telecommunication service providers

Attack by Chinese hacker group targeted high-profile individuals around the world

July 9, 2019 by Joseph Fitsanakis 2 Comments

Operation SOFTCELL A hacker attack of impressive magnitude targeted specific individuals of interest to the Chinese government as they moved around the world, in what appears to be the first such operation in the history of cyberespionage. The attack was revealed late last month by Cybereason, an American cybersecurity firm based in Boston, Massachusetts. Company experts described the scope and length of the attack, dubbed Operation SOFTCELL, as a new phenomenon in state-sponsored cyberespionage. Cybereason said SOFTCELL has been in operation since at least 2017, and identified the culprit as APT10, a hacker group that is believed to operate on behalf of China’s Ministry of State Security.

The operation is thought to have compromised close to a dozen major global telecommunications carriers in four continents —the Middle East, Europe, Asia and Africa. According to Cybereason, the hackers launched persistent multi-wave attacks on their targets, which gave them “complete takeover” of the networks. However, they did not appear to be interested in financial gain, but instead focused their attention on the call detail records (CDRs) of just 20 network users. With the help of the CDRs, the hackers were able to track their targets’ movements around the world and map their contacts based on their telephone activity. According to The Wall Street Journal, which reported on Cybereason’s findings, the 20 targets consisted of senior business executives and government officials. Others were Chinese dissidents, military leaders, as well as law enforcement and intelligence officials.

An especially impressive feature of SOFTCELL was that the hackers attacked new telecommunications carriers as their targets moved around the world and made use of new service providers. The attacks thus followed the movements of specific targets around the world. Although this is not a new phenomenon in the world of cyberespionage, the geographical scope and persistence of the attacks are unprecedented, said The Wall Street Journal. Speaking last week at the 9^th Annual International Cybersecurity Conference in Tel Aviv, Israel, Lior Div, Cybereason’s chief executive officer and co-founder, said SOFTCELL attacks occurred in waves over the course of several months. The hackers used a collection of techniques that are commonly associated with identified Chinese hacker groups. If detected and repelled, the hackers would retreat for a few weeks or months before returning and employing new methods. The Cybereason security experts said that they were unable to name the targeted telecommunications carriers and users “due to multiple and various limitations”.

► Author: Joseph Fitsanakis | Date: 09 July 2019 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with APT10, China, Cybereason, cyberespionage, cybersecurity, News, Operation SOFTCELL, telecommunication service providers

Norway spy agency urges IT firms to be cautious when outsourcing operations abroad

June 27, 2018 by Joseph Fitsanakis Leave a comment

Broadnet Norway The Norwegian National Security Authority (NSM) has warned the country’s information technology firms to prioritize national security over cutting costs when outsourcing their operations abroad. The warning follows what has come to be known as the “Broadnet affair”, which, according to the Norwegian government, highlighted the dangers of extreme cost-cutting measures by Norway’s heavily privatized IT industry. The incident is named after Broadnet, Norway’s leading supplier of fiber-optic communications to the country’s industry and state sectors. Among Broadnet’s customers is Nødnett, an extensive digital network used by agencies and organizations that engage in rescue and emergency operations, including police and fire departments, as well as medical response agencies. Although 60% of the Nødnett network is owned by the Norwegian government, Broadnet is a member of the Nødnett consortium, and is thus supervised by Norway’s Ministry of Transport and Communications.

In September of 2015, Broadnet fired 120 of its Norway-based employees and outsourced their jobs to India, in search of cost-cutting measures. The company signed a multimillion dollar contract with Tech Mahindra, an outsourcing firm based in Mumbai. But an audit by the Norwegian government soon discovered several instances of security breaches by Tech Mahindra staff. The latter were reportedly able to access Nødnett without authorization through Broadnet’s core IT network, which was supposed to be off-limits to outsourced staff without Norwegian security clearances. Soon after the breaches were discovered, Broadnet began to bring its outsourced operations back to Norway. By the end of 2017, all security-related IT tasks had been returned to Norway. In the meantime, however, Broadnet had come under heavy criticism from the Norwegian government, opposition politicians, and the NSM —the government agency responsible for protecting Norway’s IT infrastructure from cyber threats, including espionage and sabotage.

The NSM warning —published earlier this month in the form of a 20-page report— makes extensive mention of the Broadnet affair. It recognizes the right of Norwegian IT firms to outsource some or all of their operational tasks as a cost-cutting measure. But it also stresses that the country’s IT firms are required by law to abide to national security protocols when outsourcing part of their IT portfolios to foreign companies. There have been numerous instances in recent years, where “risk management obligations relative to outsourcing decisions by Norwegian [IT] companies have fallen short”, the NSM report states. It adds that IT firms must abide to strict protocols of risk management when making outsourcing decisions. It also states that the firms’ Norway-based senior managers must regain complete overview of outsourced projects at every step of the way.

► Author: Joseph Fitsanakis | Date: 27 June 2018 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with Broadnet (Norway), intelligence outsourcing, National Security Authority (Norway), News, Norway, Tech Mahindra, telecommunication service providers, telecommunications industry

UK spy agency sued by Internet providers over malware attacks

July 3, 2014 by Joseph Fitsanakis 1 Comment

GCHQ center in Cheltenham, England By JOSEPH FITSANAKIS | intelNews.org
A group of Internet service providers from North America, Europe, Asia and Africa have filed a lawsuit against Britain’s foremost signals intelligence agency, accusing it of hurting their business by spying on them. The legal complaint was filed against the Government Communications Headquarters (GCHQ), the British government agency tasked with communications interception, which also provides information assurance to both civilian and military components of the British state. Service providers from the United States, United Kingdom, Germany, Netherlands, South Korea and Zimbabwe are listed as plaintiffs in the complaint, which was filed on Wednesday in a court in London. The legal action against the spy agency is based on articles that surfaced in the international press last year. They alleged that GCHQ targeted Belgium’s largest telecommunications service provider Belgacom. The revelations surfaced first in September of 2013 in Flemish newspaper De Standaard. The paper claimed that Belgacom’s mainframe computers had been deliberately infected by an “unidentified virus”, which had specifically targeted telecommunications traffic carried by Belgacom’s international subsidiaries. De Standaard further claimed that the scope and technical sophistication of the operation pointed to a state-sponsored agency as the culprit. Further revelations about the Belgacom malware attacks were made in German newsmagazine Der Spiegel in November of last year, pointing to GCHQ as the agency behind the operation. The allegations originated in information provided by Edward Snowden, an American defector to Russia who used to work for GCHQ’s American equivalent, the National Security Agency. In their lawsuit, the Internet service providers allege that, regardless of whether they were themselves targeted by GCHQ in a manner similar to that of Belgacom, the British spy agency effectively compromised the integrity of their industry. It did so, they argue, by allegedly targeting employees of telecommunications service providers, by infecting telecommunications networks with malware, by Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with Belgacom, cyberespionage, GCHQ, lawsuits, News, Privacy International, telecommunication service providers, UK

NSA ‘broke, circumvented Internet encryption standards’

September 6, 2013 by Ian Allen

NSA headquarters By IAN ALLEN | intelNews.org |
The United States National Security Agency (NSA) has been able to crack or get around basic encryption standards used daily by hundreds of millions of Internet users, according to newly leaked documents. The New York Times said on Friday that it was in possession of documents that prove that the NSA is not restrained by universal encryption standards used in the US and abroad. The NSA, which is America’s largest intelligence agency, and is tasked by the US government with intercepting electronic communications worldwide, is now able to routinely circumvent Secure Sockets Layer or virtual private networks, as well as encryption protection standards used on fourth-generation cell phones. It therefore has instant access to the content of billions of encrypted messages exchanged by users of some of the Internet’s most popular email companies, including Gmail, Hotmail, Yahoo and Facebook. The paper said it obtained the documents from Edward Snowden, a technical contractor for the NSA who defected to Russia this past summer. They include internal NSA memoranda that suggest the NSA deployed specially built supercomputers to break Internet encryption standards. In other cases, the Agency worked with selected companies and convinced them to “build entry points into their products”. The multi-billion effort was apparently launched by the NSA in the early 2000s, soon after the US government lost a lengthy battle with the communications industry centering on the so-called ‘clipper chip’. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with civil liberties, clipper chip, communications interception, Edward Snowden, encryption, Internet, News, NSA, privacy, telecommunication service providers, United States

Analysis: PRISM revelations harm US political, financial interests

June 20, 2013 by Joseph Fitsanakis 7 Comments

NSA headquarters By JOSEPH FITSANAKIS | intelNews.org |
Ever since June 6, when Edward Snowden, a former United States Central Intelligence Agency (CIA) technician, exposed a vast communications spying system called PRISM, observers have focused on the ramifications of this controversy inside America. But in an excellent analysis written for ComputerWorld magazine’s New Zealand edition, Taylor Armerding points out that Snowden’s revelation could result in extensive international blowback for the United States, in both the political and economic realms. Armerding quotes Toronto University political science professor Ron Deibert, who argues that this latest revelation of massive communications interception activity by the National Security Agency (NSA) carries with it “unintended consequences […] that will undermine US foreign policy interests”. Deibert points out that the spy scandal has the potential to undercut America’s role and influence in global Internet governance. In the words of renowned security expert Bruce Schneier, many around the world are beginning to view the US as “simply too untrustworthy to manage the Internet”. Even policymakers and ordinary users friendly to Washington are worried about what they perceive as the “huge disadvantages” of their dependence on US-managed Internet networks that host the content of social media sites, cloud computing databases, or telecommunications exchanges, says Deibert. But the biggest potential damage to US interests, argues Armerding, is not political, but economic. “It is not just personal information that is being swept into the NSA’s massive databases”, he notes; “it is corporate data as well”. Indeed, the vast foreign and domestic spying represented by PRISM poses a direct threat to the global competitiveness of the American technology sector. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with Analysis, corporate espionage, Edward Snowden, European Union, NSA, privacy, surveillance, telecommunication service providers, United States, whistleblowing

Scandinavian phone company helps ex-Soviet republics spy on citizens

May 8, 2012 by intelNews 1 Comment

TeliaSonera CEO Lars Nyberg By JOSEPH FITSANAKIS | intelNews.org |
A highly profitable cellular telecommunications company, which is jointly owned by a Swedish-Finnish public-private consortium, is enabling some of the world’s most authoritarian regimes to spy on their own citizens, according to a new report. TeliaSonera AB, the dominant telephone company and mobile network operator in Sweden and Finland, is currently active in nearly 20 countries around the world. In 2011, it posted a net profit of nearly $3 billion, 25 percent of which came from the company’s operations in countries of the former Soviet Union. They include some of TeliaSonera’s most lucrative franchises, such as Geocell in Georgia, Kcell in Kazakhstan, Ucell in Uzebekistan, Tcell in Tajikistan, and Azercell in Azerbaijan, among others. But a new investigation by Sweden’s public broadcaster, Sveriges Television AB (SVT), accuses TeliaSonera of knowingly giving some of the world’s most oppressive governments the means to spy on their own citizens. The report, which is available online in English, effectively states that TeliaSonera is directly complicit in some of the world’s most severe human rights abuses. The accusation is bound to cause embarrassment among senior officials in the Swedish government, which owns nearly 40 percent of TeliaSonera’s stock. The SVT investigation singles out Uzbekistan, Belarus and Azerbaijan, where TeliaSonera operates monopoly cellular networks on behalf of the state, “in exchange for lucrative contracts”. While running the networks, TeliaSonera allegedly grants local intelligence agencies complete and real-time access to the all telephone calls, pen-register data, and content of text messages exchanged by users. This, says the SVT report, has in turn facilitated several arrests of pro-democracy activists and political dissidents in countries like Belarus and Azerbaijan. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with Azerbaijan, Azercell, Belarus, cellular telephony, civil liberties, ethics, Finland, Geocell, Georgia, human rights, Kazakhstan, Kcell, Lars Nyberg, News, surveillance, Sweden, Tajikistan, Tcell, telecommunication service providers, TeliaSonera, Ucell, Uzbekistan, wiretapping

News you may have missed #724

May 7, 2012 by intelNews Leave a comment

By IAN ALLEN | intelNews.org |
►►Aid group denies link to US intelligence in Pakistan. Aid group Save the Children denied accusations it has ties to US intelligence agencies in Pakistan. The organization’s denial came shortly after Dr. Shakil Afridi, a doctor the CIA recruited to help in the search for Osama bin Laden, told Pakistani interrogators that Save the Children played a role in his becoming involved with the CIA. Following Afridi’s interrogation, the Pakistani government banned some Save the Children members from leaving the country and aid supplies –including medical supplies– have been blocked by customs.
►►Is MI6 double spy’s case linked with Gareth Williams’ death? In 2010, British authorities jailed for a year MI6 employee Daniel Houghton, after he was caught trying to sell classified documents to MI5 spooks posing as foreign agents. According to newspaper The Daily Mirror, British police are now “probing a possible link between the Houghton’s case and the death of MI6 employee Gareth Williams, who was found dead in his London apartment in 2010. According to the paper, police detectives “want assurances from MI6 that Williams’ details [and] identity were not compromised” by Houghton.
►►Fears of spying hinder US license for China Mobile. China Mobile, the world’s largest mobile provider, applied in October for a license from the Federal Communications Commission to provide service between China and the United States and to build facilities on American soil. But officials from the FBI, the Department of Homeland Security and the Justice Department’s National Security Division are concerned that the move would give the company access to physical infrastructure and Internet traffic that might allow China to spy more easily on the US government and steal intellectual property from American companies. This is according to The Los Angeles Times, which cites “people familiar with the process who declined to be identified because the deliberations are secret”. US officials and lawmakers have expressed similar concerns about a Chinese telecommunications hardware manufacturer Huawei Technologies, which is alleged to have contacts with the Chinese People’s Liberation Army and the Ministry of State Security.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with 0 Aid group denies link to US intelligence in Pakistan, 0 Fears of spying hinder US license for China Mobile, 0 Is MI6 double spy's case linked with Gareth Williams' death?, biometrics, cellular telephony, China, China Mobile, CIA, Daniel Houghton, Department of Justice National Security Division, Gareth Williams, MI6, News, news you may have missed, Pakistan, Save the Children, Shakil Afridi, suspicious deaths, telecommunication service providers, telecommunications, UK, United States

News you may have missed #403

July 29, 2010 by intelNews Leave a comment

Hundreds of FBI agents accused of cheating on spy rules test. The US Justice Department is investigating claims that hundreds of FBI agents cheated on an exam designed to test their knowledge of new rules about spying on suspects. Depending on the outcome of the investigation, agents could be disciplined or even fired.
Lebanon charges second telecoms worker with espionage . Lebanese authorities have widened an investigation into Alfa, Lebanon’s state-owned cellular telecommunications provider, charging a second Alfa worker, Tareq Raba, with spying for Israel.
Google, CIA invest in ‘future’ of web monitoring. The investment arm of the CIA, In-Q-Tel, is backing a new company called Recorded Future, which monitors the web in real time and says it uses that information to predict the future. Google is also backing the same startup.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with 0 CIA invests in ‘future’ of web monitoring, 0 Hundreds of FBI agents accused of cheating on spy rules test, 0 Lebanon charges second telecoms worker with espionage, Alfa Cellular, CIA, FBI, Google, In-Q-Tel, Internet, Israel, Lebanon, News, news you may have missed, Recorded Future, Tareq Raba, telecommunication service providers, US Department of Justice

News you may have missed #340

May 2, 2010 by intelNews Leave a comment

West Bank urged to drop Israeli cell phone companies. The Palestinian Authority (PA) is urging Palestinians to stop using the Israeli cellular companies Pelephone, Orange, Cellcom and Mirs. The official reasons are economic (Israeli companies don’t pay taxes to the PA), but the real reasons are probably related to communications security.
US police wiretaps up 26 percent in one year. The number of wiretaps authorized by US state and federal judges in criminal investigations jumped 26 percent from 2008 to 2009, according to a report released Friday by the Administrative Office of the US Courts.
Taliban group executes high-profile ex-ISI spy. Khalid Khawaja, one of two Pakistani former Inter-Services Intelligence directorate officers captured by a Taliban splinter group, named Asian Tigers, has been found dead. The other ex-ISI official, Sultan Amir Tarar, a.k.a. Colonel Imam, who was Taliban leader Mullah Mohammad Omar’s former handler, remains in captivity.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with 0 Taliban group executes high-profile ex-ISI spy, 0 US police wiretaps up 26 percent in one year, 0 West Bank urged to drop Israeli cell phone companies, Asian Tigers (Pakistan), Cellcome, Colonel Imam, communications interception, ISI, Israel, Khalid Khawaja, Mirs, Mullah Mohammad Omar, News, news you may have missed, Orange, Pakistan, Palestine, Pelephone, Sultan Amir Tarar, Taliban, telecommunication service providers, telecommunications, United States, West Bank, wiretapping

News you may have missed #0202

December 2, 2009 by intelNews Leave a comment

Russia claims intel agents have left Crimea base. Alleged move follows last June’s expulsion by the Ukrainian government of several Russian FSB operatives stationed in the Russian naval base in Sevastopol.
Here’s how US communications providers make money by spying on users. One provider, Cox Communications charges the US government $2,500 to fulfill a pen register/trap-and-trace order for 60 days, and $2,000 for each additional 60-day-interval. It also charges $3,500 for the first 30 days of a wiretap, and $2,500 for each additional 30 days.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with communications interception, Cox Communications, Crimea, diplomatic expulsions, FSB, News, news you may have missed, Russia, Sevastopol (Ukraine), telecommunication service providers, telecommunications, Ukraine, United States

NSA bugging more widespread than thought, says ex-analyst

November 26, 2009 by intelNews 3 Comments

Wayne Madsen

By JOSEPH FITSANAKIS | intelNews.org |
A former NSA analyst and US Navy intelligence officer has alleged that the National Security Agency’s (NSA) domestic spying program was more widespread than originally thought, and that it was authorized by the Bush Administration prior to 9/11. Wayne Madsen, who authors the Wayne Madsen Report, says the NSA consulted with US telecommunications service providers about aspects of its STELLAR WIND program in as early as February 27, 2001, several months prior to the events of 9/11. STELLAR WIND was a massive domestic surveillance program involving spying on US citizens. Under the guidance of the office of the US Attorney General, the NSA was systematically allowed to circumvent the standard authorization process under the Foreign Intelligence Surveillance (FISA) Court, composed of 11 federal judges, and thus conduct what is known as warrantless wiretapping within the United States, which is illegal. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with Bush Administration, domestic intelligence, Foreign Intelligence Surveillance Act, James Bamford, News, NSA, operation STELLAR WIND, Russell Tice, telecommunication service providers, Terrorist Surveillance Program (STELLAR WIND), United States, warrantless communications interception, Wayne Madsen, whistleblowing

News you may have missed #0183

November 14, 2009 by intelNews 1 Comment

Did US Rep. Hoekstra compromise a secret NSA spy program? Rep. Peter Hoekstra (MI), the ranking Republican on the House Intelligence panel, may have inadvertently compromised a sensitive National Security Agency email collection program while commenting on allegedly intercepted emails sent and received by Fort Hood shooter Malik Nadal Hasan.
Blog requests readers’ help to examine released documents. Wired magazine’s Threat Level blog has issued a request for readers to help pore over thousands of US government documents relating to the proposed immunity for telephone companies involved in the Bush Administration’s warrantless wiretapping program. The documents were released following a FOIA lawsuit by the Electronic Frontier Foundation.
An opportunity in Cuba for CIA field agents? They’d have to pose as McDonald’s restaurant workers.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with CIA, communications interception, Cuba, Electronic Frontier Foundation, FOIA, Fort Hood, Malik Nadal Hasan, McDonald's Corporation, News, news you may have missed, NSA, Pete Hoekstra, telecommunication service providers, United States

News you may have missed #0178

November 11, 2009 by intelNews Leave a comment

Israel uses Facebook to spy on Arab, Muslim youth, claims article. A French-based Israeli-interest magazine claims psychologists working for the Israeli government are using online social networking sites like Facebook to profile and spy on Muslim and Arab users.
Nepal paper alleges secret US-India spy meeting. Nepalese newspaper The Weekly Telegraph has alleged that the Indian embassy in Nepalese capital Kathmandu has been selected to host a meeting between agents of the CIA and members of India’s Research and Analysis Wing (RAW).
UK to require record-keeping of all personal communications, despite privacy concerns. All British telecommunications companies and internet service providers will be required by law to keep a record of every customer’s personal communications, showing who they have contacted, when and where, as well as the websites they have visited, despite mounting privacy concerns over the requirement.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with CIA, databases, Facebook, Indian embassy in Nepal, intelligence analysis, Israel, Nepal, News, news you may have missed, privacy, RAW, social networking, telecommunication service providers, UK

Senator says Obama employs Bush tactics on spy secrecy

October 14, 2009 by intelNews Leave a comment

Russ Feingold

By JOSEPH FITSANAKIS | intelNews.org |
A Democratic senator has alleged that the Obama Administration is copying the Bush Administration’s tactics by “stonewalling and road blocking” Congress on intelligence issues. Senator Russ Feingold (D-Wis.), the only Senator to vote against the USA PATRIOT Act during its first vote, said during a nomination hearing on Tuesday that he suspects the White House is still withholding information from Congressional intelligence panel members. Feingold voiced the allegation during the nomination hearing in Congress of David Gompert, incoming deputy director of national intelligence, who will serve under director of national intelligence Dennis C. Blair. In recent months, Senator Feingold has emerged as one of the most vocal Democratic critics of the Obama administration’s policies on intelligence and security. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with Bush Administration, David Gompert, Dennis Cutler Blair, Dick Durbin, DNI, domestic intelligence, intelligence oversight, News, NSA, Obama Administration, Russ Feingold, Silvestre Reyes, surveillance, telecommunication service providers, US Congress, US House of Representatives Permanent Select Committee on Intelligence, USA PATRIOT Act, warrantless communications interception

Indian government tells telecoms to avoid buying Chinese hardware

October 11, 2009 by intelNews 3 Comments

Huawei logo

By IAN ALLEN | intelNews.org |
The Indian government has asked the country’s telecommunications companies to “refrain from buying Chinese telecommunications equipment”, because they may be used by Beijing to spy on India. The request was reportedly delivered to Indian telecommunications industry representatives by officials from India’s Department of Telecommunications, in a closed-door meeting earlier this week. Indian media report that the Department’s request has no legal backing, but is simply a call for Indian telecommunications providers to “self-regulate”. But the government is said to be working on official guidelines to restrict the domestic use of telecommunications hardware and software originating from countries considered “unfriendly” to India, including Pakistan, China and Egypt. Some industry observers have expressed fears that the pending restrictions will severely hinder the growth of India’s rapidly rising telecommunications sector. Read more of this post