Cyber-ketju: verkkovakoilu,kännyköiden ja wlanien seuranta, hakkerointi, virukset, DoS etc

Sukellusvene on lähin sotilasvehje missä nämä asiat tulevat esille todellisuussa.
Ei sekään jos sen on tarkoitus saada taistelunjohto-informaatiota linkillä. Strateginen ohjussukellusvene voi tietysti olla melko varmasti turvassa koska se toteuttaa ennalta määrätyt käskyt(paperilla).
En tiedä voiko VLF-aaltoja käyttää haittakoodin levittämiseen teoriassa? Aina tosin sekin mahdollisuus on että mukana on "myyrä" jolla on se tikku tms. jossa se virus / mato olisi ladattuna. Käyttäjän ei tarvitse kuin päästä tietokoneeseen kiinni.

Hmm, strateginen ohjussukellusvene jolla on mato keskustietokoneessa.... tuleeko jollekin muulle vilunväristyksiä?! :eek:
 

ctg

Ylipäällikkö
Comfortable illusions about how security is working are crippling the ability of government and industry to fight the threat, a former member of the FBI’s netsec team has told the B-Sides San Francisco security conference.

Society is operating under the illusion that governments and corporations are taking rational choices about computer security, but the fact of the matter is that we’re drowning under a sea of false positive, bad management, and a false belief in the power of technology to save us.

“The government is very reactive,” said Jason Truppi, director of endpoint detection and response at security firm Tanium and a former FBI investigator. “Over time we’ve learned it wasn’t working - just being reactive, not proactive.”
http://www.theregister.co.uk/2017/02/12/b_sides_sfo_security_is_broken_says_taniums_jason_truppi/
 

ctg

Ylipäällikkö
Valtiolliset asialla

Britain has been hit by 188 "high-level attacks" in the last three months.

Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets, according to the UK's newly appointed National Cyber Security Centre chief Ciaran Martin. Russian and Chinese attacks on defence and foreign policy servers are among those being investigated by the organisation.

Security vendors said that high-level malfeasance by foreign espionage agencies is an issue for Western businesses as well as governments.

Piers Wilson, head of product management at Huntsman Security, commented: "While we may be seeing a reported 'step change' in online attacks from Russia and other countries, there is little doubt that foreign powers who commit, or at least support, these attacks will see any element of the UK government and infrastructure as a legitimate target. Given the scale and complexity of the attacks, their attribution to a well-funded and skilled adversary is no surprise.

"Organisations should not consider these as a risk that is only targeted at high-profile networks and systems. Like any attacker, a state-sponsored actor will target any entity that it can find benefit from; this spans opposing nations, to their critical infrastructure, or just private businesses that can be sabotaged, disrupted or have valuable information stolen in the attacker national interest."

Ross Brewer, VP and MD of EMEA at LogRhythm, said: "Organised and state-sponsored hackers have evidently stepped up their game and this could lead to many unpleasant scenarios – from ransomware to the theft of intellectual property to the complete shutdown of our critical national infrastructure."

Richard Henderson, global security strategist at endpoint security specialist Absolute, added: "The rising number of endpoints that are magnifying this threat. Whether it's a mobile or wearable device, or even a seemingly innocent internet-connected fridge, cybercriminals have an almost infinite number of vectors to exploit when attempting to extract valuable data."
http://www.theregister.co.uk/2017/02/13/uk_cybersec_sitrep/
 

ctg

Ylipäällikkö
Every year, the RSA Conference in San Francisco brings out the best and the brightest for its crypto panel, and the view from the floor was simple. Ignore the fads and hyped technology, and concentrate on the basics: good, clean, secure programming.

The panelists were unimpressed with recent moves to build artificially intelligent security systems – despite the success of programs like the DARPA Cyber challenge – saying it was too early to consider such systems reliable and warning that some may never be.

“I’m skeptical of AI on security,” said Ronald Rivest, MIT Institute professor and the ‘R’ in RSA. “Where we are seeing it becoming a wedge issue with the recent election is with AI bots in chat rooms. In 10 or 15 years you’ll be competing to find a real human in a sea of chat bots.”

His former colleague at RSA, Adi Shamir, currently the Borman professor of computer science at the Weizmann Institute, was similarly skeptical about AI systems in security. Attempting to train such a device could lead to interesting problems.

“Fifteen years from now we will give all data to AI systems, it will think, and [then] say that in order to save the internet I’ll have to kill it,” he semi-joked. “The internet is beyond salvaging; we need to start over with something better.”
http://www.theregister.co.uk/2017/02/15/rsa_crypto_panel/
 
Tiukka testi edessä: kestävätkö suomalaisen sähköverkot kyberhyökkäyksen?
http://www.tekniikkatalous.fi/tekni...malaisen-sahkoverkot-kyberhyokkayksen-6625020

Keskiviikkona ja torstaina järjestettävään kyberharjoitukseen osallistuvat Suomen kantaverkkoyhtiö Fingrid ja sähköverkkoyhtiö Elenia. Ne pilotoivat näin erityisesti teollisuuden toimijoille suunnattua kyberturvallisuusharjoitusta.
Kaippa tämä on oikea ketju tälle. Hyvä, että harjoittelevat.
 
Kyberturvallisuuden tutkimushanke - tiedotustilaisuus klo 10:

"Tutkimushanke "Suomen kyberturvallisuuden nykytila, tavoitetila ja tarvittavat toimenpiteet tavoitetilan saavuttamiseksi" on valmistunut. Hankeen tavoitteena oli selvittää kokonaisvaltaisesti, kuinka vuoden 2013 kyberturvallisuusstrategiassa asetettu tavoite "Suomi on maailmanlaajuinen edelläkävijä kyberuhkiin varautumisessa ja niiden aiheuttamien häiriötilanteiden hallinnassa" on saavutettu ja millainen Suomen kyberturvallisuuden tavoitetilan tulisi olla vuonna 2020.

Tutkimus oli osa valtioneuvoston vuoden 2016 selvitys- ja tutkimussuunnitelman toimeenpanoa ja sen ovat tehneet Jyväskylän yliopiston ja Aalto yliopiston tutkijat: professorit Martti Lehto ja Jarno Limnéll sekä tutkijat Eeva Innola, Jouni Pöyhönen, Tarja Rusi ja Mirva Salminen.

Raportti julkaistaan valtioneuvoston kanslian verkkosivuilla osoitteessa"


http://valtioneuvosto.fi/live
 

ctg

Ylipäällikkö
One of the world's oldest programming styles, the ladder logic that runs on industrial programmable logic controllers, remains dangerously vulnerable to attack, according to boffins from Singapore and India.

The researchers – Naman Govil of the International Institute of Information Technology, Hyderabad; and Anand Agrawal and Nils Ole Tippenhauer of the Singapore University of Technology and Design – explain that for all the attention paid to attacks like Stuxnet, there's a dearth of work looking at what's going on at the control logic level.

They write that while industrial control systems are getting better protection from malicious or buggy firmware, the ladder logic that controllers run is less defended.

In the systems they tested, from Rockwell, firmware updates were protected by digital signatures, but not the ladder logic. That runs on the assumption that only trusted people will have access to insert programs: “there were absolutely no checks/verifications performed to ensure that logic updates being pushed onto the programmable logic controller (PLC) are coming from authorised sources.”

To demonstrate this, Tippenhauer and his collaborators wrote what they call “ladder logic bombs” (LLBs) with a focus on stealthy behaviour that's difficult for human operators to notice if they're validating what's running on their PLCs.

The payload types the trio tested included:

  • A Denial of Service LLB that waits for a trigger and shuts a system down;
  • A data manipulation LLB that manipulated sensor readings and commands; and
  • A data logging LLB, which they note is particularly dangerous because they don't disturb the system, and might therefore leak sensitive data for long periods of time;
They note it's very easy to conceal commands that will go as far as bricking the PLC, using legitimate instructions to fool around with arrays or create stack overflows (the latter is pure simplicity: create a recursive subroutine that calls itself).

Defences proposed by the Tippenhauer paper are, thankfully, also simple. First, companies should centralise their PLC software storage into a single location, with all engineers submitting what they call “golden samples”, and PLCs only take updates from those samples. Second, operators should (preferably automatically) run periodic checks that validate the software on PLCs with the central logic store.
http://www.theregister.co.uk/2017/02/22/how_to_stop_the_next_stuxnet/
 

ctg

Ylipäällikkö
Pohjois-Korea asialla

The South Korean public sector is once again in the firing line of a sophisticated – and likely government-backed – cyberattack.

The campaign was active between November 2016 and January 2017 and relied on exploiting vulnerabilities in a Korean language word processing program and a spoofed document from the Korean Ministry of Unification.

Security researchers at Cisco Talos discovered that the adversaries used a compromised Korean government website – kgls.or.kr (Korean Government Legal Service) – to download secondary payloads onto compromised machines.

"This attack is notable because it uses the proprietary format of the Hangul Word Processor, a regional word processor and popular alternative to Microsoft Office for South Korean users," Cisco Talos reports.

"Due to these elements it's likely that this campaign has been designed by a well-funded group in an attempt to gain a foothold into South Korean assets, which can be deemed extremely valuable."

Many of these techniques fit the profile of campaigns previously associated with attacks by certain government groups. South Korean systems are routinely attacked by their neighbors in the North. The US National Security Agency also has a history of gaining access to networks in South Korea, primarily to spy on the Norks.

The spying occurred in the run-up to a controversial ballistic missile test by the North Koreans earlier this month and, perhaps of greater relevance, shortly before joint US–South Korean military exercises.

North Korea has repeatedly been blamed for hacks and malware-based attacks on its southern neighbors, most notoriously the so-called Dark Seoul attacks against banks and broadcasters of 2013. The NORKS were also blamed by US intel agencies for the infamous Sony Pictures hack of 2014. ®
http://www.theregister.co.uk/2017/02/24/south_korea_cyberspied_upon/
 

ctg

Ylipäällikkö
Jenkit haluavat sinun koodisi. Sinun algorimitsi, koska ... USA

The US Department of Defense wants you to contribute unclassified code to software projects developed in support of national security.

Toward that end, it has launched Code.mil, which points to a Github repository intended to offer public access to code financed by public money. But at the moment, the DoD's repo lacks any actual code.

Open source and free software represent industry best practices, the DoD said in a statement, even as it acknowledged the agency has yet to widely adopt it. Code.mil represents an attempt to change that dynamic.

On the project website, the DoD goes so far as to suggest that anything other than open source software puts lives at risk.

"US military members and their families make significant sacrifices to protect our country," the agency explains in its FAQs. "Their lives should not be negatively impacted by outdated tools and software development practices that lag far behind private sector standards."

And in case that isn't clear enough, the agency states, "Modern software is open sourced software."

But before open source can ride to the rescue, government programmers and whatever community coalesces around them will need to find a suitable software license to apply to DoD projects.

Because code written by federal government employees for the most part does not qualify for copyright protection, it cannot be protected by licenses that rely on copyright law.

But a Creative Commons Zero (CC0) license, which would put the code into the public domain, isn't quite the right fit. Outside the US, countries may not accept CC0 as a valid way to waive copyrights or may have different legal requirements, which makes contributions from those abroad problematic.

"Software constantly evolves with each contribution potentially having a different copyright and license status," the agency says. "Merely placing source code in the public domain with CC0 1.0 does not address how contributions will affect the openness of the project over time."

So rather than using a common open source license or creating a new one – something the DoD CIO discourages – the agency has drafted a proposed Defense Open Source Agreement (DOSA), which uses "contract law to attach licenses to our projects."

The DOSA lets the DoD require that contributors abide by an open source license despite its lack of copyright – the right by which a software license would typically be imposed. It also requires that contributors accept an agreement known as a Developer's Certificate of Origin, by which programmers attest that they have the right to any code they may contribute.

The DOSA thus provides a way for the DoD to accept code contributions from foreign contributors while minimizing the legal risk they might face from a local copyright claim.

Whether or not the DoD's DOSA is legal isn't entirely clear. Chaim Krause, whose Twitter account identifies him as a civilian employee of the US Army, through GitHub's Issues system questions the claim that the DoD can require software to be released under an arrangement other than public domain.

The US Army Research Laboratory (ARL) requires a Creative Commons Zero (CC0) license (public domain), in conjunction with an ARL Contributor License Agreement from every contributor to ensure contributed code can be contributed.

The DoD says its Defense Digital Service (DDS), which spearheaded Code.mil, has consulted with the Open Source Initiative and Free Software Foundation on its approach to licensing.

In a statement, DDS legal counsel Sharon Woods said: "We hope this agreement will serve as a bridge so we can use widely adopted open source licenses even without US copyright protections." ®
http://www.theregister.co.uk/2017/02/25/defense_department_seeks_opensource_contributors/
 

ctg

Ylipäällikkö
Valtiollinen haluaa pelisääntöjä

China has issued a “International Strategy of Cooperation on Cyberspace” in which it outlines rules it think should govern nations' online conduct.

The thrust of the document is that the world needs internet governance that respects sovereignty, reduces the likelihood of conflict and ensures no one nation can control cyberspace. China forcefully, and repeatedly, states it's determination to bring about that state of affairs.

The document opens by stating “In the interconnected cyberspace, countries are bound together by intertwined interests. A secure, stable and prosperous cyberspace is of great significance to all countries and the world.”

China's preferred way to secure cyberspace starts with a suggestion that “Countries should reject the Cold War mentality, zero-sum game and double standards, uphold peace through cooperation and seek one's own security through common security on the basis of full respect for other countries' security.”

The document suggests that nations should enjoy sovereignty over the internet within their borders. That means “Countries should respect each other's right to choose their own path of cyber development, model of cyber regulation and internet public policies, and participate in international cyberspace governance on an equal footing.”

“No country should pursue cyber hegemony, interfere in other countries' internal affairs, or engage in, condone or support cyber activities that undermine other countries' national security.”

It also says “No country should use ICT to interfere in other countries' internal affairs or leverage its advantage to undermine the security of other countries' ICT product and service supply chain.”

China wants shared governance of the internet and believes current bodies must reform to enable a new order. It will therefore “push for institutional reform of the UN Internet Governance Forum to enable it to play a greater role in internet governance, strengthen its decision-making capacity, secure steady funding, and introduce open and transparent procedures in its member election and report submission.”

The nation also wishes to “vigorously promote the reform of ICANN to make it a truly independent international institution, increase its representations and ensure greater openness and transparency in its decision-making and operation.”

Ears attuned to diplomatic language may be interested to know that the document says “China supports formulating universally accepted international rules and norms of state behavior in cyberspace within the framework of the United Nations, which will establish basic principles for states and other actors to regulate their behavior and intensify cooperation in order to uphold security, stability and prosperity in cyberspace.”

Talk of international rules evokes the unwritten pacts that (mostly) make wars and other aggressive action between nations rare, at least without nations first having it out in various international debating forums. Talking of international rules therefore suggests China wants international dispute-resolution mechanisms a-plenty.

The document also calls for privacy to be respected, in part by educating businesses about how secure customer data.

Some sections of the document nakedly describe initiatives that will benefit China. Section 9, for example, outlines a plan to increase Chinese soft power by helping to develop the nation's “animation, comic and games industry” to distribute its products and tailor them to foreign markets.

The document's been released to state-run media, in impeccable English should you like to consider the full text instead of The Register's summary.
http://www.theregister.co.uk/2017/03/02/china_international_strategy_of_cooperation_on_cyberspace/
 

ctg

Ylipäällikkö

If there is one piece of information that would fatally undermine the NSA's argument that it doesn't abuse Section 702 of the Foreign Intelligence Surveillance Act (FISA), it would be the number of American citizens whose personal information it has "incidentally" hoovered up.

And that is why it refuses to provide the figure.

There were two House Judiciary Committee meetings in Congress yesterday over the reauthorization of Section 702 in December. The first was held in secret with members of the security services; the second in public with panelists.

We don't know what happened in the first but in the second, a number of Congressmen made it plain that the NSA had failed to provide an estimate for the number of American citizens it has data on – despite the committee asking for it 11 months ago in a formal letter.

John Conyers (D-MI), the lead Democrat on the committee, noted that the lawmakers had repeatedly asked for the estimate but "the intelligence community has not so much as responded to our December letter" – a letter that asked for no more than an update on how long it would take to arrive at an estimate.

The intelligence community continues to argue it is difficult to tell the nationality of someone making a call or sending an email without a huge amount of effort or without violating their privacy.

That claim "seems like baloney to me," said Jim Jordan (R-OH), adding: "It's the greatest intelligence service on the planet. You'd think they'd be able to know that."

The truth is that the NSA cannot disclose the true figure if it wishes to retain its extraordinarily broad surveillance powers – powers that it has interpreted to include tapping the internet's backbone and big tech companies' server farms.

Section 702 repeatedly and explicitly notes that it only provides authority to gather information on non-US citizens and events occurring outside of the United States. And yet, incredibly, the security services have layered misinterpretation of the law on top of misinterpretation in order to authorize themselves to tap into US companies' systems based in the US.

The moment the scale of the domestic spying this has enabled is laid bare, the NSA's obtuse claim of "incidental" and "accidental" gathering of data on US citizens will be shown to be the façade it is. Which is why it won't release the figure.
http://www.theregister.co.uk/2017/03/02/how_many_americans_does_nsa_illegally_spy_on/
 

OldSkool

Kapteeni
Lahjoittaja
Tietoja siitä että USAlla on ollut vuodesta 2014 hakkerointioperaatio kohdistettuna P-Korean ohjus- ja ydinaseohjelmaan: http://yle.fi/uutiset/3-9492553
Ei olisi kovin yllättävää. Toisaalta, tällaiset "me olemme tehneet hyviä tuloksia vaikka emme voi enempää kertoakaan" -jutut pitää ottaa rauhallisesti ja tunnistaen myös informaatiovaikuttamis-koukku.
Edith: alkuperäinen Suomen median juttu iltalehdessä http://m.iltalehti.fi/ulkomaat/201703042200080668_ul.shtml
 
Tykkäykset: ctg

ctg

Ylipäällikkö
Hieman huolestuttava



A researcher who in January helped highlight possible flaws in Intel's Software Guard Extensions' input-output protection is back, this time with malware running inside a protected SGX enclave.

Instead of protecting the system, Samuel Weiser and four collaborators of Austria's Graz University of Technology write that the proof-of-concept uses SGX to conceal the malware – and that within five minutes, he can grab RSA keys from SGX enclaves running on the same system.

It's the kind of thing SGX is explicitly designed to prevent. SGX is an isolation mechanism that's supposed to keep both code and data from prying eyes, even if a privileged user is malicious.

Weiser and his team created a side-channel attack they call “Prime+Probe”, and say it works in a native Intel environment, or across Docker containers.

The PoC is specifically designed to recover RSA keys in someone else's enclave in a complex three-step process: first, discovering the location of the victim's cache sets; second, watch the cache sets when the victim triggers an RSA signature computation; and finally, extracting the key.
http://www.theregister.co.uk/2017/0...e_under_intels_door_sgx_can_leak_crypto_keys/

We developed the most accurate timing measurement technique currently known for Intel CPUs, perfectly tailored to the hardware. We combined DRAM and cache side channels, to build a novel approach that recovers physical address bits without assumptions on the page size. We attack the RSA implementation of mbedTLS that is used for instance in OpenVPN.

The attack succeeds despite protection against sidechannel attacks using a constant-time multiplication primitive. We extract 96 % of a 4096-bit RSA private key from a single Prime+Probe trace and achieve full key recovery from only 11 traces within 5 minutes.
https://arxiv.org/abs/1702.08719
 

hansai

Ylipäällikkö
Wikileaks: CIA pystyy salakuuntelemaan älypuhelimia – tuhansia vahvistamattomia verkkovakoiluasiakirjoja julki

CIA:lla on käytössään ainakin tuhat erilaista verkkovakoilujärjestelmää, vuotosivusto Wikileaks kertoo. Asiantuntijan mukaan vuodetut asiakirjat vaikuttavat aidoilta.

Yhdysvaltojen keskustiedustelupalvelu CIA pystyy salakuuntelemaan yleisimpiä älypuhelimia, vuotosivusto Wikileaks väittää. Kehittämiensä haittaohjelmien avulla CIA voi sivuston mukaan saada haltuunsa puhelimen sijaintitiedot, viestit, mikrofonin ja kameran.

Wikileaksin mukaan CIA:lla on käytössään ainakin tuhat erilaista hakkerointijärjestelmää, tietokonevirusta ja muuta haittaohjelmaa. Sen hakkerit työskentelevät CIA:n päämajan ohella Yhdysvaltojen konsulaatissa Frankfurtissa.

Tiedot perustuvat lähes 9 000 asiakirjaan, jotka Wikileaks-sivusto julkaisi tiistaina. Ne ovat sen mukaan peräisin CIA:n kybertiedusteluyksiköstä. Asiakirjojen aitoutta ei ole toistaiseksi onnistuttu vahvistamaan eikä CIA ole itse ottanut asiaan kantaa.

Nyt julkaistut asiakirjat ovat vasta ensimmäinen osa valtavaa tietomurtoa, jota Wikileaks kutsuu CIA:n historian suurimmaksi.

Älytelevisiosta salakuuntelulaite

Wikileaksin mukaan CIA:n haittaohjelmat pystyvät murtautumaan älypuhelinten ohella myös tablettitietokoneisiin, yleisimpiin tietokoneiden käyttöjärjestelmiin, internetpalvelimiin ja jopa älytelevisioihin.

Samsungin älytelevisiosta voi tehdä salakuuntelulaiteen haittaohjelmalla, jonka CIA on kehittänyt yhdessä Britannian tiedustelupalvelujen kanssa, sivusto kertoo. Televisio voi lähettää nauhoittamiaan keskusteluja CIA:n palvelimelle jopa silloin, kun se näyttäisi olevan suljettuna.

CIA:lla on asiakirjojen mukaan omat yksikkönsä iPhonen IOS-käyttöjärjestelmää ja Googlen Android-järjestelmää vastaan. Edes viestiohjelmien kuten Whatsappin tai Telegramin viestit eivät pysy turvassa haittaohjelmien saastuttamissa puhelimissa.

"Vaikuttavat aidoilta"

Sivusto kertoo saaneensa haltuunsa osan CIA:n haittaohjelma-arkistosta tietovuodon kautta. Sen mukaan arkisto olisi kiertänyt luvattomasti hallinnon entisten työntekijöiden ja alihankkijoiden keskuudessa, ja yksi heistä olisi luovuttanut osan siitä Wikileaksille.

Uutistoimisto AP:n haastatteleman asiantuntijan mukaan asiakirjat vaikuttavat aidoilta. Yhdysvaltojen tiedustelupalveluilla tiedetään olevan hyvin edistyneitä verkkovakoiluvälineitä. CIA:n ohella niihin on erikoistunut turvallisuusvirasto NSA.

Wikileaks on julkaissut kymmenen toimintavuotensa aikana paljon aitoja Yhdysvaltojen hallinnon salaisia asiakirjoja. Yhdysvaltojen presidentinvaalikampanjan aikana sivusto julkaisi tuhansia sähköpostiviestejä, jotka oli siepattu Hillary Clintonin kampanjapäälliköltä.

Wikileaksia ja ja sen johtajaa Julian Assangea syytettiin presidentinvaaleihin sekaantumisesta. Yhdysvaltojen tiedusteluviranomaisten mukaan tietomurron takana olivat Venäjän turvallisuuspalvelut.
http://yle.fi/uutiset/3-9496429?origin=rss
 

ctg

Ylipäällikkö
Former NSA contractor Edward Snowden said on Tuesday that the WikiLeaks dump of what it claims to be more than 8,700 documents from the CIA's Center for Cyber Intelligence "looks authentic" and "is genuinely a big deal."
http://www.washingtonexaminer.com/e...ng-capability-looks-authentic/article/2616670

First, though, a few general points: one, there's very little here that should shock you. The CIA is a spying organization, after all, and, yes, it spies on people.

Two, unlike the NSA, the CIA isn't mad keen on blanket surveillance: it targets particular people, and the hacking tools revealed by WikiLeaks are designed to monitor specific persons of interest. For example, you may have seen headlines about the CIA hacking Samsung TVs. As we previously mentioned, that involves breaking into someone's house and physically reprogramming the telly with a USB stick. If the CIA wants to bug you, it will bug you one way or another, smart telly or no smart telly. You'll probably be tricked into opening a dodgy attachment or download.

That's actually a silver lining to all this: end-to-end encrypted apps, such as Signal and WhatsApp, are so strong, the CIA has to compromise your handset, TV or computer to read your messages and snoop on your webcam and microphones, if you're unlucky enough to be a target. Hacking devices this way is fraught with risk and cost, so only highly valuable targets will be attacked. The vast, vast majority of us are not walking around with CIA malware lurking in our pockets, laptop bags, and living rooms.

Thirdly, if you've been following US politics and WikiLeaks' mischievous role in the rise of Donald Trump, you may have clocked that Tuesday's dump was engineered to help the President pin the hacking of his political opponents' email server on the CIA. The leaked documents suggest the agency can disguise its operations as the work of a foreign government. Thus, it wasn't the Russians who broke into the Democrats' computers and, by leaking the emails, helped swing Donald the election – it was the CIA all along, Trump can now claim. That'll shut the intelligence community up. The President's pet news outlet Breitbart is already running that line.

Back to the leaked files. One amusing page gives details of discussions within the CIA on how to avoid having its secrets leak in the wake of the theft of the NSA Equation Group's hacking tools. Along with a detailed report [PDF] on the Equation Group hack, there are suggestions on how to protect resources.

The CIA and the White House have yet to comment on the veracity of the leaked material and are unlikely to do so. But at least one former intelligence worker with knowledge of such matters seems convinced they are real.
http://www.theregister.co.uk/2017/03/08/cia_exploit_list_in_full/

Voi sanoa että CIAn sylttylista on pitkä ja haiseva, mutta mitään mitä he tekevät ei pitäisi yllättää koska sisäisesti me olemme tienneet tämän ties kuinka kauan, mutta koska virallinen totuus on se mitä toitettu niin foliota voi nyt hiljaa alkaa kääriä pois kuupan ympäriltä. Ei sille voi mitään. Totuus on tarua karmeampaa.
 
Viimeksi muokattu:

Mustaruuti

Ylipäällikkö
BAN
Lahjoittaja
ELSO 1.0
Tätä ei missään vaiheessa kiistetty, ja nyt vannotaan kostoa.

Jossain määrin huvittavaa, että kun jenkeillä on jo NSA, niin CIA:n tarvitsee sitten rakentaa oma Cyber-puoli.

No, onhan jenkeillä toistakymmentä tiedusteluorganisaatiota + FBI...

Yhdysvallat: Wikileaksille tietoja vuotaneita rangaistaan ankarasti
Kaksi nimettömänä puhunutta virkamiestä vahvisti uutistoimisto Reutersille tietovuodon tapahtuneen.

http://yle.fi/uutiset/3-9499131
 
Tykkäykset: ctg

ctg

Ylipäällikkö
Valtiollinen valittaa salauksen yleistymisestä. On se niin väärin. Tekee hommista vittumaisia. :cool:

"We do these things, because they're hard. Not because they're easy." - John Kennedy.

FBI director James Comey has told a cybersecurity conference that any communications – be it with your spouse, your priest, or your lawyer – and any of your memories are up for grabs should a court order it.

Speaking at the Boston Cyber Security Summit, Comey said that America's founding fathers had set down that there is a right to privacy but that the government has a right to intrude in the name of security. It was part of a 200-year old "bargain of ordered liberty," he opined.

"Even our memories are not absolutely private in America," he said.

"Any of us can be compelled – in appropriate circumstances – to say what we remember, what we saw. Even our communications with our spouses, with our clergy members, with our attorneys are not absolutely private in America. In appropriate circumstances a judge can compel any one of us to testify in court about those very private communications."

Comey made this argument as part of a discussion about the FBI's relationship with encryption. He said that encryption had always been part of computer technology, but after Edward Snowden's whistleblowing we had seen a huge rise in the use of encryption, and this was making life difficult for the FBI.
http://www.theregister.co.uk/2017/03/08/fbi_boss_says_memories_not_private_in_america/

In his talk, Comey outlined the FBI's top five cybersecurity threats and his ordering might cause some surprise.

Top of the list was nation state hackers, he said, followed closely by international professional hacking groups that worked for money. The next most dangerous threat was employees and staff carrying out insider attacks, he said, followed by hacktivists seeking to use computer crime to advance political aims.

But at the bottom of the FBI's list were terrorists. While terrorist groups have proved adept at using the internet to spread propaganda and recruit new members, they are relatively unskilled and haven't turned to online crime to carry out attacks, Comey said.

To beat these threats the FBI is trying to get better skills by recruiting from the outside. The Feds are looking for people with the right skills, physical fitness, and integrity. There's no point hiring someone who's a whiz at computing and fit enough to pack heat if they "smoke weed on the way to the interview," he joked.

The FBI can't match private industry when it comes to salaries, Comey said, but the FBI is trying to make the organization more tech-friendly. That doesn't mean beanbags and whiteboards he said, but the agency wanted to attract talent and so would have to loosen up a little.

The FBI has also introduced internal competition, he said, so that now an online investigation will be carried out by whoever is most skilled, not by whoever is at the scene of the crime. All field offices will have a cyber specialist and Comey expects the competitive aspect to lead to improvements in skills and conviction rates.

He also appealed for companies to work with the FBI more, saying that if you are a chief security officer and don't know your local FBI officer then you're failing at your job. But he issued a stern warning against companies hacking back against attackers.