Australian parliament reviews use of Chinese-made cell phones

ZTE CorporationThe Parliament of Australia is reportedly reviewing the use of cell phones built by a Chinese manufacturer, after an Australian news agency expressed concerns about the manufacturer’s links with the Chinese military. The cell phone in question is the popular Telstra Tough T55 handset. It is made available to Australian parliamentarians though the Information, Communications and Technology (ICT) unit of the Department of Parliamentary Services (DST). Any parliamentarian or worker in Australia’s Parliament House can order the device through the Parliament’s ICT website. According to data provided by the DST, 90 Telstra Tough T55 cell phones have been ordered through the ICT in the current financial year.

The handset is manufactured by ZTE Corporation, a leading Chinese telecommunications equipment and systems company that is headquartered in the city of Shenzhen in China’s Guangdong province. On Monday, the News Corp Australia Network, a major Australian news agency, said it had contacted the parliament with information that ZTE Corporation’s links to the Chinese military may be of concern. News Corp said it informed the DST that members of the United States Congress and the House of Representatives’ intelligence committee, have expressed serious concerns about the Chinese telecommunications manufacturer in recent years.

As intelNews reported in 2010, three American senators told the US Federal Communications Commission that the ZTE was “effectively controlled by China’s civilian and military intelligence establishment”. The senators were trying to prevent a proposed collaboration between American wireless telecommunications manufacturers and two Chinese companies, including ZTE Corporation. In 2012, the intelligence committee of the US House of Representatives investigated similar concerns. It concluded that telephone handsets manufactured by ZTE should not be used by US government employees due to the company’s strong links with the Chinese state. And in 2016, US-based security firm Kryptowire warned that some ZTE cell phone handsets contained a suspicious backdoor feature that could potentially allow their users’ private data to be shared with remote servers at regular intervals.

A DST spokesman told the News Corp Australia Network that the ZTE-manufactured cell phones had been selected for use by Australian parliamentarians based on “technical and support requirements, [DST] customers’ feedback and cost”. The spokesman added that the DST “is currently reviewing the ongoing suitability” of the T55 handsets, following reports about ZTE’s links with China’s security establishment.

Author: Ian Allen | Date: 05 September 2017 | Permalink

Advertisements

Israeli military says Hamas lured its soldiers using online profiles of women

Cellular telephoneThe Israel Defense Forces told a press conference on Wednesday that hackers belonging to the Palestinian militant group Hamas lured Israeli soldiers by posing as young women online. Wednesday’s press conference was led by an IDF spokesman who requested to remain anonymous, as is often the case with the Israeli military. He told reporters that the hackers used carefully crafted online profiles of real Israeli women, whose personal details and photographs were expropriated from their publicly available social media profiles. The hackers then made contact with members of the IDF and struck conversations with them that in many cases became intimate over time. At various times in the process, the hackers would send the Israeli soldiers photographs of the women, which were copied from the women’s online public profiles.

The anonymous IDF spokesman said that, if the soldiers continued to show interest, they were eventually asked by the hackers posing as women to download an application on their mobile telephones that would allow them to converse using video. Once the soldiers downloaded the application, the ‘women’ would find excuses to delay using the application, or the relationships would abruptly end. But the soldiers would leave the application on their telephones. It would then be used by the Hamas hackers to take control of the camera and microphones on the soldiers’ mobile devices. According to the IDF spokesman, dozens of Israeli soldiers were lured by the Hamas scam. No precise number was given.

Media reports suggest that the Hamas hackers were primarily interested in finding out information about IDF maneuvers around the Gaza Strip, the narrow plot of densely inhabited territory that is controlled by the Palestinian militant group. They were also interested in collecting information about the size and weaponry of the Israeli forces around Gaza. Media representatives were told on Wednesday that the operation “had potential for great damage”. But the IDF claims that the harm to its operations was “minimal”, because it primarily targeted low-ranking soldiers. Consequently, according to the Israeli military, the hackers were not able to acquire highly sensitive information.

In 2009, dozens of members of Sweden’s armed forces serving with NATO’s International Security Assistance Force in Afghanistan were found to have been approached via Facebook, and asked to provide details on NATO’s military presence in the country. The Afghan Taliban are believed to have carried out the operation.

Hamas has not commented on the allegations by the IDF.

Author: Joseph Fitsanakis | Date: 12 January 2017 | Permalink

Senior South Korean officials’ cell phones hacked by North: report

NIS South KoreaDozens of cell phones belonging to senior government officials in South Korea were compromised by North Korean hackers who systematically targeted them with texts containing malicious codes, according to reports. The National Intelligence Service (NIS), South Korea’s primary intelligence agency, said the cell phone penetrations were part of a concerted campaign by North Korea to target smart phones belonging to South Korean senior government officials. Once they managed to compromise a cell phone, the hackers were able to access the call history stored on the device, the content of text messages exchanged with other users and, in some cases, the content of telephone calls placed on the compromised device. Moreover, according to the NIS, the hackers were able to access the contact lists stored on compromised cell phones, which means that more attacks may be taking place against cell phones belonging to South Korean government officials.

The breach was considered critical enough for the NIS to host an emergency executive meeting with the security heads of 14 government ministries on Tuesday, in order to update them on the situation and to discuss ways of responding to the crisis. According to Korean media, the emergency meeting took place on Tuesday and lasted for over three hours. During the meeting the NIS told ministry representatives that the North Korean operation was launched in late February and was ongoing as of early this week. It specifically targeted government officials and appeared to concentrate on their cell phones, instead of their office phones –probably because the latter are known to be equipped with advanced anti-hacking features. The government employees’ cell phones were reportedly attacked using text messages and emails containing links to web sites that downloaded malicious codes on the users’ phones.

The NIS did not specify the precise purpose of the hacking operation, nor did it explain whether the attacks were informed by an overarching strategic goal. The officials targeted work for a variety of government ministries, but there is no clarification as to whether any operational or administrative links between them exist. The NIS did say, however, that approximately a fifth of all attacks against cell phones were successful in compromising the targeted devices.

Author: Joseph Fitsanakis | Date: 10 March 2016 | Permalink

South Korean spy’s suicide reportedly linked to wiretap controversy

NIS South KoreaA suicide note found next to the body of a South Korean intelligence officer mentions a phone hacking scandal that has caused controversy in the country. The 45-year-old man, identified only as “Lim” by South Korean authorities, worked for the country’s primary intelligence organization, the National Intelligence Service (NIS). He was found dead late on Saturday morning inside his car, which had been parked on a deserted rural road on the outskirts of South Korean capital Seoul. According to local reports, authorities found a metal plate with burnt-out coal inside his car, which had been locked from the inside. Finding no apparent marks on his body, the police have ruled his death a suicide.

The man reportedly left a three-page handwritten note on the passenger seat of his car, which is said to contain his will and a list of the reasons that drove him to kill himself. South Korean media cited a “senior government insider” who said that among the reasons mentioned in the suicide note is a controversial phone tapping scandal that has made national news in recent days. According to the insider, the program is identified in the letter as a wiretapping scheme “of national importance”.

The program appears to refer to the the disclosure made this month by a group of unidentified hackers that exposed the dealings of a surveillance software manufacturer with a markedly poor civil-liberties record. The disclosure, made by British newspaper The Guardian, shows that the Italian company, Hacking Team Ltd, is believed to have sold powerful surveillance software to governments with a history of civil-rights violations, including Nigeria, Ethiopia, Saudi Arabia, Azerbaijan and Uzbekistan. Among the customers, however, are a number of countries with stronger civil-rights protections, including South Korea and Cyprus, which is a member of the European Union. Cyprus’ intelligence chief resigned earlier this month as a result of the disclosure. According to technical experts, the software sold by Hacking Team can intercept data exchanged via cellular phones and other wireless devices. It can also spy on all communications devices connected to the Internet using malware that is undetectable by commonly used antivirus software. Moreover, software supplied by Hacking Team cannot be removed from a compromised cellular device unless it is reset at the factory.

NIS authorities in Seoul issued a press statement last week, claiming that the phone hacking software had been used only against North Korean targets abroad, including agents of Pyongyang operating around the world. But human rights organizations, as well as opposition parties in South Korea, said they believed the software had been used to monitor domestic dissent. Earlier this year, a former director of NIS was jailed for organizing an online propaganda campaign to dissuade citizens to vote for the liberal opposition. The NIS issued a statement last week saying that it would be willing to share the operational details and records of the controversial software with lawmakers in order to dispel rumors that it was used against domestic political activity.

Author: Ian Allen | Date: 20 July 2015 | Permalink: https://intelnews.org/2015/07/20/01-1738/

We must spy because of Turks, ISIS, says outgoing Cyprus spy chief

CyprusThe head of the main intelligence agency of the island state of Cyprus has resigned after an invoice leaked online showed that the agency made several purchases of controversial surveillance software. Andreas Pentaras, who has led the Cyprus Intelligence Service (KYP) since 2013, resigned on Saturday, less than a week after an unidentified group of hackers posted the controversial invoice online. The document, leaked to British broadsheet The Guardian and posted on Cypriot news site Sigmalive, shows that the KYP made numerous purchases of communications surveillance software from an Italian manufacturer with a markedly poor standing among civil-liberties advocates. The company, Hacking Team Ltd, is believed to have sold powerful surveillance software to governments that have documented records of civil-rights violations, including Nigeria, Ethiopia, Saudi Arabia, Azerbaijan and Uzbekistan.

According to technical experts in Cyprus, the software purchased by KYP can intercept data exchanged via cellular phones and other wireless devices. It can also spy on all communications devices connected to the Internet using malware that is undetectable by commonly used antivirus software. Moreover, software supplied by Hacking Team cannot be removed from a compromised cellular device unless it is reset at the factory. Pentaras also came under pressure to resign because the interception of communications is currently outlawed by the Cypriot Constitution. In 2011, the Cypriot parliament amended the Constitution to allow communications interception in extreme circumstances, but the legal interpretation of the amendment has yet to be officially outlined and approved. Technically, therefore, the interception of communications by the KYP remains illegal.

In an official statement issued on Friday, Pentaras said the surveillance software was purchased because of “the need and importance of maintaining a reliable operational intelligence service due to the circumstances caused by the occupation and due to the asymmetric threats caused by the instability in our region”. He was referring to the presence of up to 45,000 Turkish troops in the northern part of the island, which Turkey invaded in 1974 in response to a military coup organized by a group of far-right colonels who ruled Greece at the time. Pentaras was also referring to the arrest last month of a suspected Lebanese Hezbollah operative, who was captured in the Cypriot city of Larnaca while in possession of 67 thousand packages of ammonium nitrate. In September of last year, Pentaras said it was possible that Sunni nationalists in occupied north Cyprus were assisting the Islamic State of Iraq and Syria (ISIS).

According to Cypriot media, the country’s President, Nicos Anastasiades, accepted Pentaras’ resignation, saying he did so “in order to protect the commendable accomplishments of the KYP in recent years”. Late on Saturday, another Cypriot senior official, Public Health Minister Filippos Patsalis, surrendered from his post. Sources from Nicosia said that Patsalis’ resignation was not related to the KYP controversy.

Author: Joseph Fitsanakis | Date: 13 July 2015 | Permalink: https://intelnews.org/2015/07/13/01-1733/

Norway probes intercept equipment found near PM’s home

Parliament of NorwayBy JOSEPH FITSANAKIS | intelNews.org
Authorities in Norway are probing a possible espionage operation by a foreign intelligence agency, following the discovery of several electronic surveillance devices located near government buildings in downtown Oslo. The presence of the devices was revealed on December 12 in a leading article by Norwegian daily newspaper Aftenposten, which published the findings of what it said was a two-month technical investigation into the matter. The paper said its reporters teamed up with two leading companies specializing technical surveillance countermeasures. According to the article, investigators came up with a network of surveillance devices disguised to look like cell phone base stations, known as transceivers. But the devices were actually International Mobile Subscriber Identity (IMSI) catchers, essentially fake cell phone towers that are often used clandestinely to intercept telephone traffic among users, as well as their movements. Aftenposten said that the devices, whose unauthorized use is illegal in Norway, had been placed outside the official residence and office of the prime minister, outside the houses of parliament, as well as near major banks and corporate headquarters. IMSI catchers cannot access the content of cellular communications, as most providers encrypt them nowadays; but they can record the telephone numbers of users, as well as pen-register data —namely who calls whom, when, for how long, etc. Additionally, if those behind the surveillance knew the telephone numbers of targeted subscribers, they could keep track of their physical movements through their phone’s GPS system, and identify who they contact on their cellular devices. The newspaper said the surveillance devices were almost certainly installed to monitor the activities of senior Norwegian government officials, as well as perhaps senior executives of companies headquartered in the Norwegian capital. On Monday, Norway’s National Security Authority (NSM) said it thought Aftenposten’s claims were probably correct. NSM Director Kjetil Nilsen said the main question was now who was behind the installations. Norwegian Police Security Service (PST) spokeswoman Siv Alsen told reporters on Monday that “the possibility that this is coming from foreign state agencies” could not be dismissed. She added that the PST would now proceed to probe whether the surveillance network was the work of foreign spies or organized criminal networks. Norway, a founding member of the North Atlantic Treaty Organization, is traditionally seen as an ally of the United States and has seen its relations with Russia and China strained in recent years.

NSA spies on every cell phone company in the world, new data shows

NSA headquartersBy IAN ALLEN | intelNews.org
The United States National Security Agency has spied on virtually every cell phone manufacturer and provider in the world in an attempt to uncover security weaknesses that can be exploited for surveillance, according to newly leaked data. It also appears that the NSA has worked to sabotage the technical security features of commercial telecommunications systems in order to be able to spy on their users. The documents were released on Thursday by The Intercept’s Ryan Gallagher, who said he acquired them from American defector and former NSA computer technician Edward Snowden. The documents reveal the existence of an NSA project codenamed AURORAGOLD, which appears to have been operational since at least 2010. It has targeted telephone companies in virtually every country in the world, including in the US, as well as in nations closely aligned with Washington, such as Australia, Germany, United Kingdom, France and New Zealand. The project has been carried out by at least two separate NSA units, whose existence appears to have been publicly disclosed for the first time. One is the Wireless Portfolio Management Office, which is tasked with outlining and implementing the NSA’s strategy for penetrating wireless telecommunications systems. The other is the Target Technology Trends Center, whose mission is to track the development of emerging communications technologies so as to detect security innovations that could prevent the NSA from spying on their users. The leaked documents show that, as of late spring of 2012, the NSA had collected detailed technical information on nearly 70 percent of the world’s cellular telecommunications networks and was preparing to spy on the email accounts of their employees. The goal was to acquire technical blueprints and other planning papers that could help the NSA penetrate those networks. According to Gallagher, the broad scope of AURORAGOLD appears to be aimed at “ensuring virtually every cellphone network in the world is NSA-accessible”. But the publication quotes leading cellphone security experts who express strong skepticism over the NSA program. One of them, the University of Virginia’s Karsten Nohl, warns against any policy that aims to deliberately install security vulnerabilities on telecommunications networks. “Once NSA introduces a weakness, a vulnerability, it’s not only the NSA that can exploit it”, he says. Another security expert, F-Secure’s Mikko Hypponen, cautions that criminals and spies from every country could be among AURORAGOLD’s “inadvertent beneficiaries”. The Intercept spoke to an NSA spokeswoman, who said the Agency was committed to ensuring “an open, interoperable and secure global Internet”. But she declined to discuss AURORAGOLD.