah-perpetrated terrorism in Lebanon and abroad”. It specifically targets the Lebanese group’s Unit 910, believed to be tasked with international operations, including intelligence gathering from around the world. Hezbollah is a Shiite militant group and political party that controls large swathes of Lebanese territory. It was founded in 1985 in response to the invasion of southern Lebanon by the Israel Defense Forces. It is largely funded by Iran and in recent years has come out in support of the Syrian government in the ongoing Syrian Civil War. Much of the stop910.com website consists of dozens of photographs of alleged Hezbollah operatives. Some are identified by name or alias, but the website asks for further information on them, including their real name, primary residence and telephone numbers or email accounts associated with them. Other photographs show images of unidentified individuals, whom the website describes as suspects known to be members of Hezbollah’s Unit 910. Next to each photograph, the website provides an allegedly secure link, which visitors can use to upload information and request payment. The website, which is currently blocked by most Lebanese Internet service providers, claims to represent an alliance of Western intelligence organizations. But McClatchy Newspapers contacted two Western intelligence officials who said the website was almost certainly an Israeli effort to gather information on Hezbollah activities. The United States-based news agency said it spoke to an unnamed “official based in Beirut [...], who works for a European intelligence service”. Read more of this post

NSA ‘broke, circumvented Internet encryption standards’

NSA headquartersBy IAN ALLEN | intelNews.org |
The United States National Security Agency (NSA) has been able to crack or get around basic encryption standards used daily by hundreds of millions of Internet users, according to newly leaked documents. The New York Times said on Friday that it was in possession of documents that prove that the NSA is not restrained by universal encryption standards used in the US and abroad. The NSA, which is America’s largest intelligence agency, and is tasked by the US government with intercepting electronic communications worldwide, is now able to routinely circumvent Secure Sockets Layer or virtual private networks, as well as encryption protection standards used on fourth-generation cell phones. It therefore has instant access to the content of billions of encrypted messages exchanged by users of some of the Internet’s most popular email companies, including Gmail, Hotmail, Yahoo and Facebook. The paper said it obtained the documents from Edward Snowden, a technical contractor for the NSA who defected to Russia this past summer. They include internal NSA memoranda that suggest the NSA deployed specially built supercomputers to break Internet encryption standards. In other cases, the Agency worked with selected companies and convinced them to “build entry points into their products”. The multi-billion effort was apparently launched by the NSA in the early 2000s, soon after the US government lost a lengthy battle with the communications industry centering on the so-called ‘clipper chip’. Read more of this post

New documents reveal massive NSA surveillance capabilities

General Keith AlexanderBy JOSEPH FITSANAKIS | intelNews.org |
Documents provided by American former intelligence technician Edward Snowden show that the United States National Security Agency has unprecedented surveillance capabilities, which allow it to monitor nearly every online activity of targeted Internet users. Snowden, a self-styled whistleblower, who is currently in Russia, provided British newspaper The Guardian with an NSA training presentation. The visually based presentation explains the inner workings of an intelligence collection program called XKeyscore, which the NSA describes as its “widest-reaching” digital collection program. The system allows NSA data collectors to sift through massive online databases containing millions of individual users’ browsing histories, emails and chats —what the NSA calls digital network intelligence (DNI). According to the training presentation, authorized NSA analysts are able to target individual Internet users by entering their name, email address, IP address or telephone number. The presentation states that, upon entering the identifying information, an NSA analyst can tap into “nearly everything a typical user does on the Internet”, including the content and metadata of emails, website browsing and search terms used. Snowden told The Guardian that an NSA analyst only needs to know a user’s personal email address in order to “wiretap anyone [while] sitting at [his] desk, from you or your accountant to a federal judge or even the President”. What is more, it appears that NSA analysts are able to target individual Internet users by simply “filling in an [...] on-screen form”, and by giving only a very broad justification for the probe. Additionally, individual digital collection operations are not approved by a court or senior NSA officers. According to Snowden, all an NSA analyst has to do is suspect that the targeted online user is in contact with “a foreign target”. Meanwhile, NSA Director Keith Alexander was jeered by participants during his keynote speech at the Black Hat Technical Security conference in Las Vegas on Wednesday. Read more of this post

News you may have missed #836

Investigating the Boston bombingsBy IAN ALLEN | intelNews.org |
►►NSA guide explains how to access private info on Google. In 2007, the US National Security Agency produced a book to help its spies uncover intelligence hiding on the World Wide Web. The 643-page tome, called Untangling the Web: A Guide to Internet Research (.pdf), has just been released by the NSA following a FOIA request filed in April by MuckRock, a site that charges fees to process public records for activists and others. Although the author’s name is redacted in the version released by the NSA, Muckrock’s FOIA indicates it was written by Robyn Winder and Charlie Speight.
►►Are the EU’s unofficial spy services growing out of control? Since its founding, the European Union has been building its own spy programs, often triggered by specific needs, in an ad-hoc manner, without strategy and without a coherent concept about their structure, methods, and people. Unofficially, the has been building an intelligence apparatus of six services so far, some of them brand new, populated already by 1,300 specialists. But because they are technically not conducting covert operations, they simply deny being intelligence services.
►►Hearing on Boston bombings exposes intelligence failures. The US House Committee on Homeland Security’s hearing on the Boston Marathon bombings on Thursday amounted to more than the usual political posturing: it exposed clear deficiencies in communications among intelligence- and law-enforcement agencies. whatever the cause of the intelligence breakdown, the failure to share vital information —and the continued finger-pointing between agencies yesterday— shows the need to improve coordination.

French spy agency forced Wikipedia volunteer to delete entry

Wikipedia welcoming screenBy JOSEPH FITSANAKIS | intelNews.org |
A French intelligence agency forced a volunteer for online open-source reference site Wikipedia to delete n entry that allegedly contained classified information about French nuclear defense systems. According to the Wikimedia Foundation, which publishes Wikipedia, the entry describes a radio relay system located at Pierre-sur-Haute military radio station in south-central France. Operated by the French Air Force, the station is said to have a central role in transmitting the order to launch France’s nuclear missiles in case of a full-scale thermonuclear war. The French-language Wikipedia webpage —which has since been fully restored— mentions, among other things, that the radio masts at Pierre-sur-Haute are designed to withstand the type of shockwave experienced in a thermonuclear attack. According to the Wikimedia Foundation, it was approached in early March, 2013, by the Direction Central du Renseignement Interieur (DCRI), which is tasked with domestic security and counterintelligence. The agency asked the Wikimedia Foundation to delete the entire webpage referring to the Pierre-sur-Haute military radio station, because it said it contravened French national security law. The Wikimedia Foundation, however, refused to comply with the request unless it was accompanied with either a court order or concrete information explaining why the Pierre-sur-Haute revelations were a threat to French national security. The DCRI reportedly backed down, promising to return with a formal justification for its request. However, instead of doing so, it contacted a French-based Wikipedia volunteer, who was summoned to the DCRI’s office under threat of legal action. Read more of this post

News you may have missed #786

Richard Masato AokiBy IAN ALLEN | intelNews.org |
►►US Pentagon wants to share intel with Egypt. The US Department of Defense is offering Egypt a package of classified intelligence-sharing capabilities designed to help it identify military threats along its border with Israel. According to an unnamed senior US official, the Pentagon leadership is concerned about “rising militancy” along the Egyptian-Israeli border. The purported intelligence package includes satellite imagery, data collected through unmanned drones, as well as intercepts of cell phone and other communications among militants suspected of planning attacks. The Egyptian intelligence chief was summarily fired earlier this month, after more than a dozen Egyptian soldiers were killed near Israel’s border when gunmen attacked a post and tried to enter Israel.
►►Researcher disputes Aoki was FBI informant. Last week author Seth Rosenfeld alleged that prominent 1960s Black Panther Party member Richard Masato Aoki, who gave the Black Panthers some of their first firearms and weapons training, was an undercover FBI informer. But the claim, which is detailed in Rosenfeld’s new book, Subversives, is disputed by another researcher, Diane C. Fujino. A professor and chair of Asian American studies at UC Santa Barbara, and author of the recently published Samurai Among Panthers, Fujino argues that Rosenfeld has not met the burden of proof on Aoki, and that he “made definitive conclusions based on inconclusive evidence”.
►►Russian intelligence to monitor blogosphere. Russia’s Foreign Intelligence Service, the FSB, says it plans to fund a program that monitors the Internet’s “blogosphere”, with an aim to “shape public views through social networking”. Citing unnamed sources from inside the FSB, Russian newspaper Kommersant said that the project’s research stage will cost around $1 million. The article implies that the online surveillance and opinion-shaping program will target both Russian- and foreign-language online users. This is not the first time that the FSB has displayed interest in online social networking in recent years.

News you may have missed #767

Omar SuleimanBy IAN ALLEN | intelNews.org |
►►Aussie spy chief warns of ‘digital footprints’. For the first time in the 60-year history of the Australian Secret Intelligence Service (ASIS), Australia’s main external spy agency, its Director has spoken publicly. Nick Warner used this unprecedented opportunity to reflect on where ASIS has come in the last 60 years, and the challenges it faces into the future. Among them, he said, are “developments in the cyber-realm”, which “are a two-edged sword for an agency like ASIS; they offer new ways of collecting new information, but the digital fingerprints and footprints which we all now leave behind complicate the task of operating covertly”.
►►India arrests alleged Pakistani spy. Indian authorities have announced the arrest of Zubair Khan, 37, of Uttar Pradesh, who was allegedly caught with several Indian Army documents in his possession. He had been reportedly asked to gather information on Air India pilots, military bases in the country, journalists who frequently visit Pakistan, and relatives of officials working in the Indian High Commission in Pakistan. Maps of cantonment boards and details of many battalions have been recovered from him, according to Indian media reports. Investigators are also said to have identified one of Khan’s handlers, a man named “Talib”, who works at Pakistan’s High Commission in New Delhi.
►►Egypt spies try to repair image as ex-Director dies. Egypt’s top spy agency, the General Intelligence Service —known as the “Mukhabarat” in Arabic— is taking a small but unprecedented step out of the shadows, in an apparent attempt to win the public’s support in the new Egypt. In an unusual move, the agency released a 41-minute-long documentary boasting of its achievements, presenting itself as the defender of the nation and vowing to continue to protect the country. The effort comes as the Mukhabarat’s former Director, the notorious Omar Suleiman, has died in the United States.

News you may have missed #710

Jonathan PollardBy IAN ALLEN | intelNews.org |
►►MI6 officer murder inquest to be held in secret. Britain’s Foreign Secretary William Hague has ordered that key evidence in the inquest into the death of MI6 officer Gareth Williams is to be heard in secret. Williams, who was found dead in a padlocked sports bag in the bath of his London apartment 20 months ago, was on secondment to MI6 from GCHQ, the British government’s signals intelligence agency, and had worked closely with the American security services.
►►GCHQ warns it is losing terrorists on the internet. Speaking of the GCHQ, the organization says that modern internet technology has left them unable to intercept calls which use new technology instead of traditional phone systems. Britain’s Daily Telegraph quotes “senior intelligence sources with detail knowledge of the problem”, who say that GCHQ technical experts have seen their access to telephone intercept information “eroded” by the use of the technologies such as Voice Over Internet Protocol, or VoIP, which route telephone calls over the world wide web.
►►Israel pressures Obama to release Jewish spy. Israel’s Prime Minister Benjamin Netanyahu has again called on the United States to release convicted spy Jonathan Pollard after the former US Navy intelligence analyst was hospitalized this week. Pollard, an American of Jewish descent, was sentenced to life in prison 25 years ago for leaking classified documents to Israel. Many Israelis believe the sentence was too harsh and officials often demand his release. But Democratic and Republican administrations in the US have repeatedly refused Israeli appeals to release the convicted spy.

Why are al-Qaeda websites going off-line?

Shamukh al-IslamBy JOSEPH FITSANAKIS | intelNews.org |
It began late last month, and nobody seems to really know why:  one after another, the most popular pro-al-Qaeda websites around the world have been going off the air, in what appears to be coordinated fashion. For most of the past decade, a host of al-Qaeda-linked websites have acted as online platforms of outreach, propaganda, and communication between the group’s sympathizers around the world. Most fulfill the role of conduits for al-Qaeda’s media production arm, as-Sahab, as well as for al-Fajr Media, al-Qaeda’s online distribution network. These two outfits routinely rely on a collection of websites to deliver online content ranging from glossy periodicals to audio speeches and digital videos. But on March 23, two of the largest pro-al-Qaeda websites, Shamukh al-Islam and the Ansar al-Mujahidin Arabic Forum, simultaneously disappeared from the World Wide Web. Two days later, another popular site, al-Fida, also vanished. By March 30, two remaining pro-al-Qaeda forums had also gone off line. Two sites, the Shamukh al-Islam and the Ansar al-Mujahidin Arabic Forum, reappeared, but offered no concrete explanation of the reasons why they went off the air in the first place. Interestingly, nobody has claimed responsibility for the disappearance of the pro-al-Qaeda websites, and the US government has refused to state whether its operatives had been engaged in undermining them. But CNN’s Security Clearance blog contacted Brandeis University researcher Aaron Y. Zelin, who offered one possible explanation. Read more of this post

News you may have missed #704: Caught-red-handed edition

Zbigniew SiemiątkowskiBy IAN ALLEN | intelNews.org |
►►Would be CIA spy uses Tweeter to attack CIA. Lynnae Williams was on track to become a CIA agent. Today, the 35-year-old aspiring journalist and would-be CIA spy uses Twitter to expose what she feels are corrupt and unethical practices by the mysterious organization. In 2009, Williams spent more than three months training to become a CIA spy. She says she was sent to the CIA’s “psychological prison”, a public mental-health hospital in Virginia. There, she says, doctors pushed drugs for schizophrenia and manic depression in a white-walled environment with inedible food. Eventually, the CIA stopped paying her and suspended her security clearance. She’s now looking to sue the agency for wrongful termination. And in the meantime, she’s using BlogSpot and her @wlynnae account to post tweets.
►►US ambassador says Russia is spying on him. US Ambassador to Russia Michael McFaul suggested yesterday that the Russian government is spying on him. “Everywhere I go [Russian television station] NTV is there”, he tweeted. “Wonder who gives them my calendar? They wouldn’t tell me. Wonder what the laws are here for such things? I respect [the] press’ right to go anywhere and ask any question. But do they have a right to read my email and listen to my phone?”. McFaul also posted on his Twitter feed yesterday: “When I asked these ‘reporters’ how they knew my schedule, I got no answer”.
►►Poland ex-spy boss charged over CIA prison. Zbigniew Siemiątkowski, the former head of Poland’s foreign intelligence service faces charges of illegal detention and use of corporal punishment at an alleged secret CIA ‘black site’ used to house high-ranking terrorism suspects. Investigators allege the spy boss exceeded his powers and breached international law through the use of “unlawful deprivation of liberty” and “corporal punishment” against prisoners of war.

News you may have missed #703: US edition

NSA headquartersBy IAN ALLEN | intelNews.org |
►►NSA pressed to reveal details on Google deal. The Electronic Privacy Information Center is locking horns with the National Security Agency over a secret deal the agency cut with Google following an attack on Gmail by Chinese hackers in 2010. The information center has filed a Freedom of Information Act request with the NSA to obtain information about the deal. That request was rejected by a federal court and an appeal process continues.
►►US spy agencies can keep data on Americans longer. Until now, the US National Counterterrorism Center had to immediately destroy information about Americans that was already stored in other government databases when there were no clear ties to terrorism. But it will now be able to store information about Americans with no ties to terrorism for up to five years under new Obama administration guidelines. The new rules replace guidelines issued in 2008 and have privacy advocates concerned about the potential for data-mining information on innocent Americans.
►►Islam convert leads CIA’s Counterterrorism Center. Roger, which is the first name of his cover identity, has been chief of the CIA’s Counterterrorism Center for the past six years. Colleagues describe Roger as a collection of contradictions. A chain-smoker who spends countless hours on a treadmill. Notoriously surly yet able to win over enough support from subordinates and bosses to hold on to his job. He presides over a campaign that has killed thousands of Islamist militants and angered millions of Muslims, but he is himself a convert to Islam. His defenders don’t even try to make him sound likable. Instead, they emphasize his operational talents, encyclopedic understanding of the enemy and tireless work ethic.

News you may have missed #698

Cecilia LooströmBy IAN ALLEN | intelNews.org |
►►Swedish official sent top-secret intel briefing via Hotmail. A high-ranking official at Sweden’s Ministry of Defense sent notes on highly confidential arms trade negotiations with a Saudi Arabian official through a Hotmail email address. The four-page-long email, which details a secret conversation with a Saudi General, was sent in 2008 from assistant Under-Secretary for Defense Cecilia Looström, according to a Swedish newspaper.
►►Russian diplomat won’t deny espionage activity in Canada. Russia’s ambassador to Canada, Georgiy Mamedov, has refused to deny that his country carries out spy activity in Canada. He told a Canadian television reporter that “I am neither denying nor confirming [Russian espionage in Canada]. I would be a fool [...] if I would confirm that we are doing as much”. He said Russia conducts intelligence activities in other countries —although he didn’t specify which— but refused to give any details on what activities, if any, are conducted within Canada.
►►New Taiwan spy case raises concerns. A Taiwanese air force captain surnamed Chiang is believed to have passed intelligence to China. Reportedly, Chiang’s uncle, who operates a business in China, helped pass on the information allegedly obtained by Chiang, which is said to have included classified material on Taiwan’s early-warning radar system as well as E-2T/E-2K Hawkeye surveillance aircraft. The case has rocked the Taiwanese military, as it comes a little more than a year after a high-profile spy for China was caught and is now serving a life sentence.

Spies seen behind fake Facebook profile of senior NATO commander

James G. StavridisBy JOSEPH FITSANAKIS| intelNews.org |
A Facebook account bearing the name of a senior commander of the North Atlantic Treaty Organization was set up by Chinese spies to siphon information from unsuspecting Western military officials, according to a British newspaper. The London-based Daily Telegraph said in an article that the fake Facebook account was discovered a year ago by NATO counterintelligence officers. It bore the name of United States Admiral James Stavridis, who serves as Supreme Allied Commander in Europe and currently leads the Organization’s mission in Libya. The account was reportedly used to befriend Western military officials, primarily in Britain and other European countries, probably in an attempt to collect personal information found on their personal pages on the popular social networking site. This sort of practice is known as ‘spear phishing’, and consists of messages sent to carefully targeted individuals, seemingly sent from a trusted source. The operation involving Admiral Stavridis appears to have been purposely targeted at high-ranking Western officials, a technique sometimes known as ‘whaling’. The London-based daily says NATO officials have been “reluctant to say publicly who was behind the attack”. But the paper claims it has been told that declassified briefings from NATO point to a series of Internet protocol addresses belonging to Chinese government facilities. Organization officials insist —correctly— that the individuals or government agencies behind the operation to falsify Stavridis’ social networking identity are unlikely to have acquired any actual military secrets. However, the information collected from Western military officials befriended online by Admiral Stavridis’ fake Facebook account could aid the compilation of personal and psychological profiles of these officials produced by foreign intelligence agencies. Read more of this post

Research: Spies increasingly using Facebook, Twitter to gather data

Spying on social networkingBy JOSEPH FITSANAKIS | intelNews.org |
During the past four years, this blog has reported several incidents pointing to the increasing frequency with which spy agencies of various countries are utilizing social networking media as sources of tactical intelligence. But are we at a point where we can speak of a trend? In other words, is the rapid rise of social networking creating the conditions for the emergence of a new domain in tactical intelligence collection? This past week saw the publication of a new research paper (.pdf), which I co-authored with Micah-Sage Bolden, entitled “Social Networking as a Paradigm Shift in Tactical Intelligence Collection”. In it, we argue that recent case studies point to social networking as the new cutting edge in open-source tactical intelligence collection. We explain that Facebook, Twitter, YouTube, and a host of other social networking platforms are increasingly viewed by intelligence agencies as invaluable channels of information acquisition. We base our findings on three recent case studies, which we believe highlight the intelligence function of social networking. The first case study comes out of the Arab Spring, which, according to one report, “prompted the US government to begin developing guidelines for culling intelligence from social media networks”. We also examine NATO’s operations during the 2011 Libyan civil war (Operation UNIFIED PROTECTOR), when Western military forces systematically resorted to social networking media to gather actionable intelligence, by utilizing open sources like Twitter to pinpoint targets for attack. Finally, we examine the sabotage by Israeli security services of the 2011 “Welcome to Palestine Air Flotilla” initiative, a campaign organized by several European groups aiming to draw worldwide attention to the travel restrictions imposed by Israeli authorities on the Occupied Territories. Read more of this post

Follow

Get every new post delivered to your Inbox.

Join 637 other followers