Britain’s controversial ‘snooper’s charter’ has been delivered a blow from the EU with its highest court ruling that the government’s “indiscriminate retention” of emails is illegal.
The ruling could trigger challenges against the UK’s new Investigatory Powers Act, passed into law in November, which allows for the sweeping collection and storage of people’s emails, text messages and internet data.
According to a long-awaited decision by the European Court of Justice (ECJ) in Luxembourg, only targeted interception of traffic and location data in order to combat serious crime is justified.
The finding came in response to a legal challenge initially brought by the Brexit secretary, David Davis, before he got the role of helping Britain leave the bloc, and Tom Watson, Labour’s deputy leader.
They are concerned over the legality of cyber-spies at GCHQ bulk intercepting call records and online messages.
“This ruling shows it is counter-productive to push new laws through parliament without proper scrutiny,” Watson told the Independent.
“At a time when we face a real and ever-present terrorist threat, the security forces may require access to personal information none of us would normally hand over.
“That’s why it’s absolutely vital that proper safeguards are put in place to ensure this power is now abused, as it has been in the recent past.
“Most of us can accept that our privacy may occasionally be compromised in the interests of keeping us safe, but no one would consent to giving the police or the government the power to arbitrarily seize our phone records or emails as they see fit.
“It’s for judges, not ministers, to oversee these powers. I’m pleased the court has upheld the earlier decision of the UK courts,” Watson told the paper.
Tässä toinen. En pysty edes lukemaan koko uutista koska GCHQ jumittaa.
GOOD NEWS FOR PEOPLE WHO LIKE PRIVACY. Europe's most significant court has decided that if you live in the UK you deserve some, particularly when it comes to the so-called Snoopers Charter, which is a pain in all of our bottoms.
You know the Snoopers Charter, you might know it by its proper name, the Investigatory Powers Bill (IP Bill). It is a very real, very clear and very present danger.
A cyber attack is suspected in connection with an outage of the Ukrainian power grid that affected homes around Kiev last weekend.
A substation in Pivnichna was cut off from the main power grid for about 75 minutes late on Saturday 17 December, lasting into the early hours of Sunday. As a result, houses and flats of the right bank district of Kiev* and neighbouring areas lost power.
Ukrenergo, a Ukrainian energy provider, said that “hacker attack and equipment failure are among the possible causes for the power failures”, according to local reports.
Moreno Carullo, co-founder and chief technical officer at Nozomi Networks, said, “These reports are reminiscent of an attack experienced at a similar time last December that left 225,000 Ukrainians cold at Christmas. Worryingly, if this does prove to be another cyberattack on the Ukrainian grid, it sets an uncomfortable precedent that similar attacks may occur annually at this time of year.”
The recent outage appears to centre at a transmission substation. These are used to transport electricity over long distances, with its primary function to raise/lower and control the voltage, provide power factor correction to protect from overloads, and perform checks to synchronise power flow between two adjacent power systems. A distribution substation is then used, closer to cities, to carry electricity to users.
“All this equipment (the transmission and the primary distribution substations) are automated and remotely controlled, while smaller ones maybe electro-mechanically operated and are certainly unsupervised,” according to Carullo.
“Substations have long been considered a weak point, with respect to cybersecurity, due to their remote location making them difficult to manage and monitor for disruptions. While some are completely disconnected, and are therefore considered safe from cyberattack, others form part of a Smart Grid which means they are part of a fully connected series of systems to allow for improved efficiency of the power grid. However, with Smart Grid connectivity comes increased vulnerability to cyberattacks due to the connected nature of the entire grid,” he added.
A hacker who gains access to internet-connected control panels might be able to disable inverters and fire alarms, triggering blackouts and equipment damage to many households in one time. If hackers did attack Kviv's power grid - something that’s still the subject of investigation - then Russia will almost inevitably become the chief suspect, given recent (unresolved) conflicts between the two countries.
Alex Mathews, lead security evangelist at Positive Technologies, remains unconvinced that hackers caused the latest power outage in the Ukraine. Equipment failure can’t be ruled out as a cause, he pointed out.
“Power outages in winter time is a pretty common story for ex-USSR territories where the power equipment is old, so it can shut down when people use too many electric heaters, lamps and other appliances,” Mathews said. “Such power outages happen every year, even in big cities like Moscow, Petersburg and Kiev.”
The temperature in Kiev on the day ranged from a -1˚C maximum and a -9˚C minimum.
“On the other hand, we should recognise that the chances of successful cyber-attack on power grids are growing in the modern world due to internet,“ he added.
The European Court of Justice (ECJ) has delivered a blow to the UK’s controversial new surveillance law, the Investigatory Powers Act.
The Act, which is commonly known as the “snoopers’ charter” and received royal assent in November, legitimizes a range of government surveillance powers. Among other things, it requires internet service providers to keep records of their users’ web browsing data for a year so that it can be accessed by a list of government and police departments – a measure that has previously been criticized as unworkable, ineffective and potentially damaging to the UK’s tech sector.
The EU court now says such data collection is not permissible. In a judgment released on Wednesday morning, it rules that EU member states may not force telecommunications companies to indiscriminately retain data about their users. This, it says, is not compatible with EU law on privacy.
The court says that collecting data in this way could “allow very precise conclusions to be drawn concerning the private lives of the persons whose data has been retained” and that it “is likely to cause the persons concerned to feel that their private lives are the subject of constant surveillance.”
This kind of data collection may only be applied in the case of serious crime and must be restricted to what is “strictly necessary”, says the court. Requests to access such data must be reviewed by an independent body.
The judgment follows a challenge brought by a group including Labour Party leader Tom Watson and supported by privacy organisations Open Rights Group, Privacy International and Liberty. They brought a case against the UK’s Data Retention and Investigatory Powers Act (DRIPA), a temporary law that expires at the end of this year but shares many points with the new act. The high court ruled the law was illegal but the government appealed, and the ECJ was asked to clarify the law on surveillance.
Following its ruling, campaigners say that key parts of the Investigatory Powers Act will need to be changed.
“Today’s judgment upholds the rights of ordinary British people not to have their personal lives spied on without good reason or an independent warrant. The Government must now make urgent changes to the Investigatory Powers Act to comply with this,” says Liberty director Martha Spurrier.
“This is the first serious post-referendum test for our Government’s commitment to protecting human rights and the rule of law. The UK may have voted to leave the EU – but we didn’t vote to abandon our rights and freedoms.”
Ukraina, Jenkkilä,.... Missähän muualla näitä lymyilee? No ei härmässä ainenskaan
Ministeriö: Venäläinen haittaohjelma löytyi sähköverkkoyhtiön tietokoneesta
Tietokone ei ollut yhteydessä sähköverkon hallintaan, mutta sisäisen turvallisuuden ministeriö ottaa tapauksen erittäin vakavasti.
31.12.2016 klo 08:03päivitetty 31.12.2016 klo 08:06
Burlington Electric -sähköverkkoyhtiö toimii Vermontin osavaltiossa Koilis-Yhdysvalloissa.AOP
Yhdysvaltain sisäisen turvallisuuden ministeriö on havainnut Vermontin osavaltiossa toimivan sähköverkkoyhtiön tietokoneesta haittaohjelman, joka liittyy Venäjän vakoiluun.
Ministeriö julkaisi eilen perjantaina yhdessä liittovaltion poliisin FBI:n kanssa raportin Venäjän vakoilutoiminnasta. Vakoilua on kohdistettu mm. Yhdysvaltain demokraattiseen puolueeseen, mutta myös moniin muihin tahoihin, mm. sähköyhtiöihin. Vakoilutoiminnalla oli koodinimi Grizzly Steppe.
Ministeriö teki pikaisen hälytyksen Burlington Electric -sähköverkkoyhtiöön, kun yhdestä sen käyttämästä kannettavasta tietokoneesta oli löytynyt Grizzly Steppeen liittynyt ohjelma.
Tietokone ei ollut yhteydessä sähköverkon hallintaan, eikä haittaohjelma ollut aktiivinen, mutta sisäisen turvallisuuden minsteriö ottaa asian vakavasti, kertovat ministeriön nimettöminä pysyttelevät työntekijät.
Vermontin kuvernööri Peter Shumlin määräsi osavaltion virkamiehet tekemään asiasta täydellisen selvityksen ja varmistamaan, ettei vastaava pääsisi enää tapahtumaan.
Yhdysvaltain tietoturvaviranomaiset ovat varpaillaan Venäjän hakkerointitoiminnan takia. Hakkeroinnista tehdyn selvityksen mukaan toiminta on ollut hyvin laajaa ja sen ansiosta Venäjä on mahdollisesti saanut kyvyn vaikuttaa Yhdysvaltain yhteiskunnan haavoittuviin osiin.
Yhdysvaltain sähköverkko toimii tietokoneiden ohjauksessa. Niiden toiminnan häiritseminen johtaisi vakaviin ongelmiin mm. terveydenhuollon ja pelastuspalvelun toiminnassa.
Joulukuussa 2015 Länsi-Ukrainassa neljännesmiljoonan ihmisen sähköt katkesivat. Yhdysvalloissa uskotaan, että katkos johtui Venäjän kyberhyökkäyksestä. Venäjä on kiistänyt syytöksen.
USA:n viranomaiset julkaisivat 29.12.2016 raportin cybertiedustelusta, sen keinoista ja omien järjestelmien suojaamisesta. Raportti on mielestäni sopivan lyhyt niin että siitä voi olla hyötyä myös viranomaistahojen ulkopuolella, esim yritysten infosec-tarkistuslistojen vertaamiseen.
Löytyy us-cert.gov sivuilta nimellä "GRIZZLY STEPPE - Russian malicious cyber activity"
Jokin tuntuu kusevan tässä asiassa. Sorsa oli ehkä ulkomainen mutta ei se tarkoita etteikö he huomanneet asioita ja pystyneet vaikuttamaan niihin. Testaus ennen käyttöä. Kuitenkin taidan nostaa hanskat pystyyn ja odotella mitä tästä sopasta syntyy.
Two new variants of some Windows spyware first discovered in 2013 have surfaced in targeted attacks, security firm Forcepoint warns.
The new nasties – BigBoss and SillyGoose – are based on the three-year-old MM Core backdoor. MM Core spawned a spin-off named "StrangeLove" shortly after its discovery before mysteriously becoming dormant for years.
Carl Leonard, principal security analyst at Forcepoint, said: "We've found that although MM Core's version has incremented twice, the core backdoor remains almost the same with the exception of new file and mutex names – showing that these malicious actors have been cunningly updating the malware just enough to keep their operation under the radar."
SillyGoose has been flung against organisations in the United States and Africa. The original MM Core was limited to attacks against Middle Eastern and Central Asian countries, with a particular focus on news and media, government defence, oil and gas manufacturing, and telecommunications industries.
More details of the malware can be found in a blog post here.
Olen melko varma että valtiolliset tulevat kohdistamaan hyökkäyksiä näihin uusiin kryptolokero saittehin samalla tapaa kuin jengi aivan varmasti käyttää näitä salaamaan privaattidataansa. Tälle konseptille ei ole olemassa mitään lakia joka rajaa sitä, mutta se on tuote mikä oli odotettavissa Snowdenin ja Valtiollisten sorkkimisen jälkeen. Totuus kuitenkin on näitä on ollut olemassa privaattisaittina jo jonkin aikaa mutta ei koskaan tässä laajuudessa.
A giant cyberlocker that announced its closure amid a government piracy crackdown and other threats, will be born again. EX.UA says that its service will resume under a new domain and business model, with anonymous sharing of files of any size and format, with cloud streaming and other features to follow.
GCHQ teki vaihteeksi jotakin tuottaavaa. Ihmisillä tuntuu olevan vaikeuksia totaalisen valvonnan ymmärtämisessä. Asioiden annetaan tapahtua kun taas toisiin asioihin viranomaiset tarttuvat ja estävät toimintaan tapahtumasta.
A prison librarian in England was today sentenced to more than seven years in prison for trying to buy a handgun and bullets online and for drug offenses.
Dwain Osborne, of Avenue Road, Penge, in London, was nabbed in October of 2015 after he sought to procure a Glock 19 – a staple of police and security forces worldwide – and 100 rounds of ammunition on the dark web.
A search of Osborne’s house revealed the existence of a storage device, two stolen passports, and a police uniform.
The storage device was found to contain prison cell numbers for all the inmates of HMP Brixton prison where Osborne worked as a librarian, plus a list of all staff and their personal details.
Discovery of the personal data led to Osborne’s re-arrest when officers recovered drug wraps, scales, a cutting agent, cash and cocaine.
Osborne was charged with nine offenses, including attempting to purchase a firearm and ammunition and possessing class A and B drugs with intent to supply. Osborne pled guilty to six charges, and was sentenced on Monday at the Old Bailey to seven-and-a-half years.
Andy Tickner from the UK Organised Crime Partnership said in a statement: “People looking to obtain illicit goods and services under the supposed anonymity of the dark web continue to discover that they can be traced and identified.
“Ensuring that firearms cannot be sourced in this way is a priority for the NCA [National Crime Agency]. We will work tirelessly to prevent and disrupt those involved in the buying and selling of firearms on the dark web.” ®
On April 24, 2013, just weeks before Edward Snowden went public with his leaks about mass surveillance by the National Security Agency, General Keith B. Alexander, then the head of the NSA, welcomed a group of Swedish intelligence officials to a secret three-day meeting at NSA headquarters in Fort Meade, Maryland. In the delegation were Ingvar Åkesson, the longtime director of Sweden’s National Defense Radio Establishment (known as the FRA, for Försvarets radioanstalt), a shadowy Swedish government intelligence agency, and five members of Åkesson’s senior staff. One of the aims of the meeting was to discuss Sweden’s growing importance to the NSA.
In a 2008 law, the FRA had been given expansive powers by the Swedish government to vacuum up all communications traveling over fiber optic networks into and out of Sweden—including e-mails, text messages, and telephone calls. This was of great interest to the NSA, not least because a large percentage of Russian communications traveled through Sweden. In 2011, the Swedes began sharing their surveillance data with the nsa, which included—as NSA officials described it at the time of the meeting—a “unique collection [of communications data] on high-priority Russian targets such as leadership, internal politics, and energy.”
Noting the Swedish spy agency’s unusual technical abilities and reputation for secrecy, NSA officials also viewed it as an ideal collaborator on its hacking and cyberwarfare project, called Quantum. One of the Quantum programs was an ambitious operation called WINTERLIGHT, which aimed at secretly hacking into high-value foreign computers and computer networks to obtain not only communications data but also any information stored on the hard drives or servers in question. Possible targets might be the administrators of foreign computer networks, government ministries, oil, defense, and other major corporations, as well as suspected terrorist groups or other designated individuals. Similar Quantum operations have targeted OPEC headquarters in Vienna, as well as Belgacom, a Belgian telecom company whose clients include the European Commission and the European Parliament.
According to NSA documents, WINTERLIGHT was using a complex attack strategy to secretly implant a malware program on the targeted computer or network. The NSA’s malware would then divert any signals between those computers and the Internet through “rogue” high-speed surveillance servers, called “FoxAcid” servers, allowing the NSA to access in stealth almost any of the user’s personal data—and even to tamper with data traveling from one user to another
Significantly, while WINTERLIGHT was a joint effort between the NSA, the Swedish FRA, and the British GCHQ, the hacking attacks on computers and computer networks seem to have been initiated by the Swedes. The FRA was setting up the implants on targeted computers—known in NSA parlance as “tipping”—to redirect their signals to the surveillance servers, thus allowing the GCHQ and the NSA to access their data, in what are called “shots.” At the time of the April 2013 meeting, the NSA reported that “last month, we received a message from our Swedish partner that GCHQ received FRA QUANTUM tips that led to 100 shots.”
The NSA further noted in its April 2013 report that the FRA “continues to gain access to more data from additional telecommunications companies” and that new Swedish legislation had also given the FRA expanded counterterrorism powers. According to the American agency, the broad leeway given to the FRA had made Sweden a more reliable surveillance ally than Great Britain. One document about the NSA’s WINTERLIGHT program reports that “continued GCHQ involvement may be in jeopardy due to British legal/policy restrictions, and in fact NSA’s goal all along has been…a bilat[eral arrangement] with the Swedish partner.”
Secret government eavesdropping has a long history in Scandinavia. By virtue of its position on Europe’s northern flank with Russia and the east, the Scandinavian Peninsula was crucial to Western intelligence officials during the cold war, and both Norway and Sweden developed sophisticated signals intelligence programs. According to NSA documents, the US agency has had close ties to Norwegian intelligence as far back as the 1950s. With Norway’s position as NATO’s northern bridgehead against the East, the relationship continued until the Gorbachev period. A Norwegian newspaper recently described a listening post in Vardø, in the far north of the country along Norway’s border with Russia, as a “giant ear to the east.”
But the NSA’s relationship with Sweden may be the most interesting. Though officially neutral, Sweden in fact built very close ties to both NATO and the US security establishment in the late 1940s and early 1950s and was deeply involved in cold war spying operations. Among the intelligence agencies, the Swedes were noted for their technical prowess. According to the Norwegian journalist and intelligence historian Alf Jacobsen, in the 1970s and 1980s, the FRA used the Swedish embassy in Helsinki to intercept Soviet military and diplomatic communications, using equipment provided by the NSA; and working for the CIA, the Swedes successfully broke the diplomatic codes of numerous countries, including Brazil, Zaire, China, Iran, Turkey, Japan, and Czechoslovakia.1
In recent years, geographical proximity to Russia and the development of the Internet have provided new reasons for Sweden to maintain its technical edge: there are very few undersea fiber optic cables connecting Russia to the outside world—just six, according to the cable-monitoring organization TeleGeography, out of more than three hundred around the world—and the principal ones pass under the Baltic Sea. In July 2008, when Sweden passed its surveillance law, a diplomatic cable from the US embassy in Stockholm, later published by WikiLeaks, noted that, since “80 percent of Russia’s foreign cable-based communications flow through Sweden, the law legalizes Sweden’s monitoring of the majority of Russia’s trans-border communications.”
With the Russian military posing increasing threats against NATO allies since the war in Ukraine, such spying has become even more important. Much as during the cold war, there are frequent reports in the Swedish press about Russian submarine and military activity in the region, and growing calls for a tightened military alliance with NATO and the United States. (In 2015, Sweden joined NATO’s Cyber Defense Center, a research and training facility in Tallinn, Estonia, and in June 2016, Sweden signed a new “statement of intent” with the Pentagon, aimed at tightening a defense alliance.)
However, the recent completion of a Finnish undersea cable system called Sea Lion, which routes Internet traffic from Finland directly to Germany, may allow many Russian communications to bypass Sweden. This fall, the Finnish government began discussing surveillance legislation of its own, aimed in part at gaining access to the new cable data. Some Western security analysts now view the Baltic Sea as a main theater in a new cyberwarfare arms race
Hackers of unknown origin cut power supplies in Ukraine for a second time in 12 months as part of wide-ranging attacks that hit the country in December.
The attacks were revealed at the S4x17 conference in Miami in which Honeywell security researcher Marina Krotofil offered reporters some detail into the exploitation that began 16 December and raged for four days.
She told Dark Reading attackers triggered an hour-long power black out at midnight 17 December by infecting the Pivnichna remote power transmission facility, knocking out remote terminal units and the connected circuit breakers.
Further attacks against the State Administration of Railway Transport left Ukrainians unable to purchase rail tickets and delayed payments when the Treasury and Pension Fund was compromised.
Those 23 December outages affected Ukraine's Prykarpattya Oblenergo and Kyivoblenergo utilities cutting power to some 80,000 customers for six hours.
Last month's attacks also used the BlackEnergy and KillDisk malware. Other hacks included highly-convincing and successful phishing attacks against an unnamed Ukrainian bank, various remote exploitation, and denial of service attacks.
Instead, its giving away 58 of the tools, while selling the remainder for varying amounts, or the lot for a knock-down price. A total of 750 Bitcoin (a mere £500,000) will buy the entire portfolio in a January sale even bigger than the DFS sale.
The group admitted that it hadn't proved to be as profitable a venture as hoped, and claimed that it had been too much "risk and bullshit, not many bitcoin". It was always, the message added, about making money with "free dumps and bullshit politic… for marketing attention".
On the download page, the message continued: "The Shadow Brokers is trying auction. Peoples no like. The Shadow Brokers is trying crowdfunding. Peoples is no liking. Now The Shadow Brokers is trying direct sales. Be checking out ListOfWarez. If you like, you email The Shadow Brokers with name of Warez you want make purchase."
The page also contained a price list in bitcoin for any deep-pocketed online miscreants or would-be NSA agents.
Cisco was forced to admit that some of Shadow Brokers' illicit malware was capable of compromising the security of its products, used by telecoms companies and internet service providers around the world; while Fortinet warned in an advisory that firmware in its FortiGate product was insecure unless users update the firmware.
Hei rakas Nimeni on Asima Aahil huomasin profiilisi täällä Facebookissa tänään ja tuli kiinnostunut sinusta, minä myös haluaisin tietää enemmän, haluan sinun lähettää viestin minun sähköpostiosoite, jotta voin antaa teille kuvan voit tietää, kuka Olen. Tässä on minun sähköpostiosoite (Aahilasma@live.com) Minulla on hyvä syy ottaa sinuun yhteyttä ja kertoa tämän, uskon, että voimme siirtyä täältä. Haluan sinun mehiläinen hyvä ystävä, olen Englanti ottaen (Aahilasma@live.com) My Dear i will be very much pleased to read your mail and tell you about me (Aahilasma@live.com)
Chat conversation end
French authorities are warning political parties about the increased threat of cyber attacks as the country prepares to elect a new president in May.
Last year's US presidential election was marred by cyber attacks and leaks. US intel agencies blame Russia for the hack1 and subsequent leak of sensitive emails and other information from the Democratic National Committee (DNC). French authorities fear the possibility of similar interference.
The National Agency for the Security of Information Systems (L'Agence nationale de la sécurité des systèmes d'information or ANSSI) director Guillaume Poupard told FRANCE 24: "We're clearly not up against people who are throwing punches just to see what happens. There's a real strategy that includes cyber [attacks], interference and leaked information... These are people whom we're obviously following closely. Even if we can't be sure that they're the same, they're attackers who regularly come knocking on our ministers' doors.
Political parties and campaign staff are particularly vulnerable to hackers with tactics likely to include spear phishing and website attacks. "Fundamentally, political parties, like small and medium-size businesses... are not equipped to deal with the situation alone."
Speaking to The Register, ProtonMail's CEO and co-founder Andy Yen said: "We do expect to see more censorship this year of ProtonMail and services like us."
First launched in 2014 by scientists who met at CERN and had become concerned by the mass-surveillance suggested by the Edward Snowden revelations, ProtonMail is engineered to protect its users' communications by using client-side encryption through users' browsers, meaning ProtonMail's servers never have access to any plaintext content.