NSA places its Trump-appointed lawyer on administrative leave, pending probe

NSAAMERICA’S LARGEST SPY AGENCY, the National Security Agency, has reportedly placed on administrative leave its general counsel, who was installed on orders by the White House just hours before the end of Donald Trump’s presidency. Michael Ellis worked as an aide to Representative Devin Nunes (R-Ca) until 2017, when he joined the White House as the senior associate counsel to President Trump and deputy legal advisor to the National Security Council (NSC). In 2020 he was promoted to NSC’s senior director for intelligence.

Last November, days after losing the presidential election, Trump attempted to appoint Ellis as NSA general counsel —effectively the chief legal officer at the spy agency. There was speculation that Trump’s move was part of an effort to declassify documents that he believed would harm the reputation of his domestic political enemies. But the NSA resisted the move, with its director, General Paul Nakasone, allegedly dismissing it as “an attempt to burrow a political appointee [who is] not qualified for the post into a career civil service position”. The Trump administration persisted, however, and last week the then-acting Secretary of Defense Christopher Miller ordered General Nakasone to appoint Ellis, as instructed, effective by 6:00 pm on January 16. The NSA continued to stall the move, but it eventually appointed Ellis as its general counsel at 6pm on January 19.

Now, however, it appears that Ellis has been placed on administrative leave, pending an investigation into his NSA appointment, which has been launched by the Department of Defense’s Office of the Inspector General. According to The Washington Post, the investigation concerns “the circumstances of [Ellis’] selection” to serve as NSA’s general counsel. CBS News cites “a source familiar” with the case, who claims that Ellis is also facing allegations that he may have mishandled classified documents.

The NSA said it would not “comment on personnel matters”. The Department of Defense’s Office of the Inspector General said it would not confirm nor deny that Ellis was under investigation.

Author: Joseph Fitsanakis | Date: 22 January 2020 | Permalink

White House seeks to split Pentagon cybersecurity functions from signals intelligence

NSATHE WHITE HOUSE IS reportedly trying to implement what could be one of the most important changes in the United States Department of Defense in recent years, by separating the cybersecurity functions from its signals intelligence functions. Until 2009, the US National Security Agency (NSA) was in charge of protecting America’s cyber networks and combating online threats. But in 2009 the administration of US President Barack Obama determined that the online environment represented a new theater of war and established a brand new Cyber Command (CYBERCOM).

Since that time, these two agencies, NSA and CYBERCOM, have been operated in parallel and have been led by the same director, who is always a four-star military officer. Moreover, CYBERCOM has historically relied on NSA’s impressive technical infrastructure and cyber arsenal. But there are some in government, especially those who support a more offensive US cyber posture, who have championed the view that CYBERCOM should be removed from the NSA’s command structure, and should operate as a completely separate agency. The administration of US President Donald Trump pushed this idea in 2017, but strong resistance from the NSA prevented it from materializing.

Now, however, the Trump administration appears determined to implement this proposed split, despite strong resistance from NSA’s leadership. Citing anonymous US officials, Defense One reported last week that the White House had sent Chairman of the Joint Chiefs of Staff General Mark Milley and Acting Secretary of Defense Christopher Miller documents detailing the proposed split. The two men are required to consent to the proposal before its implementation is officially authorized.

Acting Secretary Miller is believed to be in support of the move, according to several sources. However, General Milley has previously voiced support for the logic behind the existing close operational relationship between NSA and CYBERCOM. Therefore, some believe he may decide to stall on the proposal, thus waiting for the Trump administration to transition out of power. On Sunday a spokesman for Milley said that the General had “not reviewed, nor endorsed, any proposal to split CYBERCOM and NSA”.

According to reports, there are some at the Pentagon who feel strongly that the decision to split CYBERCOM from NSA should be left to the incoming administration. Nevertheless, the Trump administration seems determined to demonstrate that it can enact sweeping changes in the Department of Defense, as demonstrated by its recent decision to scale down significantly America’s military footprint in Afghanistan, Iraq and Somalia.

Author: Joseph Fitsanakis | Date: 21 December 2020 | Permalink

Danish spy service helped US collect intelligence on NATO allies, report claims

DDIS Denmark

A SECRET COOPERATION BETWEEN Danish and American intelligence agencies enabled the United States to collect intelligence on some of its closest European allies, according to a new report. Affected countries include Germany, France, Sweden, Norway, and Holland, according to Danish newspaper Jyllands-Posten and Danmarks Radio, Denmark’s public-service broadcaster. The two media outlets say they spoke to “several independent sources” who confirmed the allegations.

The revelations appear to be connected with the surprise firing of Lars Findsen, director of the Danish Defense Intelligence Service (FE, or DDIS in English), in August of this year. It was reported at the time that Findsen was fired following a series of whistleblower revelations. However, almost nothing was released by the Danish government about the precise nature of the revelations. It was claimed that the revelations concerned “improper intelligence collection practices”.

It now appears that the whistleblower revelations concerned a secret intelligence collection agreement struck between the DDIS and the US National Security Agency (NSA) in 2008. According to the agreement the NSA would help the DDIS tap a number of fiber optic Internet cables that pass through Danish territory, in return for being given access to the content of intercepted traffic. This collaboration was physically facilitated at a data-processing center located on the Danish island of Amager, south of the Danish capital Copenhagen, which was allegedly built for that purpose.

In 2015, however, a Danish whistleblower approached the Danish Oversight Board, known as TET, which is responsible for supervising the work of Denmark’s intelligence agencies. The whistleblower alleged that the Amager data-processing center had been used by the NSA to spy on Danish targets, including the Ministry of Foreign Affairs and the Ministry of Finance. Moreover, a list of the keywords used by the NSA between 2012 and 2015 to flag Internet traffic allegedly suggests that the governments of Germany, France, Sweden, Norway and Holland were also targeted.

The revelation has prompted a heated political discussion in Denmark, while Norwegian, Swedish and Dutch authorities have launched investigations into the alleged spying. Some in Denmark are now calling for the Minister of Defense, Trine Bramsen, to release to the public a four-volume report produced by the TET about the alleged DDIS-NSA collaboration.

Author: Joseph Fitsanakis | Date: 17 November 2020 | Permalink

NSA director claims Bolton’s book would cause ‘irreparable damage’ to US secrets

Paul NakasoneThe director of America’s largest spy agency claims in a signed affidavit that a forthcoming book by John Bolton, President Donald Trump’s former national security adviser, would critically compromise intelligence secrets if published. Bolton served in that capacity from April 2018 until September 2019. His memoir of his time as President Trump’s national security advisor, titled The Room Where It Happened, is scheduled for publication on Tuesday.

But the White House has sued Bolton, claiming that he did not follow the requirements of his pre-publication screening process by government officials. President Trump’s legal team also claims that, if published, the book would damage critical areas of United States national security.

On Wednesday, the White House’s stance on the book was affirmed by the director of the National Security Agency, General Paul M. Nakasone. In a signed affidavit filed in US District Court in Washington, Gen. Nakasone said he had been asked by the legal adviser of the National Security Council to review “a limited portion” of the draft manuscript of Bolton’s book. He added that he had identified “classified information” in that portion of the manuscript, some of which was classified at the Top Secret/Sensitive and Compartmented Information (TS/SCI) level.

According to Gen. Nakasone’s affidavit, “compromise of this information could result in the permanent loss of a valuable SIGINT source and cause irreparable damage to the US SIGINT system”. SIGINT refers to the gathering of intelligence by intercepting communications signals in the form of information exchanged orally between people or mediated via electronic means.

Gen. Nakasone goes on to state that the unauthorized disclosure of the information contained in Bolton’s book could “reasonably […] be expected to result in exceptionally grave damage” to US national security. This includes causing “considerable difficulties in US and allied relations with specific nations”. The NSA director does not detail the precise damage that Bolton’s revelations could cause to US national security, stating only that the information would compromise an intelligence-collection “capability” that “significant manpower and monetary investments have been and continue to be made to enable and maintain”.

Alongside Gen. Nakasone’s affidavit, the Department of Justice submitted an emergency filing on Wednesday, seeking to block the publication of Bolton’s book on national security grounds. Another affidavit was filed on Wednesday by John Ratcliffe, President Trump’s newly appointed Director of National Intelligence.

Author: Joseph Fitsanakis | Date: 19 June 2020 | Permalink

Swiss neutrality ‘shattered’ as leading cryptologic firm revealed to be CIA front

Crypto AGSwitzerland is reeling from the shock caused by revelations last week that Crypto AG, the world’s leading manufacturer or cryptologic equipment during the Cold War, whose clients included over 120 governments around the world, was a front company owned by the United States Central Intelligence Agency.

The revelation, published last Tuesday by The Washington Post and the German public broadcaster ZDF, confirmed rumors that had been circulating since the early 1980s, that Crypto AG had made a secret deal with the US government. It was believed that the Swiss-based company had allowed the US National Security Agency to read the classified messages of dozens of nations that purchased Crypto AG’s encoding equipment. These rumors were further-substantiated in 2015, when a BBC investigation unearthed evidence of a “gentleman’s agreement”, dating to 1955, between a leading NSA official and Boris Hagelin, the Norwegian-born founder and owner of Crypto AG.

But the reality of this alleged secret pact appears to have been even more controversial. According to last week’s revelations, the CIA and West Germany’s Federal Intelligence Service (BND) secretly purchased the Swiss company and paid off most of its senior executives in order to buy their silence. The secret deal allegedly allowed the US and West Germany to spy on the classified government communications of several of their adversaries —and even allies, including Italy, Spain and Greece, as well as Austria, Jordan, Saudi Arabia and the United Arab Emirates.

What is more, the secret CIA/BND partnership with Crypto AG was known to senior British and Israeli officials, and information derived from it was routinely shared with them. Government officials in Switzerland and even Sweden were aware that Crypto AG had been compromised, but remained silent.

American and German authorities have not commented on the revelations. But the story has monopolized Swiss media headlines for several days. Some news outlets have opined that the traditional Swiss concept of political neutrality has been “shattered”. Meanwhile, a Swiss federal judge has opened an investigation into the revelations, as the Swiss parliament is preparing to launch an official inquiry. Switzerland’s Prime Minister, Simonetta Sommaruga, said on Sunday that the government would discuss the issue “when we have the facts”.

Author: Joseph Fitsanakis | Date: 17 February 2020 | Permalink

Russian government cyber spies ‘hid behind Iranian hacker group’

Computer hackingRussian hackers hijacked an Iranian cyber espionage group and used its infrastructure to launch attacks, hoping that their victims would blame Iran, according to British and American intelligence officials. The information, released on Monday, concerns a Russian cyber espionage group termed “Turla” by European cyber security experts.

Turla is believed to operate under the command of Russia’s Federal Security Service (FSB), and has been linked to at least 30 attacks on industry and government facilities since 2017. Since February of 2018, Turla is believed to have successfully carried out cyber espionage operations in 20 different countries. Most of the group’s targets are located in the Middle East, but it has also been connected to cyber espionage operations in the United States and the United Kingdom.

On Monday, officials from Britain’s Government Communications Headquarters (GCHQ) and America’s National Security Agency (NSA) said Turla had hijacked the attack infrastructure of an Iranian cyber espionage group. The group has been named by cyber security researchers as Advanced Persistent Threat (APT) 34, and is thought to carry out operations under the direction of the Iranian government.

The officials said there was no evidence that APT34 was aware that some of its operations had been taken over by Turla. Instead, Russian hackers stealthily hijacked APT34’s command-and-control systems and used its resources —including computers, servers and malicious codes— to attack targets without APT34’s knowledge. They also accessed the computer systems of APT34’s prior targets. In doing so, Turla hackers masqueraded as APT34 operatives, thus resorting to a practice that is commonly referred to as ‘fourth party collection’, according to British and American officials.

The purpose of Monday’s announcement was to raise awareness about state-sponsored computer hacking among industry and government leaders, said the officials. They also wanted to demonstrate the complexity of cyber attack attribution in today’s computer security landscape. However, “we want to send a clear message that even when cyber actors seek to mask their identity, our capabilities will ultimately identify them”, said Paul Chichester, a senior GCHQ official.

Author: Joseph Fitsanakis | Date: 22 October 2019 | Permalink

Facing skepticism by experts, NSA backs down in global encryption standards debate

NSARepresentatives from the United States National Security Agency (NSA) withdrew a proposal to introduce new global industry standards for data encryption, after encountering prolonged skepticism by experts representing other Western countries. Some observers have interpreted this development as indicative of the damaged relationship between the NSA and its Western counterparts following revelations by American defector Edward Snowden.

Deliberations for establishing new industry standards for data encryption have been taking place for over three years under the supervision of the International Organization for Standardization (ISO). The ISO is a worldwide standard-setting body founded in 1947, which brings together representatives from national standards organizations. The US delegation, had proposed the adoption of two new data encryption techniques, known as ‘Simon’ and ‘Speck’. The techniques had the approval of the US national standards organization, which is known as the American National Standards Institute (ANSI) . However, it also had the approval of the NSA, America’s signals intelligence agency, whose representatives were members of the US delegation to the ISO. According to the Reuters news agency, the presence of the NSA representatives in ANSI prompted skepticism among other national delegations.

Eventually, encryption experts from countries including Israel, Japan, Germany, and the United Kingdom, rejected ‘Simon’ and ‘Speck’. The reason, according to Reuters, was that they were “worried that the [NSA] was pushing the new techniques not because they were good encryption tools, but because it knew how to break them”. Some commentators believe that this incident illustrates the suspicion with which the NSA is seen by American allies following headline-grabbing revelations made Edward Snowden, a former employee of the NSA who defected to Russia in 2013. Some of Snowden’s most sensational revelations involved alleged NSA operations targeting Germany, France, Israel, Japan, and other American allies. The revelations shocked public opinion in Europe and elsewhere, and resulted in the unprecedented expulsion of the CIA station chief in Berlin —the most senior US intelligence official in the country. ISO delegates are now thought to be working on a revised plan to keep some of ANSI’s proposed standards but enhance them with stronger layers of encryption, said Reuters.

Author: Joseph Fitsanakis | Date: 22 September 2017 | Permalink

US plans to beef up Cyber Command, separate cyberwar operations from NSA

PentagonThe White House will soon announce its decision to strengthen the United States Cyber Command and separate cyber war operations from intelligence functions, according to insider reports. For many decades, the National Security Agency has been in charge of protecting America’s cyber network and combating online threats. But in 2009, the Administration of US President Barack Obama established a brand new Cyber Command, proposing that the online environment represented a new theater of war. Since that time, the US Department of Defense has been campaigning in favor of strengthening the new Cyber Command and completely removing it from the patronage of the NSA –despite the fact that the latter is also a Pentagon agency.

According to media reports, US President Donald Trump has decided to follow the Pentagon’s suggestion. After several months of delay, his administration is now preparing to announce a major reinforcement of the US Cyber Command, and a formal separation between its functions and those of the NSA. According to the American news network PBS, which broke the news on Monday, the idea behind the move is to give the Cyber Command more operational autonomy and to allow it to establish its own mission statement, which will be distinct from that of the NSA. The latter is an intelligence organization, which means that it primarily seeks to exploit adversary networks for purposes of collecting information. Broadly speaking, therefore, the NSA finds operational adversary cyber networks far more useful than destroyed networks. That tends to clash with the goals of the US Cyber Command, whose tactical goals often center on launching destructive attacks on enemy networks. It is believed that the impending change will allow it to do so without the interference of the NSA.

According to PBS, which cited anonymous sources in its report, the details of the separation “are still being worked out”. Furthermore, some observers caution that the Cyber Command will continue to rely on NSA technology and expertise for years to come, until it is able to carry its own weight. There is even less discussion about the view of the NSA on the matter, which some claim is notably negative. However, the move appears to have been decided, and the Cyber Command’s budget will be increased by nearly 20% to $647 million in the coming year, reflecting its elevated role in US defense.

Author: Joseph Fitsanakis | Date: 19 July 2017 | Permalink

German parliament report on NSA spying contains little consensus

Angela MerkelA lengthy parliamentary report on American intelligence activities in Germany was presented last week in Berlin, but was condemned by opposition parties as insufficient and incomplete, prompting calls for a new investigation. The parliamentary probe was initiated in 2013, following a series of revelations by Edward Snowden, a former employee of the United States Central Intelligence Agency and National Security Agency who defected to Russia. Snowden alleged that both agencies spied on Germany, with the NSA going so far as to eavesdrop on the personal telephone communications of German Chancellor Angela Merkel. The allegations shocked German public opinion, and resulted in the unprecedented expulsion of the CIA station chief in Berlin —the most senior US intelligence official in the country. However, the parliamentary probe soon broadened its scope to include subsequent allegations that German intelligence agencies collaborated with the NSA in spying against other Western countries.

Last Wednesday, after three years of work, the parliamentary committee, known officially as the “German Parliamentary Committee Investigating the NSA Spying Scandal”, presented its findings to the Bundestag. They consist of thousands of pages of technical details concerning interception methods and capabilities. However, the final report fails to draw concrete conclusions, and its concluding section does not reflect a consensus among the committee’s members. The section begins by noting that, “unfortunately, despite an initial shared conviction by all parliamentary groups about the need for the investigation, substantial disagreements emerged between the governing and opposition groups, concerning the methodology and goals of the committee’s work”. Read more of this post

New clues emerge about targeted efforts by Russia to hack US elections

GRUNew information about carefully targeted attempts by Russian operatives to compromise the November 2016 presidential elections in the United States have emerged in a newly published intelligence document. The document, which dates from May of this year, was produced by the US National Security Agency and published on June 5 by The Intercept. The web-based outlet published the leaked document on the same day that Reality Leigh Winner, a US federal contractor with a top-security clearance, was charged with espionage for leaking classified documents to the media. This has led to speculation that Winner may be the source of the leak.

The NSA document details attempts by hackers to compromise the online accounts of over 100 election officials, as well as employees of private contractors involved in administering the election process. The attempts reportedly took place during the period leading up to November 8, 2016. To do that, hackers resorted to a technique commonly known as ‘spear-fishing’. They sent carefully crafted emails, claiming to be from Google, to specifically targeted individuals. The goal was to trick the email recipients into downloading and opening Microsoft Word attachments, which were infected with malware. The infected software would then allow the hackers to remotely access the compromised computers. The NSA document states that at least one targeted person had his or her computer compromised though the ‘spear-fishing’ technique. Importantly, the leaked document appears unequivocal in its assessment that the hackers behind the ‘spear-fishing’ attacks worked for the General Staff Main Intelligence Directorate (GRU) of the Russian armed forces. The document also states that the main goal of the attacks was to compromise the software used to manage voter registration lists, and that the attackers were operating under a “cyber espionage mandate specifically directed at US and foreign elections”.

American intelligence officials have previously said that Russian spies launched in a complex and prolonged campaign to undermine public faith in the US electoral process. It is also known that the Russian campaign targeted election officials in the months leading up to the November 2016 elections. But the NSA report is the first publicly available description of some of the specific techniques employed by the alleged Russian hackers as part of their campaign. The leaked document does not provide technical details about the ‘spear-phishing’ campaign. Nor does it discuss whether the attacks were successful, whether vote tallies were actually compromised, or whether the election process itself was sabotaged by the hackers. The Intercept said it contacted the NSA and the Office of the Director of National Intelligence, who refused to publicly comment on the content of the NSA report.

Author: Joseph Fitsanakis | Date: 09 June 2017 | Permalink

Analysis: Contractor charged with espionage presents political minefield for Trump

NSAAt first sight, the case of Reality Leigh Winner, a United States federal contractor who has been charged with leaking classified information to a news outlet, is an open-and-shut case. Winner, an expert linguist with a top-secret clearance, who provided services to the National Security Agency through a private contractor, appears to have admitted to the Federal Bureau of Investigation that she deliberately leaked classified information without permission. She is believed to have told the FBI that she printed and mailed a single document containing classified information to a news outlet on or around May 9 of this year.

WINNER’S MOTIVES

Although it is too early to tell with certainty, Winner does not appear to have acted in search of money or other material benefits, nor does she appear to have operated as an agent of a foreign government. She told her interrogators that she acted solely out of a sense of duty to the American people. However, US law does not typically distinguish between leakers based on their motives. It does, however, distinguish between simple leakers and whistleblowers. If a US government employee uncovers evidence of abuse of power, or becomes aware of a specific and critical threat to the security of Americans, he or she is required to notify his or her superiors. If the latter refuse to take action, then the employee is justified under the law in taking all necessary actions to warn the public of impending peril. That is precisely the function of the 1989 Whistleblower Protection Act, which affords protection to insiders who expose abuses of authority, or a concrete and critical threat to public safety. Read more of this post

North Korea is now robbing banks, says US intelligence official

North KoreaComments made by a senior American intelligence official on Tuesday appeared to suggest that the North Korean government was behind an attempt to steal nearly $1 billion from a Bangladeshi bank last year. The heist took place in February of 2016, when a computer malware was used to issue several requests to transfer funds from Bangladesh Bank —the state-owned central bank of Bangladesh— using the SWIFT network. The hackers were able to transfer five separate sums of $101 million each to a linked Bangladesh Bank account at New York’s Federal Reserve Bank. However, when further requests were issued, Federal Reserve Bank employees contacted Bangladesh Bank and blocked further transactions. Eventually, most of the transferred funds, which neared $1 billion, were recovered; but the hackers managed to get away with approximately $81 million worth of funds.

Forensic investigators described the heist as technically advanced. The antivirus company Symantec said it identified a piece of code in the malware that is known to have been used by North Korean government hackers in the past. Not everyone agreed with the claim that Pyongyang was behind the bank heist. But those who did, said that it was unprecedented in scope and aggressiveness. Some even said that the heist showed that North Korea’s cyber capabilities were among the most sophisticated and powerful in the world.

Meanwhile the United States government did not comment on the matter. However, this past Tuesday the deputy director of the National Security Agency appeared to confirm reports that North Korea was behind the Bangladesh Bank heist. Rick Ledgett, a 30-year veteran of the NSA, who is due to retire in 2018, was speaking at a public event hosted by the Aspen Institute in Washington, DC. He reminded the audience that private researchers had connected the malware code used in the Bangladesh Bank heist with that used in previous hacking attempts launched by North Korea. “If that linkage […] is accurate”, said Ledgett, it “means that a nation state is robbing banks”. When asked by the moderator whether he believes that to be the case, Ledgett responded “I do. And that’s a big deal”. Foreign Policy magazine reached out to Ledgett following his talk and asked him for clarification about his comments regarding the Bangladesh Bank heist. But the NSA official simply said that “the public case [about the heist] was well-made”. Foreign Policy also contacted the NSA, but the agency said it preferred not to comment on the matter.

Author: Joseph Fitsanakis | Date: 23 March 2017 | Permalink

FBI launches criminal investigation into WikiLeaks’ CIA disclosures

WikiLeaksThe United States federal government has launched a criminal investigation into the public disclosure of thousands of documents that purportedly belong to the Central Intelligence Agency. The documents were released on Tuesday by the anti-secrecy website WikiLeaks. They reveal what appear to be technical collection methods used by the CIA to extract information from digital applications and electronic devices, ranging from flash drives to smart screen televisions. WikiLeaks named the collection “Vault 7”, and said that it consists of nearly 8,000 web pages and 1,000 attachments. It also said that its editors redacted hundreds of pages of computer code, in order to prevent the public release of advanced cyberweapons allegedly used by the CIA to sabotage electronic devices and systems.

On Wednesday, former director of the CIA Michael Hayden told the BBC that the disclosure appeared “incredibly damaging”, because it revealed some of the methods that the CIA uses to acquire information. But some cybersecurity experts said that the techniques contained in the leaked documents did not appear to be uniquely advanced, and most focused on exploiting technical vulnerabilities that were generally known. Still, The New York Times reported on Wednesday that the CIA had begun to assess the damage caused by the release. The agency was also trying to contain the extent of the damage, and had even “halt[ed] work on some projects”, said The Times. Officials from the CIA are reportedly in communication with the Federal Bureau of Investigation, which on Wednesday launched a criminal investigation into the “Vault 7” release.

The main purpose of the FBI investigation is to find out how WikiLeaks acquired the files. The website said that the documents were leaked by a CIA contractor, which would imply that they were accessed from a server outside the CIA’s computer network. However, federal investigators are not excluding the possibility that the leaker of the information may be a full-time CIA employee. Reports suggest that the FBI is preparing to conduct hundreds, and possibly thousands, of interviews with individuals who are believed to have had access to the documents that were released by WikiLeaks. Meanwhile, neither the FBI nor the CIA have commented on the authenticity of the information contained in “Vault 7”. WikiLeaks said that Tuesday’s release, which it codenamed “Year Zero”, was the first part of several installments of documents that will be released under its Vault 7 program.

Author: Joseph Fitsanakis | Date: 09 March 2017 | Permalink

Files released by WikiLeaks show advanced CIA technical collection methods

Julian AssangeThousands of documents belonging to the United States Central Intelligence Agency, which were released on Tuesday by the international anti-secrecy website WikiLeaks, are almost certainly genuine. They reveal an entire universe of technical intelligence collection methods used by the CIA to extract information from digital applications and electronic devices, ranging from flash drives to smart screen televisions. WikiLeaks named the collection Vault 7, and said that it consists of nearly 8,000 web pages and 1,000 attachments. It also said that its editors redacted hundreds of pages of computer code, in order to prevent the public release of advanced cyberweapons that are allegedly used by the CIA to sabotage electronic devices and systems.

The information contained in the leaked documents is almost certainly genuine, and most likely belongs to the CIA —though many of the programs listed may be jointly run by the CIA and the National Security Agency (NSA). These programs, with names such as McNUGGET, CRUNCHYLIMESKIES, ELDERPIGGY, ANGERQUAKE and WRECKINGCREW, appear to be designed to compromise computer systems using a series of sophisticated methods that force entry or exploit built-in vulnerabilities or systems. Targets include popular communications systems like Skype and WhatsApp, smartphones produced by Google and Apple, commercial software like PDF and Microsoft Windows, and even so-called smart televisions that connect to the Internet.

The WikiLeaks revelations are most likely related to operations conducted under the auspices of the Special Collection Service (SCS), a joint CIA/NSA program that dates to the earliest days of the Cold War. The program was started by the United States Armed Forces but was eventually transferred to civilian hands and monitored by the CIA. It used advanced communications-interception facilities around the world to collect information. Over the years, the CIA collaborated with the NSA and developed many SCS projects targeting several foreign countries using technical and human means. In recent years the SCS has been primarily operated by the NSA, which oversees the program’s technical platforms.

WikiLeaks did not reveal the source of the documents. But it said that they had been “circulated [by the CIA] among former US government hackers and contractors” and that it was one of the latter that leaked them to the anti-secrecy website. A statement by WikiLeaks said that Tuesday’s release, which it codenamed “Year Zero”, was part one of several installments of documents that will be released under its Vault 7 program. The site also claimed that the information in “Year Zero” has “eclipsed the total number of pages published over the first three years of the Edward Snowden NSA leaks”. The CIA, the NSA and the White House have not commented on this development.

Author: Joseph Fitsanakis | Date: 08 March 2017 | Permalink

US, British intelligence agencies spied on Israelis and Palestinians, files show

Israel’s Ministry of Foreign AffairsDocuments accessed by a French newspaper show that American and British intelligence agencies worked together to spy on diplomats, academic researchers and defense contractors in Israel and the Palestinian territories. Last year, the German newsmagazine Der Spiegel and the American newspaper The Wall Street Journal reported that the United States National Security Agency spied on senior Israeli politicians throughout the last decade, including Prime Minister Ehud Olmert and his successor, Benjamin Netanyahu. Now French daily Le Monde has alleged that the NSA teamed up with its British equivalent, the Government Communications Headquarters to spy on Israeli foreign service officials and diplomats, academic researchers and defense contractors. The newspaper also alleged that British and American spies targeted Palestinian government officials.

According to Le Monde, the information came from documents leaked by Edward Snowden, a former employee of the NSA and the Central Intelligence Agency, who is currently living in Russia. Snowden defected there in June 2013, after initially fleeing to Hong Kong with millions of stolen US government documents in his possession. In a leading article on Wednesday, the newspaper claimed that British and American spy agencies have systematically targeted senior officials in Israel’s Ministry of Foreign Affairs in Jerusalem. Several Israeli foreign service officials stationed abroad have also been targeted, said Le Monde, including Israel’s ambassadors to Nigeria and Kenya. But the Anglo-American intelligence alliance has also targeted Palestinian government institutions, including the Office of the Secretary General of the Palestinian Liberation Organization. Senior Palestinian officials that have been spied on include Ahmed Qurei, a former prime minister of the Palestinian National Authority, and Ahmad Tibi, a member of the Israeli Knesset who served as an advisor to Palestinian leader Yasser Arafat in the 1990s.

Palestinian diplomats stationed around the world have also been targeted by the NSA and the GCHQ, said Le Monde, in cities such as Paris, Brussels, Lisbon, Islamabad, Pretoria, and Kuala Lumpur. The documents also show that the two intelligence agencies have spied on Israeli defense contractors, including a company named Ophir Optronics, which works in the areas of laser and fiber optic technologies. Finally, the French newspaper said that research centers throughout Israel had been targeted, including scientific laboratories located at the Jerusalem-based Hebrew University.

Author: Joseph Fitsanakis | Date: 08 December 2016 | Permalink