Secretary of State Rex Tillerson will embark on his first trip to Asia next week, visiting Japan, South Korea, and China. In what some journalists are calling an unprecedented move, he will not travel with members of the press.
“Not only does this situation leave the public narrative of the meetings up to the Chinese foreign ministry as well as Korea’s and Japan’s, but it gives the American people no window whatsoever into the views and actions of the nation’s leaders,” a dozen Washington bureau chiefs from major news organizations wrote in a letter to the State Department earlier this week. Continue reading →
On Thursday, December 1, a vital Supreme Court order is set to go into effect that dramatically expands the surveillance power of federal agents. The impending alteration to Rule 41 of the Federal Rules of Criminal Procedure softens the legal requirements for obtaining search and seizure warrants that grant the government remote access to individual’s computers and phones.
In the past, law enforcement was required to obtain a warrant from a judge within the jurisdiction where the proposed search was going take place. Under this new system, however, if an individual is using technology to conceal their location, the warrant is considered valid regardless of jurisdiction. A single authorization will have the potential to validate millions of searches on private devices. Any journalist, activist, or whistleblower who values privacy and uses tools like Freenet or the Tor network will fall directly into the crosshairs. Continue reading →
Shadow Brokers posted online some examples of the data it said it had stolen, including scripts and instructions for breaking through firewall protection. Cybersecurity analysts poring over that information are confident that the material is in fact from Equation Group. This news raises a bigger question: What are the consequences if the Equation Group – and by extension the NSA – were actually hacked?
What has been breached?
The NSA holds a massive amount of data, including information on U.S. citizens’ and foreign nationals’ phone calls, social connections, emails, web-browsing sessions, online searches and other communications. How much data? NSA’s Utah data center alone is reported to have a storage capacity of 5 zetabytes – 1 trillion gigabytes. However, judging from what has been made public of what has been stolen by Shadow Brokers, this massive data trove has not been breached.
The Shadow Brokers have claimed to have copies of this software and information on security vulnerabilities the NSA uses in its attacks, including instructions for breaking into computer networks. If true, these would be of very high strategic value to someone seeking to defend against cyberattacks, or wanting to conduct their own.
If the material Shadow Brokers have stolen can link cyberattacks on Gazprom, Aeroflot and other Russian targets with the NSA, Russia can argue to the international community that the U.S. is not an innocent victim, as it claims to be. That could weaken support for its sanctions proposal.
Russia and China, among other adversaries, have used similar evidence in this way in the past. Edward Snowden’s revelation of the U.S. PRISM surveillance program, monitoring vast amounts of internet traffic, became an important turning point in China-U.S. cyberrelations. Commenting on the NSA’s alleged hacking of China’s major mobile companies and universities, an editorial in China’s state-run Xinhua News Agency noted: “These, along with previous allegations, are clearly troubling signs. They demonstrate that the United States, which has long been trying to play innocent as a victim of cyberattacks, has turned out to be the biggest villain in our age.”
In general, allegations and counterallegations have been persistent themes in Chinese-American interactions about cybercrimes and cybersecurity. China’s approach shifted toward more offensive strategies following Snowden’s revelation of the PRISM surveillance program. It is likely that this hack of cyberweapons may provide China and other U.S. adversaries with even more solid evidence to prove American involvement in cyberattacks against foreign targets.
Cyberattack tools now more widely available
There are other dangers too. Hackers now have access to extremely sophisticated tools and information to launch cyberattacks against military, political and economic targets worldwide. The NSA hack thus may lead to further insecurity of cyberspace.
The attack is also further proof of the cybersecurity industry’s axiom about the highly asymmetric probabilities of successful attack and successful defense: Attackers need to succeed only once; defenders have to be perfect every time. As sophisticated as NSA’s highly secure network is, the agency cannot ever fully protect itself from cyberattackers. Either these attackers have already gotten in, or some other group will be the first to do so in the future.
Actors with fewer financial and technical resources can compromise high-value targets. What will come of this attack remains to be seen, but the potential for profound and wide-ranging, even global, effects is clear.
The new draft rules would loosen restrictions on what the intelligence community can access, without applying privacy protections, the New York Times reports. (Photo: Digitale Gesellschaft/flickr/cc)
Civil liberties advocates slammed reports on Friday that the Obama administration is poised to authorize the National Security Agency (NSA) to share more of its private intercepted communications with other U.S. intelligence agencies without expanding privacy protections.
“Before we allow them to spread that information further in the government, we need to have a serious conversation about how to protect Americans’ information,” Alex Abdo, a staff attorney with the ACLU’s Speech, Privacy and Technology Project, told the New York Times.
The change would loosen restrictions on access to the communications that are collected in mass data sweeps, including emails and phone calls, the Times reported, citing “officials familiar with the deliberations.”
As Times reporter Charlie Savage explains, the new rules would give intelligence agencies access not just to phone calls and emails, but also to “bulk collection of satellite transmissions, communications between foreigners as they cross network switches in the United States, and messages acquired overseas or provided by allies.”
“That also means more officials will be looking at private messages—not only foreigners’ phone calls and emails that have not yet had irrelevant personal information screened out, but also communications to, from, or about Americans that the N.S.A.’s foreign intelligence programs swept in incidentally,” he writes.
The draft rules have yet to be released to the public. Brian P. Hale, a spokesperson for the Office of the Director of National Intelligence, which oversees the government’s intelligence community, told the Times, “Once these procedures are final and approved, they will be made public to the extent consistent with national security.”
The NSA documents cite AT&T’s “extreme willingness to help.” (Mike Mozart/flickr/cc)
Newly disclosed National Security Agency documents show that the U.S. government’s relationship with telecom giant AT&T has been considered “unique and especially productive,” according to a joint investigation by the New York Times and ProPublicapublished Saturday.
The news organizations, whose team of journalists included Laura Poitras and James Risen, report that AT&T’s cooperation has involved a broad range of classified activities. The revelations are based on a trove of documents provided to the Times and ProPublica by NSA whistleblower Edward Snowden.
AT&T has given the NSA access, “through several methods covered under different legal rules,” to billions of emails, metadata records, and cellphone call records as they have flowed across its domestic networks, according to the reporting.
“The NSA’s top-secret budget in 2013 for the AT&T partnership was more than twice that of the next-largest such program, according to the documents,” the investigation revealed. “The company installed surveillance equipment in at least 17 of its Internet hubs on American soil, far more than its similarly sized competitor, Verizon. And its engineers were the first to try out new surveillance technologies invented by the eavesdropping agency.”
The direct link to AT&T isn’t explicit in the documents, as the corporate partnerships are referred to by code names. However, an analysis of “Fairview” program documents by the Times and ProPublica “reveals a constellation of evidence that points to AT&T as that program’s partner,” the article states. Several former intelligence officials confirmed that finding.
Privacy rights groups reacted to the news with outrage, if not surprise.
The Electronic Frontier Foundation said the reports “confirm what EFF’sJewel v. NSA lawsuit has claimed since 2008—that the NSA and AT&T have collaborated to build a domestic surveillance infrastructure, resulting in unconstitutional seizure and search of of millions, if not hundreds of millions, of Americans’ Internet communications.”
Furthermore, said EFF executive director Cindy Cohn, the documents “convincingly demolish the government’s core response” to the Jewel lawsuit—that EFF cannot prove that AT&T’s facilities were used in the mass surveillance.
”It’s long past time that the NSA and AT&T came clean with the American people,” Cohn declared. “It’s also time that the public U.S. courts decide whether these modern general searches are consistent with the Fourth Amendment’s guarantee against unreasonable search and seizure.”
In its response to what it described as a “blockbuster” story, the progressive phone company CREDO Mobile declared: “It’s beyond disturbing though sadly not surprising what’s being reported about a secret government relationship with AT&T that NSA documents describe as ‘highly collaborative’ and a ‘partnership, not a contractual relationship’.”
“CREDO Mobile supports full repeal of the illegal surveillance state as the only way to protect Americans from illegal government spying,” CREDO vice president Becky Bond continued, “and we challenge AT&T to demonstrate concern for its customers’ constitutional rights by joining us in public support of repealing both the Patriot Act and FISA Amendments Act.”
NSA headquarters in Fort Meade, Maryland. Photo public domain via Wikimedia Commons
In a move that is being hailed by civil liberties advocates as a victory for privacy rights, the U.S. Senate on Friday rejected the USA Freedom Act, a bill that sought to rein in the National Security Agency’s (NSA) spying powers but that would have reauthorized some of the most controversial provisions of the USA Patriot Act.
By a vote of 57-42, the Senate did not pass the bill that would have required 60 votes to move forward, which means that the NSA must start winding down its domestic mass surveillance program this week. The Senate also rejected a two-month extension of the existing program by 54-45, also short of the necessary 60 votes. Continue reading →
On Thursday, President Obama admitted that two al Qaeda hostages, an American and an Italian, were killed in a US drone strike in Pakistan in January. He also said that two other US citizens had been killed in a strike later that month.
Armed Predator drone firing Hellfire missile. Photo public domain.
The reaction in Congress to the news was predictable, especially among the presidential hopefuls in the Senate. Rand Paul called the deaths “a tragedy,” but refused to address the attacks in general. Ted Cruz called for an investigation (as did Obama), but placed the blame at the feet of al-Qaeda.
But, the most telling (and chilling) response came from Lindsey Graham. The South Carolina Senator said; “Collateral damage is part of war. I’ve got no problem at all with anything that happened other than my deepest sympathies for those that were killed after being held hostage by al-Qaeda… they can look and see what went wrong, but I am not for stopping this program.”
Along with the admission came an apology to the hostages’ families. We wonder why the President stopped there, because if we’re apologizing for innocent people being killed by our drones in Pakistan, those two are just a drop in the bucket. Continue reading →