Search

band annie's Weblog

I have a parallel blog in French at http://anniebannie.net

Open Search
Tag

Surveillance

REVEALED: How NSA Infects Computers with Malware

 March 13, 2014 at 1:23 AM

nsa-malware

03/12/2014

Ryan Gallagher/Glenn Greenwald/TheIntercept:

Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.

The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.

Classification markings on the Snowden documents indicate that NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance – the United Kingdom, Canada, New Zealand, and Australia.

The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.

The NSA has a diverse arsenal of malware tools, each highly sophisticated and customizable for different purposes.

One implant, codenamed UNITEDRAKE, can be used with a variety of “plug-ins” that enable the agency to gain total control of an infected computer.

An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer’s microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer’s webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer.

read on here

0

U.S. “Army Network 2020″: Behavior-Based Analytics Will Monitor Soldiers/Employees to Thwart Future Whistleblowers

November 20, 2013 at 10:16 PM

whistleblower-insider-threat

11/19/2013

Mashable:

The U.S. Army plans to monitor the online behavior of its employees with tracking software that will be woven into Army Network 2020, an in-house computer network set to launch in seven years.

The network, which aims to catch anyone who might download and distribute classified documents, comes after former National Security Agency contractor Edward Snowden leaked information revealing that the agency collects data on everyone from average American citizens to world leaders. The order for a tracking system dates back to last November, when U.S. President Barack Obama issued a memo that describes programs meant to “deter, detect and mitigate actions by employees who may represent a threat to national security.”

See Also: Obama’s Crackdown Views Leaks as Aiding Enemies of U.S.

The network will use “behavior-based analytics” to monitor the activity of soldiers, according to National Defense Magazine, citing Maj. Gen. Alan Lynn. In particular, the army plans to target employees who have just started or are about to leave their job, as they are seen as most likely to leak information. The system will be able to detect a range of behaviors, including how many emails someone sends per day, and the amount of information that person downloads.

“Outside of simply saying that the Army intelligence community is complying with executive orders and directives that call for network auditing, the details of those efforts are not releasable,” Matthew Bourke, a spokesperson for the U.S. Army, told Mashable in an email.

Although Bourke declined to answer questions about the extent of the monitoring, his statement confirmed that Army Network 2020 will include an employee-monitoring component.

source

0

Blog at WordPress.com.

Up ↑