Category Archives: Cyberwarfare & Hacktivism

Ransomware: More and Smarter Scams Coming Soon

Danny Palmer reports for ZDNet:

petya-ransomware.jpgRansomware is here to stay and is only going to get more dangerous as cybercriminals move towards increasingly sophisticated forms of the cryptographic malware to carry out targeted attacks.

This grim forecast is made by Kapersky Lab in its newly released Ransomware in 2016 – 2017report – but it isn’t all completely bad news, because researchers believe that the competition the underground ransomware market will lead to some families being killed off in an “intra-species massacre”.

Cybercriminals are still making plenty of money by exploiting victims with ransom demands ranging from a couple of hundred to a couple of thousands dollars. But many of these types of attack use random large-scale spam email campaigns in the hope of luring in victims.

Now, however, some criminals are specifically targeting a specially selected enterprise network, infecting them via specially crafted phishing emails then extorting much higher ransom payments from victims.

READ MORE…

Blame Game for Cyber Attacks Grows Murkier as Spying, Crime Tools Mix

Eric Auchard reports for Reuters:

FILE PHOTO: A man types on a computer keyboard in front of the displayed cyber code in this illustration picture taken March 1, 2017. REUTERS/Kacper Pempel/Illustration/File Photo[…] The example highlights the dangers of jumping to conclusions in the murky world of cyber attack and defense, as tools once only available to government intelligence services find their way into the computer criminal underground.

Security experts refer to this as “the attribution problem”, using technical evidence to assign blame for cyber attacks in order to take appropriate legal and political responses.

These questions echo through the debate over whether Russia used cyber attacks to influence last year’s U.S. presidential elections and whether Moscow may be attempting to disrupt national elections taking place in coming months across Europe.

The topic is a big talking point for military officials and private security researchers at the International Conference on Cyber Conflict in Tallin this week. It has been held each year since Estonia was swamped in 2007 by cyber attacks that took down government, financial and media websites amid a dispute with Russia. Attribution for those attacks remains disputed.

READ MORE…

Putin Denies Russian State Role, But Says Individual ‘Patriotic’ Hackers May Have Mounted Attacks

Sabra Ayres reports for the Los Angeles Times:

Image result for Putin Denies Russian State RoleAfter months of categorically denying Russian involvement in cyberattacks during last year’s U.S. presidential elections, Russian President Vladimir Putin on Thursday said that while the Kremlin has never used state-sponsored cyberattacks to meddle in other countries’ elections, some “patriotically minded” volunteer hackers may have acted on their own to defend Russian interests.

“Hackers can be anywhere, and pop out from anywhere in the world,” Putin said in an address to Russian and foreign media during the opening day of an annual economic forum held in St. Petersburg.

The Russian president compared hackers to artists, who can act creatively, particularly when they are motivated by international relations and in the defense of Russia’s interests.

“If they woke up today, read that there is something happening in interstate relations,” he said. “If they are patriotic, they start contributing, as they see it, in the fight against those who do not speak well about Russia.”

READ MORE…

Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool

David E Sanger and Nicole Perlroth report for The New York Times:

[…] The connection to the N.S.A. was particularly chilling. Starting last summer, a group calling itself the “Shadow Brokers” began to post software tools that came from the United States government’s stockpile of hacking weapons.

The attacks on Friday appeared to be the first time a cyberweapon developed by the N.S.A., funded by American taxpayers and stolen by an adversary had been unleashed by cybercriminals against patients, hospitals, businesses, governments and ordinary citizens.

Something similar occurred with remnants of the “Stuxnet” worm that the United States and Israel used against Iran’s nuclear program nearly seven years ago. Elements of those tools frequently appear in other, less ambitious attacks.

The United States has never confirmed that the tools posted by the Shadow Brokers belonged to the N.S.A. or other intelligence agencies, but former intelligence officials have said that the tools appeared to come from the N.S.A.’s “Tailored Access Operations” unit, which infiltrates foreign computer networks. (The unit has since been renamed.)

READ MORE…

Barrett Brown on Press Freedom, FBI Crimes and Why He Wouldn’t Do Anything Differently

Amy Goodman and Nermeen Shaikh speak with investigative reporter Barrett Brown, who recently completed a four-year prison sentence related to the hacking of the private intelligence firm Stratfor, which exposed how the firm spied on activists on behalf of corporations. He was released from prison earlier this year but was unexpectedly rearrested late last month, one day ahead of a scheduled interview for an upcoming PBS documentary. Brown was detained for four days and then released without receiving any formal written explanation for the arrest. (Democracy Now!)

Why It’s Unlikely The NHS Was Deliberately Targeted In The Ransomware Attack

James Ball reports for BuzzFeed News:

On Friday afternoon, NHS hospitals across England and Scotland fell victim to a cyberattack that caused ambulances to be diverted, equipment to shut down, and clinical services to be disrupted.

The attack has prompted fears among commentators and on social media of a deliberate attempt to damage the NHS, or even to interfere in the UK election. But early evidence suggests it was neither deliberately targeted against hospitals, nor aimed at health data.

It wasn’t just NHS computers that were affected. It also hit major corporations, such as Spanish telecoms giant Telefonica – the parent company of the UK mobile network O2 – as well as computer systems in Russia, the USA, Japan and France.

Identifying the source of a cyber attack is a lengthy process usually requiring forensic examination of both the code used in the attack and how it spread across the internet, meaning we don’t yet know with certainty how the NHS attack spread.

The NHS computer systems were hit by what’s known as ransomware, which locks the files on any affected machine and makes it unusable unless its owner pays a set amount, usually in the virtual current Bitcoin, to an anonymous account.

READ MORE…

NHS Cyber-Attack: GPs and Hospitals Hit by Ransomware

BBC News reports:

Cyber attack on NHS EnglandNHS services across England and some in Scotland have been hit by a large-scale cyber-attack.

Staff cannot access patient data, which has been scrambled by ransomware. There is no evidence patient data has been compromised, NHS Digital has said.

NHS England has declared a major incident. The BBC understands up to 25 NHS organisations and some GP practices have been affected.

It comes amid reports of cyber-attacks affecting organisations worldwide.

A Downing Street Spokesman said Prime Minister Theresa May was being kept informed of the situation, while Health Secretary Jeremy Hunt is being briefed by the National Cyber Security Centre.

READ MORE…

FBI Refuses to Disclose Documents on Trump’s Call to Russia to Hack Clinton

Ed Pilkington reports for The Guardian:

Image result for Trump’s Call to Russia to Hack ClintonThe US justice department is refusing to disclose FBI documents relating to Donald Trump’s highly contentious election year call on Russia to hack Hillary Clinton’s emails.

Senior DoJ officials have declined to release the documents on grounds that such disclosure could “interfere with enforcement proceedings”. In a filing to a federal court in Washington DC, the DoJ states that “because of the existence of an active, ongoing investigation, the FBI anticipates that it will … withhold all records”.

The statement suggests that Trump’s provocative comment last July is being seen by the FBI as relevant to its own ongoing investigation.

[…] The then Republican presidential candidate ignited an instant uproar when he made his controversial comment at a press conference in Florida on 27 July. By that time Russia had already been accused by US officials of hacking Democratic National Committee emails in a bid to sway the election.

“I will tell you this, Russia: if you’re listening, I hope you’re able to find the 30,000 emails that are missing,” Trump said, referring to a stash of emails that Clinton had deleted from her personal server dating from her time as US secretary of state.

Later that day, the Republican candidate posted a similarly incendiary remark on Twitter: “If Russia or any other country or person has Hillary Clinton’s 33,000 illegally deleted emails, perhaps they should share them with the FBI!”

READ MORE…

Macron Leaks: The Anatomy of a Hack

BBC Trending reports:

Macron and pepesIt’s still unclear who hacked incoming French President Emmanuel Macron’s emails. But what does the way they then spread across the internet tell us about the way hackers and political movements work in tandem?

It was a huge story that broke in the very final hours of coverage of France’s presidential election campaign. But whoever dumped the leaked Macron emails online, did not by themselves turn them into a global topic of discussion. That job was left to a network of political activists, aided by bots and automated accounts, and then ultimately signal boosted by the Twitter account of WikiLeaks.

BBC Trending has spoken to the main activist who took the data dump from a fringe message board to the mainstream – and we’ve pieced together the story of how the hack came to light.

READ MORE…

Unchecked Surveillance Technology Is Leading Us Towards Totalitarianism

Cory Doctorow writes for the International Business Times:

Image result for Unchecked Surveillance Technology Is Leading Us Towards TotalitarianismI appeared at an event in New York this week with Edward Snowden to discuss how computers can be a tool for liberation instead of coercive control. The resounding optimistic feeling was that while networks can let Facebook gut our future, they can also be used to seize it.

I appeared at an event in New York this week with Edward Snowden to discuss how computers can be a tool for liberation instead of coercive control. The resounding optimistic feeling was that while networks can let Facebook gut our future, they can also be used to seize it.

These institutions use the information to circumvent  hard won constitutional protections. Western military contractors export these tools to oppressive dictatorships, creating “turnkey surveillance states”. In Ethiopia, the ruling junta has used hacking tools to break into the computers of exiled dissidents in the USA. The information they stole was used to target activists in Ethiopia for arbitrary detention and torture.

In my science fiction novel Walkaway, I see an optimistic escape from the looming surveillance disaster. It imagines people oppressed by surveillance might “walk away” and found a parallel society where citizens’ technological know-how creates a world of fluid, improvisational technological play.

READ MORE…

French Candidate Macron Claims Massive Hack as Emails Leaked

Eric Auchard and Bate Felix report for Reuters:

Image result for macron leaksLeading French presidential candidate Emmanuel Macron’s campaign said on Friday it had been the target of a “massive” computer hack that dumped its campaign emails online 1-1/2 days before voters choose between the centrist and his far-right rival, Marine Le Pen.

Macron, who is seen as the frontrunner in an election billed as the most important in France in decades, extended his lead over Le Pen in polls on Friday.

As much as 9 gigabytes of data were posted on a profile called EMLEAKS to Pastebin, a site that allows anonymous document sharing. It was not immediately clear who was responsible for posting the data or if any of it was genuine.

In a statement, Macron’s political movement En Marche! (Onwards!) confirmed that it had been hacked.

“The En Marche! Movement has been the victim of a massive and co-ordinated hack this evening which has given rise to the diffusion on social media of various internal information,” the statement said.

An interior ministry official declined to comment, citing French rules that forbid any commentary liable to influence an election, which took effect at midnight on Friday (2200 GMT).

READ MORE…

Inside the ‘Stalkerware’ Surveillance Market, Where Ordinary People Tap Each Other’s Phones

Lorenzo Franceschi-Bicchierai and Joseph Cox report for Motherboard:

John* tapped out a simple text message to his wife in January 2016. “I love you,” it read.

But this wasn’t the only message she saw. Unbeknownst to John, his wife had bugged his smart phone. She was spying on John, eavesdropping on all of his texts and multimedia messages, and tracking his every move through the device’s GPS.

She was also stealing all of John’s photos. In one slightly blurred picture, John, a police officer in a small town in the southwestern United States, is knelt over a suspect, who is face down on the curb. In another photograph, John is taking a selfie wearing a dress shirt and a black tie. A third picture shows an email exchange with Facebook’s law enforcement help team, revealing that John was requesting data on a target of an investigation.

These messages and pictures, including some of the couple’s more intimate moments, were taken directly from John’s cellphone by his wife, using a piece of consumer surveillance software made by American company Retina-X. In an ironic twist, the software is called PhoneSheriff.

John is just one of tens of thousands of individuals around the world who are unwitting targets of powerful, relatively cheap spyware that anyone can buy. Ordinary people—lawyers, teachers, construction workers, parents, jealous lovers—have bought malware to monitor mobile phones or computers, according to a large cache of hacked files from Retina-X and FlexiSpy, another spyware company.

The breaches highlight how consumer surveillance technology, which shares some of the same capabilities and sometimes even the same code as spy software used by governments, has established itself with the everyday consumer. And it would appear no small number of people are willing to use this technology on their partners, spouses, or children.

In other words, surveillance starts at home.

READ MORE…

WikiLeaks’ Latest Leak Shows How CIA Avoids Antivirus Programs

Joe Uchill reports for The Hill:

WikiLeaks' latest leak shows how CIA avoids antivirus programsWikiLeaks released its third package of CIA documents on Friday which highlight source code used by the CIA to avoid antivirus programs.

The source code is for a tool called “Marble,” what is known as an obfuscator or packer.

Obfuscators are principally designed to jumble the execution of malware so that programs designed to spot malware have trouble determining what it is.

The Marble toolkit includes a variety of different algorithms to accomplish that task.

In its release, WikiLeaks describes the primary purpose of Marble as being to insert foreign language text into the malware to cause malware analysts to falsely attribute code to the wrong nation.

This appears to be an inaccurate description of the primary purpose of the code, however.

READ MORE…

How Russia and WikiLeaks Became Allies Against the West

Matthew Kupfer writes for The Moscow Times:

[…] If Russia has ties with WikiLeaks today, that certainly wasn’t the case seven years ago, says Mika Velikovsky, a Russian journalist who worked extensively with WikiLeaks and interviewed Assange three times.

While working for the magazine Russian Reporter, WikiLeaks’ main partner in Russia, Velikovsky received packets of U.S. diplomatic cables from Shamir, sorted through the documents and published articles based upon them. He also worked on the 2012 leak of emails from the intelligence company Stratfor and collaborated with WikiLeaks on the 2013 documentary film Mediastan.

In 2010, Velikovsky defended WikiLeaks on Russian state television’s political talk shows — programs that often reflect the positions of the Kremlin. There, he clashed with pro-Kremlin experts who claimed that WikiLeaks was the anti-Russian project of American spies.

“At the time, it seemed the authorities were worried about WikiLeaks and didn’t know what it was,” he says. “So the Russian mainstream media was very anti-WikiLeaks.”

Then, in 2012, Julian Assange got a show on RT, a Russian state-funded propaganda channel. The development came amid a worldwide financial blockade of WikiLeaks, when the organization desperately needed money. Velikovsky thinks Assange’s appearance on RT marked WikiLeaks’ transformation from a threat to an ally in the eyes of the Russian authorities.

However, he suggests that WikiLeaks’ seeming alliance with Russia stems from Assange’s own personal predicament. Hiding in the Ecuadorian Embassy for over 4 years has robbed Assange of “a lot of the joy [of life] that you and I have,” Velikovsky says. “If someone did that to us, it would be very personal.”

READ MORE…

Valut 7: John Kiriakou and James Bamford on What the Wikileaks Dump Tells Us

Thom Hartmann speaks to former CIA analyst and whistleblower John Kiriakou and journalist James Bamford, author of Body of Secrets and The Shadow Factory, about the recent Wikileaks ‘Vault 7’ dump and what it reveals about hacking and surveillance techniques used by the CIA. (The Big Picture)

New Cyber Czar Rudy Giuliani’s Website Full of Security Flaws

Tim Johnson reports for McClatchy:

[…] The Trump transition office announced Thursday morning that Giuliani, part of a core group of Republican Trump loyalists during the campaign, had been tapped to “lend expertise to cybersecurity efforts.” The announcement didn’t offer many details about how Giuliani would fulfill his role, noting simply that hacks are rampant.

“Cyber intrusion is the fastest growing crime in the United States and much of the world,” the statement said.

The announcement prompted a few programmers to conduct their own free website analysis of giulianipartners.com. Their verdict? Pathetic. Sad.

Indeed, some may have tried their hand at a little mischief. “Service temporarily unavailable,” flashed the screen when one visitor sought to browse there in the afternoon.

“Seems Rudy may need a cybersecurity chief for himself,” tweeted Jeremiah Grossman, whose profile said he is chief of security strategy for SentinelOne, a cybersecurity company.

Others came to Giuliani’s defense.

READ MORE…

Rudy Giuliani Is an Absurd Choice to Defend the U.S. From Hackers

Trevor Timm writes for The Guardian:

Related imageAt Donald Trump’s now-notorious press conference on Tuesday, lost amidst his threats to news organizations and denunciations of his enemies, the president-elect claimed he would soon assemble “some of the greatest computer minds anywhere in the world” to tackle the US government’s cybersecurity problem. On Thursday, he went the opposite route instead and hired Rudy Giuliani.

Giuliani, Trump election surrogate and the disgraced former mayor of New York, is apparently going to head up Trump’s efforts to coordinate “cybersecurity” issues between the federal government and the private sector, the transition team announced Tuesday. But what does Giuliani, last seen on the campaign trail claiming the president can break whatever law he likes in a time of war, know about cybersecurity? From the look and sound of it, not much.

Giuliani does head a consulting firm in New York called Giuliani Partners that supposedly focuses on cybersecurity, but Vice’s Motherboard reported yesterday, it’s tough to tell what they actually do, and it’s even tougher to tell what Giuliani does for them, besides being the face of the operation while saying outrageous things on television.

READ MORE…

The Washington Post Is Richly Rewarded for False News About Russia Threat While Public Is Deceived

Glenn Greenwald writes for The Intercept:

In the past six weeks, the Washington Post published two blockbuster stories about the Russian threat that went viral: one on how Russia is behind a massive explosion of “fake news,” the other on how it invaded the U.S. electric grid. Both articles were fundamentally false. Each now bears a humiliating editor’s note grudgingly acknowledging that the core claims of the story were fiction: The first note was posted a full two weeks later to the top of the original article; the other was buried the following day at the bottom.

The second story on the electric grid turned out to be far worse than I realized when I wrote about it on Saturday, when it became clear that there was no “penetration of the U.S. electricity grid” as the Post had claimed. In addition to the editor’s note, the Russia-hacked-our-electric-grid story now has a full-scale retraction in the form of a separate article admitting that “the incident is not linked to any Russian government effort to target or hack the utility” and there may not even have been malware at all on this laptop.

But while these debacles are embarrassing for the paper, they are also richly rewarding. That’s because journalists — including those at the Post — aggressively hype and promote the original, sensationalistic false stories, ensuring that they go viral, generating massive traffic for the Post (the paper’s executive editor, Marty Baron, recently boasted about how profitable the paper has become).

After spreading the falsehoods far and wide, raising fear levels and manipulating U.S. political discourse in the process (both Russia stories were widely hyped on cable news), journalists who spread the false claims subsequently note the retraction or corrections only in the most muted way possible, and often not at all. As a result, only a tiny fraction of people who were exposed to the original false story end up learning of the retractions.

READ MORE…

Should The American Public Be Thankful For Russian ‘Interference’?

Michael Tracey argues for Medium:

[…] If the state-sponsored Russian hackers did something truly malignant, like messing with election results, then yes — that’d be a severe breach and warrant substantial retaliation. But as it stands, the sinister Russians are accused of illuminating American voters as to the activities of the country’s most powerful political actors. The revelations made via WikiLeaks shined a light on all manner of fraud, deceit, and malfeasance. Would it have been better had voters not received access to this information? Who did it harm, other than a small group of political functionaries like Podesta and Wasserman-Schultz? Didn’t the American polity actually profit as a result of these hacks, given that they were provided important information about a presidential candidate that would have been otherwise suppressed?

When people use the word “interfered” to characterize what the Russian government is supposed to have done here, they give whole matter a needlessly nefarious gloss. “Russian interference in the election” connotes some kind of elaborate, intensive subversion plot. But that’s not what happened at all — voters weren’t harmed as a result of this “interference.” They were benefitted.

READ MORE…

Fake News: Russian Hacking of US Electricity Grid Never Took Place as Claimed by the Washington Post

Agamoni Ghosh reports for the International Business Times:

A news report last week had claimed that Russia-based hackers had successfully penetrated the US electricity grid through a facility in Vermont. But, such a thing never really happened as the alleged malware code that was thought to be injected into the grid system was only present on a single laptop that has no connection to the grid.

The report published by the Washington Post has been discarded as being misleading and false and the company has issued a note saying their key claim in the story was false.

“An earlier version of this story incorrectly said that Russian hackers had penetrated the US electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid,” said an editor’s note on the copy.

READ MORE…

Top-Secret Snowden Document Reveals What the NSA Knew About Previous Russian Hacking

Sam Biddle reports for The Intercept:

To date, the only public evidence that the Russian government was responsible for hacks of the DNC and key Democratic figures has been circumstantial and far short of conclusive, courtesy of private research firms with a financial stake in such claims. Multiple federal agencies now claim certainty about the Kremlin connection, but they have yet to make public the basis for their beliefs.

Now, a never-before-published top-secret document provided by whistleblower Edward Snowden suggests the NSA has a way of collecting evidence of Russian hacks, because the agency tracked a similar hack before in the case of a prominent Russian journalist, who was also a U.S. citizen.

In 2006, longtime Kremlin critic Anna Politkovskaya was gunned down in her apartment, the victim of an apparent contract killing. Although five individuals, including the gunman, were convicted for the crime, whoever ordered the murder remains unknown. Information about Politkovskaya’s journalism career, murder, and the investigation of that crime was compiled by the NSA in the form of an internal wiki entry. Most of the wiki’s information is biographical, public, and unclassified, save for a brief passage marked top secret.

READ MORE…

Russia Hysteria Infects The Washington Post Again: False Story About Hacking U.S. Electric Grid

Glenn Greenwald writes for The Intercept:

Image result for Russia Hysteria Infects The Washington Post Again: False Story About Hacking U.S. Electric Grid[…] What’s the problem here? It did not happen.

There was no “penetration of the U.S. electricity grid.” The truth was undramatic and banal. Burlington Electric, after receiving a Homeland Security notice sent to all U.S. utility companies about the malware code found in the DNC system, searched all their computers and found the code in a single laptop that was not connected to the electric grid.

Apparently, the Post did not even bother to contact the company before running its wildly sensationalistic claims, so they had to issue their own statement to the Burlington Free Press which debunked the Post’s central claim (emphasis in original): “We detected the malware in a single Burlington Electric Department laptop NOT connected to our organization’s grid systems.”

So the key scary claim of the Post story – that Russian hackers had penetrated the U.S. electric grid – was false. All the alarmist tough-guy statements issued by political officials who believed the Post’s claim were based on fiction.

READ MORE…

Cybersecurity Expert Bruce Schneier: American Elections Will Be Hacked

Amy Goodman speaks to Bruce Schneier, cybersecurity expert and author of Data and Goliath, who warns that America’s “newly computerised voting systems are vulnerable to attack by both individual hackers and government-sponsored cyberwarriors. It is only a matter of time before such an attack happens”. He latest article for the New York Times is titled ‘American Elections Will Be Hacked‘. (Democracy Now!)

The New Red Scare: Reviving the Art of Threat Inflation

Andrew Cockburn writes for Harper’s Magazine:

Image result for The New Red Scare[…] Despite some esoteric aspects, the so-called Russian hacks, as promoted by interested parties in politics and industry, are firmly in the tradition of Cold War threat inflation. Admittedly, practitioners had an easier task in Selin’s day. The Cold War was at its height, America was deep in a bloody struggle against the communist foe in Vietnam, and Europe was divided by an Iron Curtain, behind which millions chafed under Soviet occupation.

Half a century later, the Soviet Union is long gone, along with the international communist movement it championed. Given that Russia’s defense budget is roughly one tenth of America’s, and that its military often cannot afford the latest weapons Russian manufacturers offer for export, resurrecting this old enemy might seem to pose a challenge to even the brightest minds in the Pentagon. Yet the Russian menace, we are informed, once again looms large. According to Defense Secretary Ashton Carter, Russia “has clear ambition to erode the principled international order” and poses “an existential threat to the United States” — a proclamation endorsed by a host of military eminences, including General Joseph Dunford, the chairman of the Joint Chiefs of Staff, his vice-chairman General Paul Selva, and NATO’s former Supreme Allied Commander, General Philip Breedlove.

True, relations with Moscow have been disintegrating since the Bush Administration. Yet Russia achieved formal restoration to threat status only after Putin’s takeover of Crimea in February 2014 (which followed the forcible ejection, with U.S. encouragement, of Ukraine’s pro-Russian government just a few days earlier). Russia’s intervention in Syria, in the fall of 2015, turned the chill into a deep freeze. Still, the recent accusation that Putin has been working to destabilize our democratic system has taken matters to a whole new level, evoking the Red Scare of the 1950s.

READ MORE…

Spies For Hire: How the UAE Is Recruiting Hackers to Create the Perfect Surveillance State

Jenna McLaughlin reports for The Intercept:

DUBAI, UNITED ARAB EMIRATES - JANUARY 03: View from the observation deck "At The Top" located on the 124th floor of Burj Khalifa tower on January 3, 2010 in Dubai, United Arab Emirates. The tower, designed by Chicago architect Adrian Smith, is the tallest free-standing structure on Earth. (Photo by Kuni Takahashi/Getty Images)[…] The idea of a UAE-based company recruiting an army of cyberwarriors from abroad to conduct mass surveillance aimed at the country’s own citizens may sound like something out of a bad Bond movie, but based on several months of interviews and research conducted by The Intercept, it appears DarkMatter has been doing precisely that.

Most of those who spoke with The Intercept asked to remain anonymous, citing nondisclosure agreements, fear of potential political persecution in the UAE, professional reprisals, and loss of current and future employment opportunities. Those quoted anonymously were speaking about events based on their direct experience with DarkMatter.

Margaritelli isn’t the only one who insists that DarkMatter isn’t being truthful about its operations and recruitment. More than five sources with knowledge of different parts of the company told The Intercept that sometime after its public debut last November, DarkMatter or a subsidiary began aggressively seeking skilled hackers, including some from the United States, to help it accomplish a wide range of offensive cybersecurity goals. Its work is aimed at exploiting hardware probes installed across major cities for surveillance, hunting down never-before-seen vulnerabilities in software, and building stealth malware implants to track, locate, and hack basically any person at any time in the UAE, several sources explained. As Margaritelli described it in an email to me, “Basically it’s big brother on steroids.”

READ MORE…

Is the Disclosure of John Podesta’s Emails a Step Too Far? Glenn Greenwald In Conversation With Naomi Klein

Glenn Greenwald of The Intercept recently spoke to author and activity Naomi Klein about the latest email hacks revolving around the Clinton campaign chairman John Podesta. (The Intercept)

US Hacking Russia for Revenge Could Lead to Cyberwar

Trevor Timm writes for The Guardian:

Image result for russia america cyberwarWhat’s the CIA’s brilliant plan for stopping Russian cyber-attacks on the US and their alleged interference with the US election? Apparently, some in the agency want to escalate tensions between the two superpowers even more and possibly do the same thing right back to them.

NBC News reported late last week that the CIA is working up blueprints for an “unprecedented cyber covert action against Russia”, and it sounds a lot like they’re planning on leaking documents on Vladimir Putin, just as the Russians are accused of doing to the Democratic National Committee and the Clinton campaign.

NBC reported that former intelligence officials said “the agency had gathered reams of documents that could expose unsavory tactics by Russian President Vladimir Putin” and another former official said the US “should … expose the financial dealings of Putin and his associates”.

READ MORE…

The Internet of Things Sucks So Bad Even ‘Amateurish’ Malware Is Enough

Lorenzo Franceschi-Bicchierai reports for Wired:

Over the last few weeks, unknown hackers have launched some of the largest cyberattacks the internet has ever seen. These attacks weren’t notable just by their unprecedented size and power, but also because they were powered by a large zombie army of hacked cameras and other devices that fit into the category of Internet of Things, or IoT.

On Friday, the hacker who claims to have created the malware that was powering this massive “Botnet Of Things” published its source code, which appears to be legitimate.

“It looks like this release is the real deal,” according to Marshal Webb, the chief technology officer of BackConnect, an anti-DDoS firm, who has been collecting samples of the malware in the last few weeks.

However legitimate, the malicious code isn’t actually that sophisticated, according to security researchers who have been studying it.

READ MORE…

Russian Hackers Expose ‘Double Standards’ at World Anti-Doping Agency (WADA)

Georgi Gotev reports for EurActiv:

The World Anti-Doping Agency (WADA) confirmed yesterday (13 September) that hackers accessed a database of confidential medical data and released the drug regimens of gymnast Simone Biles and three other top US Olympians. The Russian government was behind the move, WADA claimed.

The hackers penetrated the WADA’s athlete database and publicly revealed private medical information about three of the United States’ most famous athletes: Serena Williams, Venus Williams and Simone Biles.

The documents show that Biles, who won four gold medals in gymnastics at the Rio Olympics last month, and the Williams sisters received medical exemptions to use banned drugs.

“While it is an evolving situation, at present, we believe that access to ADAMS was obtained through spear phishing of email accounts,” WADA said in a statement.

The antidoping agency attributed the hack to Fancy Bear, a Russian cyberespionage group that forensics specialists have tied to breaches against government agencies, nonprofit organisations and corporations.

READ MORE…

Almost no chance U.S. elections can get hacked by the Russians

Philip Bump and Amber Phillips report for The Washington Post:

[…] Could hackers change the numbers to change our elections? The Fix spoke by phone and email with Merle King, executive director of the Center for Election Systems at Kennesaw State University to get an answer. In summary: It would be harder than we think — in part because we tend to conflate a number of very different election systems.

“One of the challenges the public has in sorting through the various threads of the current election cycle’s stories is understanding the differences between a campaign system, an election system and a voting system,” King told us.

The campaign system is the tool set used by candidates or parties to get people elected. The election system covers voter registration systems and other data centralization and is specific to jurisdictions. The voting system is the actual process of voting: the machines, the ballots and the designations of who votes where and on what. Information flows between these systems, but not always in two directions: Campaigns, for example, use voter registration data from the elections system but don’t send information back to it. So if a campaign is hacked (or if the Democratic National Committee is), there’s no risk to the voter registration database.

Confusing these systems can mean misunderstanding the threat — and the intent of the hackers.

READ MORE…