Category Archives: CIA

The CIA Dark Triad – Windows, macOS & Linux

According to the WikiLeaks Vault 7 dump the CIA deploys malware that includes the capability to hack, remotely view and/or clone devices running the Windows, macOS, and Linux operating systems.

This seems to suggest that the agency has no problem bypassing encryption, proxies, VPN and that Tor anonymity is a myth.

This does not mean that each of the point solutions offering a product under each of the above headings have been compromised. Rather it means that the OS level hack capability of the CIA – as seen on iOS and Android – means that they can gain full control of the device and render any point solution counter measures moot.

Therefore they subvert the platform which by extension means that anything that is running on the platform is subverted.

Tablet, laptop, smart-phone, AV device – it seems they are all fair game and in that case so is everything that you do on them.

You have been warned.

You are being watched.

ENDS

“Bypassing” Encryption is the same as “Breaking” Encryption

According to the Vault 7 WikiLeaks data the CIA made phone malware that can read your private chats without breaking encryption.

Anyone with half a clue always knew that the best way to subvert encryption was to bypass encryption as we at TMG Corporate Services have always done. From our blog post Am I Being Surveilled? on 29th March 2016:

Still – the point is made I think – visual intercepts are economically viable even for local LE – it’s just an ultra low light wifi enabled pin-hole snake camera in the right spot. One above the driver and passenger seat belt brackets in a private vehicle is a good location (easy access to and plenty of space behind the plastic covering the B pillar to store the bits).

Five uninterrupted minutes and both are installed. Just wait for the target to take a Sunday drive and game on. Most people rest the handset on their lap while typing stationary in traffic or better still upright and in front or on top of the wheel when driving – using one hand – which gives a nice unobstructed keystroke by keystroke view of their typing activities.

Most successful hacks are low tech

Today I have seen a bunch of publications and experts trying to assure people that this is nothing to worry about. The purity of encryption is in tact. It is an academic point.

If you are in the business of handling sensitive data then don’t use your cell phone to transmit it. It’s that simple.

* In the hours since the documents were made available by WikiLeaks, a misconception was developed, making people believe the CIA “cracked” the encryption used by popular secure messaging software including Signal and WhatsApp.

WikiLeaks asserted that: “These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloakman by hacking the “smart” phones that they run on and collecting audio and message traffic before encryption is applied.”

This statement by WikiLeaks made most people think that the encryption used by end-to-end encrypted messaging clients such as Signal and WhatsApp has been broken. No, it hasn’t. Instead, the CIA has tools to gain access to entire phones, which would of course “bypass” encrypted messaging apps because it fails all other security systems virtually on the phone, granting total remote access to the agency.

The WikiLeaks documents do not show any attack particular against Signal or WhatsApp, but rather the agency hijacks the entire phone and listens in before the applications encrypt and transmit information.

It’s like you are sitting in a train next to the target and reading his 2-way text conversation on his phone or laptop while he’s still typing, this doesn’t mean that the security of the app the target is using has any issue.

In that case, it also doesn’t matter if the messages were encrypted in transit if you are already watching everything that happens on the device before any security measure comes into play.

But this also doesn’t mean that this makes the issue lighter, as noted by NSA whistleblower Edward Snowden, “This incorrectly implies CIA hacked these apps/encryption. But the docs show iOS/Android are what got hacked—a much bigger problem.”

* From The Hacker News

ENDS

“All uR devICE r belong 2 US”, Vault 7, Weeping Angel, the CIA & Your Samsung TV

CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA’s DDI (Directorate for Digital Innovation). The DDI is one of the five major directorates of the CIA.

The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS.

The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.

The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell’s 1984, but “Weeping Angel”, developed by the CIA’s Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is it’s most emblematic realization.

After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on.

In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

ENDS

Extracted entirely from Vault 7: CIA Hacking Tools Revealed

Is the Metadata Based US Drone Program, State Sponsored Terrorism?

Yes it is. By the rules of international law an intervention on foreign soil is an act of war. If there is not a declared war between the two countries then it is a unilateral decision to attack another without the “correct” mandate. In any other case that is referred to as “terrorism” when carried out by a proscribed organization or a nation.

CIA and NSA Michael Hayden

Former CIA and NSA Director, Michael Hayden

Over 3000 Pakistanis have been killed in US drone strikes targeting a few dozen or so “known” terrorists. Obama has been under heavy scrutiny for authorizing drone campaigns that result in gross mistakes, killing a great number of innocent people while targeting “confirmed terrorists.”

Since 2004, there have been 401 US drone strikes in Afghanistan, alone, killing 3,058 people total. In Pakistan, hundreds, including children, have died in pursuit of a mere two dozen declared terrorists.

In 2014, the former director of both the CIA and NSA, Michael Hayden, proudly claimed they “kill people based on metadata”, using drones – but not the right people in most cases and the source of the information used to determine the “terrorist” classification has been shown to be hopelessly flawed via an NSA program named SKYNET.

The war on extremists is acceptable – the “collateral” casualties as they are called – which demonstrates the lack of value placed on innocent lives – is terrorism – pure and simple.

About SKYNET

SKYNET is a program by the U.S. National Security Agency that performs machine learning analysis on communications data to extract information about possible terror suspects. The tool is used to identify targets, such as al-Qaeda couriers, who move between GSM cellular networks. These couriers often swap SIM cards within phones that have the same ESN, MEID or IMEI number.

The tool uses classification techniques like random forest analysis. Because the data set includes a very large proportion of true negatives and a small training set, there is a risk of overfitting.

Bruce Schneier argues that a false positive rate of 0.008% would be low for commercial applications where “if Google makes a mistake, people see an ad for a car they don’t want to buy” but “if the government makes a mistake, they kill innocents.”

The SKYNET project was linked with drone systems, thus creating the potential for false-positives to lead to deaths.

Al-Jazeera’s bureau chief in Islamabad, Ahmad Zaidan, was wrongly identified as the most probable member of al-Qaeda and the Muslim Brotherhood on their records. Despite the fact it is improbable to be a member of both groups, he is also widely and publicly known for traveling to meet with radical groups, but was instead identified due to mobile phone surveillance placing him in rural locations.

This has been seen to show the failing of the system, as it has misidentified a journalist conducting legitimate, public business as a potential terrorist, whilst also harming freedom of the press and breaking US law on surveillance of journalists.

Source: SKYNET – Wiki 

Is the US drone program overseas, state sponsored terrorism?

Yes it is. By the rules of international law an intervention on foreign soil is an act of war. If there is not a declared war between the two countries then it is a unilateral decision to attack another without the “correct” mandate.

Former CIA and NSA Director, Michael Hayden

In any other case that is referred to as “terrorism” when carried out by a proscribed organization or a nation.

Over 3000 Pakistanis have been killed in US drone strikes targeting a few dozen or so “known” terrorists. Obama has been under heavy scrutiny for authorizing drone campaigns that result in gross mistakes, killing a great number of innocent people while targeting “confirmed terrorists.”

Since 2004, there have been 401 US drone strikes in Afghanistan, alone, killing 3,058 people total. In Pakistan, hundreds, including children, have died in pursuit of a mere two dozen declared terrorists.

In 2014, the former director of both the CIA and NSA, Michael Hayden, proudly claimed they “kill people based on metadata”, using drones – but not the right people in most cases and the source of the information used to determine the “terrorist” classification has been shown to be hopelessly flawed via an NSA program named SKYNET.

The war on extremists is acceptable – the “collateral” casualties as they are called – which demonstrates the lack of value placed on innocent lives – is terrorism – pure and simple.

About SKYNET

SKYNET is a program by the U.S. National Security Agency that performs machine learning analysis on communications data to extract information about possible terror suspects. The tool is used to identify targets, such as al-Qaeda couriers, who move between GSM cellular networks. These couriers often swap SIM cards within phones that have the same ESN, MEID or IMEI number.

The tool uses classification techniques like random forest analysis. Because the data set includes a very large proportion of true negatives and a small training set, there is a risk of overfitting. Bruce Schneier argues that a false positive rate of 0.008% would be low for commercial applications where “if Google makes a mistake, people see an ad for a car they don’t want to buy” but “if the government makes a mistake, they kill innocents.”

The SKYNET project was linked with drone systems, thus creating the potential for false-positives to lead to deaths. Al-Jazeera’s bureau chief in Islamabad, Ahmad Zaidan, was wrongly identified as the most probable member of al-Qaeda and the Muslim Brotherhood on their records.

Despite the fact it is improbable to be a member of both groups, he is also widely and publicly known for traveling to meet with radical groups, but was instead identified due to mobile phone surveillance placing him in rural locations.

This has been seen to show the failing of the system, as it has misidentified a journalist conducting legitimate, public business as a potential terrorist, whilst also harming freedom of the press and breaking US law on surveillance of journalists.

Source: SKYNET – Wiki

END.

The “FVEY” SIGINT Espionage Alliance

The French, Belgian, Egyptian and Yemeni authorities have all in the last 12 months failed to connect the dots on available data that might have prevented or lessened the Hebdo, Bataclan, Zaventem & Maalbeek atrocities.

Some of their foreign counterparts however are part of an exclusive alliance that shares intelligence that does in many cases provide insights that the individual portions do not.

The Five Eyes intelligence alliance is led by the USA. Often abbreviated as “FVEY” the alliance comprises Australia, Canada, New Zealand, the United Kingdom, and the United States. They are bound by the multilateral UKUSA Agreement, a treaty for joint cooperation in signals intelligence.

STASI - FIVE EYES

FVEY’s origins can be traced back to the Atlantic Charter issued by the Allies to lay out their goals for a post-war world in 1945. During the Cold War, the ECHELON surveillance system was initially developed by the FVEY to monitor the communications of the former Soviet Union and the Eastern Bloc. Later, it was alleged that it was also used to monitor billions of private communications worldwide.

ECHELON’s existence was disclosed in the late 1990’s and it triggered a major debate in the European Parliament. As part of efforts in the so called War on Terror the FVEY further expanded their surveillance capabilities, with much emphasis placed on monitoring internet communications.

Snowden describes the Five Eyes as a “supra-national intelligence organisation that doesn’t answer to the known laws of its own countries”. Documents leaked by Snowden in 2013 revealed that the FVEY have been spying on one another’s citizens and sharing the collected information with each other in order to circumvent restrictive domestic regulations on surveillance of citizens.

The leaked documents also revealed the existence of numerous surveillance programs jointly operated by the Five Eyes including:

  • PRISM – Operated by the NSA together with the GCHQ and the ASD;
  • XKeyscore – Operated by the NSA with contributions from the ASD and the GCSB;
  • Tempora – Operated by the GCHQ with contributions from the NSA;
  • MUSCULAR – Operated by the GCHQ and the NSA;
  • STATEROOM – Operated by the ASD, CIA, CSEC, GCHQ, and NSA.

Despite the disclosures no amount of outrage will affect the Five Eyes which remains the most extensive known espionage alliance in history.

END.

You Are Not In Safe Hands

The way sensitive information was handled by Hillary Clinton and her staffers at Foggy Bottom during her tenure as Secretary of State is indicative of the lack of respect shown by even uber-senior government officials to data collected by governments by legal and illegal means.

With every additional reduction in personal freedoms or intrusive piece of surveillance or data collection legislation the citizen’s concerns are salved by the oft used mantra that the data is in “good hands” and will be treated with the respect required and used only for the purposes outlined.

How hard it is to accept those type of assurances from state actors in the normal course of events is obvious with even a cursory knowledge of the antics of the NSA and GCHQ under the PRISM, XKeyscore and Tempora surveillance programs.

How much harder it is when juxtaposed with the reckless abandon with which senior state department officials under Clinton treated data, the mis-handling of which literally placed peoples lives at risk.

It is an arrogance with which those in power have always demonstrated and one which is an important lesson to every citizen as they stand idly by while governments and corporations globally aided by flawed laws, but more often illegally, peak into their personal lives for economic, political and personal gain.

Apologists have consistently sought to dilute the gravity of the situation with respect to Clinton’s offices’ behaviour. Obfuscation notwithstanding, highly classified information was wilfully placed on unclassified and unencrypted networks.

The fact that this was allowed shows the systemic lack of checks and balances in place to audit the flow of sensitive surveillance and intelligence information within and between governments. It additionally renders moot any government assurances regarding the handling of sensitive information – not that this event was required to reach that obvious conclusion – it simply presents a perfect case in point to illuminate the problem.

Intelligence community analysts at multiple American, UK and other Five Eyes alphabet agencies write intelligence assessments based on multiple information sources every day. They are then classified according to their content, sensitivity and source and then shared with senior government leadership.

In the USA, the Secretary of State is always the top consumer of this data. The State Department has its own in-house intelligence analysis shop, the Bureau of Intelligence and Research (INR) to handle that department’s need for additional classified assessments and reporting.

Broadly, the classifications and other acronyms typically used in IA’s are:

TOPSECRET / TS – The highest “official” classification in the U.S. Government;

SECRET / S – This data is not based on SIGINT (Signals Intelligence) and is normally sourced from local classified assessments from US Embassy or CIA Station staff;

SI – Special Intelligence is a security caveat that falls under the rubric of Sensitive Compartmented Information or SCI. Not everybody cleared for TOPSECRET also has access to SCI, that’s a separate matter and all SCI materials require special handling to protect them from compromise. These SI classifications are normally information derived from NSA SIGINT programmes;

NOFORN / NF – This caveat means it cannot be shared with non-Americans. However, large portions of NSA SIGINT, even at the TS/SI level, are shared with close foreign partners such as the Five Eyes countries;

TK / TALENT KEYHOLE – Information derived from foreign communications intercepts by assets or intelligence satellites;

FOUO – The For Official Use Only marking, meaning it cannot be released to the public without official approval. Local media reports are important sources for this type of information and make up the raw materials analysed by the CIA’s Open Source Center (OSINT). This is the agencies hub for translating foreign media reports;

NFI – means No Further Information;

U – Entirely unclassified.

Save for the U classification no portion of information denoted by any of the other acronyms can be released to the public, or placed on any unclassified information system, by anybody, not even a cabinet secretary, without specific approval from outside agencies.

SIGINT, in particular, is highly sensitive. This type of data should only ever see the light of day outside of the official audience for these reports with explicit NSA permission. Even talking around such information represents a security breach and is normally considered illegal by the legislation used to grant the powers to collect the information in the first instance.

Clinton and her office breached all of these rules.

END.