Published on 6 Dec 2014
This talk was given at a local TEDx event, produced independently of the TED Conferences. The Internet is on Fire
Mikko is a world class cyber criminality expert who has led his team through some of the largest computer virus outbreaks in history. He spoke twice at TEDxBrussels in 2011 and in 2013. Every time his talks move the world and surpass the 1 million viewers. We’ve had a huge amount of requests for Mikko to come back this year. And guess what? He will!
Prepare for what is becoming his ‘yearly’ talk about PRISM and other modern surveillance issues.
December 17, 2014
The Internet is on Fire | Mikko Hypponen | TEDxBrussels
Comments Off on The Internet is on Fire | Mikko Hypponen | TEDxBrussels
September 14, 2014
Latest Snowden revelation – NSA and GCHQ have full access to German telecom systems
In The Register, Kelly Fiveash sums up the latest information from Edward Snowden:
An NSA and GCHQ surveillance programme — dubbed Treasure Map — grants US and British spooks access to the networks of German telcos such as Deutsche Telekom, according to a new stash of leaked documents from Edward Snowden.
Der Spiegel published the latest revelations today. However, Deutsche Telekom reportedly said it had found no evidence of such tampering on its system.
“We are looking into every indication of possible manipulations but have not yet found any hint of that in our investigations so far,” a spokesman at the company told Reuters.
He added: “We’re working closely with IT specialists and have also contacted German security authorities. It would be completely unacceptable if a foreign intelligence agency were to gain access to our network.”
The Register sought comment from the telco, but it hadn’t immediately got back to us at time of writing.
The Treasure Map programme was described by Snowden as “a 300,000 foot view of the internet” in a New York Times story published in November last year.
Comments Off on Latest Snowden revelation – NSA and GCHQ have full access to German telecom systems
September 9, 2014
Russian FSB lured Estonian official into a trap
In the Guardian, Julian Borger updates the situation in Estonia after the kidnapping of Eston Kohver by Russian forces:
The Estonian intelligence official seized by Russia thought he was going to meet an informant in a secluded spot on the border as part of an organised crime investigation but instead walked into an FSB trap, according to Estonian security sources.
Eston Kohver went to the arranged meeting at 9am on Friday in woodland near the village of Miikse, about five miles north of the official Luhamaa border post. He had armed backup in the form of Estonian security officers nearby but they were unable to react in time because of the use of flash grenades and because their communications were jammed.
By the time they realised what has happening, Kohver had been dragged into the woods on the Russian side of the border by a group of gunmen.
Kohver is now in Moscow where he is awaiting formal charges. Russian media have suggested he could be accused of spying; a pistol, a recording device and €5,000 in cash were displayed on Russian television as evidence.
Estonian security sources confirmed that all the items were Kohver’s but said it was entirely routine for him to be carrying them. The recording device and the cash were intended for the informant he thought he would be meeting.
Comments Off on Russian FSB lured Estonian official into a trap
September 6, 2014
Estonian intelligence official kidnapped by Russian FSB
Russia appears to be willing to test the patience of all of its European neighbours, as Estonia lodges a formal complaint that one of their intelligence officers has been captured by Russian FSB troops on Estonian territory:
A strange incident near the Russian-Estonian border on Friday ended with an Estonian intelligence officer in Russian custody and the two countries trading sharply contradictory allegations about what happened.
Estonia’s president and prime minister, among other officials, said the officer had been kidnapped at gunpoint from their territory and forced across the border in a blatant violation of sovereignty. The Russian Federal Security Service said the officer was in Russia and engaged in a clandestine operation when he was detained.
The episode threatened to heighten tensions between Russia and the NATO alliance, to which Estonia belongs, at a time when relations are already severely strained over the conflict in Ukraine. It came just two days after President Obama gave a speech in Tallinn, the Estonian capital, pledging that NATO would defend the Baltics against Russian aggression and suggesting that any attack on them would lead to war with the West.
Although the intelligence officer was apparently detained around 9 a.m., the Russian security service, known as the F.S.B., did not acknowledge the incident until Friday evening, when it issued a statement to three Russian news agencies.
Senior Estonian officials, including the director of the country’s Internal Security Service, held a news conference in the late afternoon, saying the officer had been abducted after unknown assailants set off a stun grenade and jammed communication signals. At the time of his capture, the officer was investigating a criminal case in the area of Luhamaa, Estonia, a little more than a mile from the border with Russia, officials said, according to Estonian news reports.
Update, 7 September: The Interpreter‘s Ukraine Liveblog included this information today.
Eston Kohver, an Estonian intelligence officer who was, according to Estonia, abducted and taken across the border to Russia yesterday, has appeared in Moscow, where he is being detained. The Estonian authorities reported that smoke grenades were used and that there were signs of a violent struggle. In addition, it was reported that communications signals in the area were jammed at the time of the reported abduction.
Meanwhile the FSB claimed yesterday that Kohver had been arrested on Russian territory, in the Pskov region.
Interfax reports that Russia’s state-owned Channel One announced today that the Lefortovo Court has approved Kohver’s detention on suspicion of espionage.
Here is video from Russia’s Ruptly news agency showing Kohver being taken out of a car and into a pre-trial detention centre (known in Russia as SIZO). The footage also shows a display of the items that the FSB has claimed that were found on Kohver including 5,000 euros in cash and a Taurus pistol.
Comments Off on Estonian intelligence official kidnapped by Russian FSB
July 7, 2014
The “Cambridge Five” were a boozy bunch of incompetents
In the Telegraph, Allan Massie reviews the boozehound “Cambridge Five” who spied for the Soviet Union:
So the Mitrokhin files from Soviet Intelligence reveal that they were wary and critical of some of the Cambridge spies. Burgess and Maclean were unreliable drunks – Burgess careless in looking after files he had removed from the Foreign Office for copying, Maclean given to speaking rashly when in liquor. As we used to say as prep-school boys: “Tell us news, not history.” All this has been known here for a long time. It would be astonishing if it wasn’t equally common knowledge in Moscow, where, one might add, alcoholism was scarcely unusual among members of the Soviet Politburo. The Cambridge spies flourished long before the days of “Only mineral water, thanks” at lunchtime.
Nobody is, even now, quite sure how much damage the Cambridge spies did, though Philby’s responsibility for the deaths of agents smuggled into Albania and other Soviet bloc countries is well established. Arguably they were less important than the “Atom spies”, scientists Klaus Fuchs and Alan Nunn May. They were less highly valued by their masters than Melita Norwood, “the granny spy”. Working as a clerk for a company whose work contributed to the making of the atom bomb, she passed on innumerable scientific and technical documents of great use to Soviet industry. Her controllers described her as “a loyal, trustworthy and disciplined agent”. “Trustworthy and disciplined” were adjectives they would never have applied to Burgess and Maclean, while even Philby wasn’t granted the highest honour, “Hero of the Soviet Union”, perhaps because his masters in Moscow were never absolutely sure where his loyalties lay. The suggestion that he may even have been a triple, rather than merely double, agent, has been floated. Melita Norwood on the other hand was awarded the Order of the Red Banner of Soviet Labour, and given a Soviet pension to ease her retirement in Bexleyheath.
For years after Burgess and Maclean decamped in 1951, it was said that Burgess had no need to do so, because there was no evidence against him and he wasn’t even under suspicion. Maclean’s case was different; he was about to be interrogated. Philby, who had learned of this, told his friend Burgess to tip him off. Burgess was about to be asked to resign from the Foreign Office, but this was because of a number of scandalous drunken episodes when he was attached to the Embassy in Washington. He was in greater danger of prosecution as a homosexual than as a Soviet spy.
Comments Off on The “Cambridge Five” were a boozy bunch of incompetents
May 30, 2014
“French spies [are] number two in the world of industrial cyber-espionage”
High praise indeed for French espionage operatives from … former US Secretary of Defence Robert Gates:
Former spy and defense department secretary Robert Gates has identified France as a major cyber-spying threat against the US.
In statements that are bound to raise eyebrows on both sides of the Atlantic, Gates (not Bill) nominated French spies as being number two in the world of industrial cyber-espionage.
“In terms of the most capable, next to the Chinese, are the French – and they’ve been doing it a long time” he says in this interview at the Council on Foreign Relations.
Rather than a precis, The Register will give you some of Gates’s (not Bill) words verbatim, starting just after 21 minutes in the video, when he answers a question about America’s recent indictment of five Chinese military hackers.
“What we have accused the Chinese of doing – stealing American companies’ secrets and technology – is not new, nor is it something that’s done only by the Chinese,” Gates tells the interviewer. “There are probably a dozen or fifteen countries that steal our technology in this way.
“In terms of the most capable, next to the Chinese, are probably the French, and they’ve been doing it a long time.
Comments Off on “French spies [are] number two in the world of industrial cyber-espionage”
March 23, 2014
QotD: Woodrow Wilson
The fraudulence of Wilson is now admitted by all save a few survivors of the old corps of official press-agents, most of them devoid of both honesty and intelligence. No unbiased man, in the presence of the revelations of Bullitt, Keynes and a hundred other witnesses, and of the Russian and Shantung performances, and of innumerable salient domestic phenomena, can now believe that the Doctor dulcifluus was ever actually in favor of any of the brummagem ideals he once wept for, to the edification of a moral universe. They were, at best, no more than ingenious ruses de guerre, and even in the day of their widest credit it was the Espionage Act and the Solicitor-General to the Post Office, rather than any plausibility in their substance, that got them that credit. In [Theodore] Roosevelt’s case the imposture is less patent; he died before it was fully unmasked. What is more, his death put an end to whatever investigation of it was under way, for American sentimentality holds that it is indecent to inquire into the weaknesses of the dead, at least until all the flowers have withered on their tombs. When, a year ago, I ventured in a magazine article to call attention to Roosevelt’s philosophical kinship to the Kaiser I received letters of denunciation from all parts of the United States, and not a few forthright demands that I recant on penalty of lynch law. Prudence demanded that I heed these demands. We live in a curious and often unsafe country.
H.L. Mencken, “Roosevelt: An Autopsy”, Prejudices, part 2, 1920.
Comments Off on QotD: Woodrow Wilson
Isn’t it Ironic: Government Surveillance Version (with Remy)
Published on 20 Mar 2014
Remy updates the Alanis Morissette hit for a certain senior senator from California.
Approximately 2 minutes.
Written by Remy. Video and animation by Meredith Bragg. Music performed, produced, recorded, mixed and mastered by Ben Karlstrom.
For full text, links, downloadable versions and more, go to: http://reason.com/reasontv/2014/03/20/remy-isnt-it-ironic.
Lyrics:
A Senator lady
Got the news one day
The country’s being spied on
by the NSASo she went out defending
on each TV set
but when she found out she’d been snooped on
she got all upsetAnd isn’t it ironic?
I mean, don’t you think?It’s like you’re at Chris Brown’s
and there’s punch in the fridge
or if The Bachelor
passed a geography quizLearning Ted Kennedy
happened to be good at bridge.
And who would have thought?
It figures.Senator, this may surprise you
and the irony bites
but Congresspeople ain’t the only ones
with 4th Amendment rightsIt’s like a minimalist
who does their laundry
with All
or if Woody Allen liked to watch
Kids in the Hallit’s like FDR
got locked in a Honda Accord
a cheap healthcare plan
that you just can’t affordIf Oscar Pistorius
really hated The Doors
and who would have thought?
It figures.I heard the government
is sneaking up on you.
Life has a funny, funny way
of calling you out
calling you out.
Comments Off on Isn’t it Ironic: Government Surveillance Version (with Remy)
March 12, 2014
March 10, 2014
When we do it, it’s “intelligence gathering”, when they do it, it’s “cyberwar”
Bruce Schneier on the odd linguistic tic of how we describe an act depending on who the actor is:
Back when we first started getting reports of the Chinese breaking into U.S. computer networks for espionage purposes, we described it in some very strong language. We called the Chinese actions cyber–attacks. We sometimes even invoked the word cyberwar, and declared that a cyber-attack was an act of war.
When Edward Snowden revealed that the NSA has been doing exactly the same thing as the Chinese to computer networks around the world, we used much more moderate language to describe U.S. actions: words like espionage, or intelligence gathering, or spying. We stressed that it’s a peacetime activity, and that everyone does it.
The reality is somewhere in the middle, and the problem is that our intuitions are based on history.
Electronic espionage is different today than it was in the pre-Internet days of the Cold War. Eavesdropping isn’t passive anymore. It’s not the electronic equivalent of sitting close to someone and overhearing a conversation. It’s not passively monitoring a communications circuit. It’s more likely to involve actively breaking into an adversary’s computer network — be it Chinese, Brazilian, or Belgian — and installing malicious software designed to take over that network.
In other words, it’s hacking. Cyber-espionage is a form of cyber-attack. It’s an offensive action. It violates the sovereignty of another country, and we’re doing it with far too little consideration of its diplomatic and geopolitical costs.
Comments Off on When we do it, it’s “intelligence gathering”, when they do it, it’s “cyberwar”
February 6, 2014
TAFTA/TTIP – The US is negotiating from a position of unassailable strength
At Techdirt, Glyn Moody explains why the EU is insane not to demand that the negotiations with the US government over TAFTA/TTIP be made fully public:
On the one side is the US, on the other, the 28 nations that go to make up the European Union. Because they have differing views on the TAFTA/TTIP negotiations, it’s necessary to pass around many documents conveying information about the current negotiations, and seek to obtain some kind of consensus on future EU proposals and flexibilities.
In the wake of Snowden’s revelations, security will doubtless be much better than during the Copenhagen Summit, when supposedly secret messages were sent using unencrypted emails. But it only needs one weak link in the European Union’s security chain — somebody who forgets to encrypt his or her message, or who leaves it on a system that has been compromised — and the NSA will be able to access that information, and pass it on to the US negotiators, just as it did in Copenhagen.
The key point is that there is a profound information asymmetry in the TAFTA/TTIP talks. Although the spy agencies of the EU countries will doubtless be trying their best to obtain confidential information about US negotiating tactics, it will be much harder than it is for the US to do the same about EU positions. That’s because the NSA is far larger, and far more expert than the EU agencies. GCHQ is probably the nearest in terms of capabilities, but is so closely allied with the NSA in other areas that it probably won’t be trying too hard so as not to annoy its paymaster.
This more or less guarantees that the US will know everything about the EU’s negotiating plans during TAFTA/TTIP, while the EU will remain in the dark about the US intentions. That not only undercuts the European Commission’s argument that releasing documents is not possible because they must remain secret during the negotiations — they won’t be — it also gives the EU a huge incentive to insist on full transparency for the talks. That way, the EU negotiators would be able to see at least some US documents that currently are hidden from them, whereas the US would gain little that it didn’t already know through more dubious means.
Comments Off on TAFTA/TTIP – The US is negotiating from a position of unassailable strength
January 15, 2014
The NSA’s rise to being the “centerpiece of the entire intelligence system”
In Wired, Felix Salmon explains that “Quants don’t know everything”:
By now, nearly everyone from the president of the United States on down has admitted that the National Security Agency went too far. Documents leaked by Edward Snowden, the rogue NSA contractor who has since gained asylum in Russia, paint a picture of an organization with access to seemingly every word typed or spoken on any electronic device, anywhere in the world. And when news of the NSA’s reach became public — as it was surely bound to do at some point — the entire US intelligence apparatus was thrust into what The New York Times recently called a “crisis of purpose and legitimacy.”
It was a crisis many years in the making. Over the course of three decades, the NSA slowly transformed itself from the nation’s junior spy agency to the centerpiece of the entire intelligence system. As the amount of data in the world doubled, and doubled again, and again, the NSA kept up with it — even as America’s human intelligence capability, as typified by old-fashioned CIA spies in the field, struggled to do anything useful with the unprecedented quantities of signals intelligence they had access to. Trained agency linguists capable of parsing massive quantities of Arabic- and Farsi-language intercepts don’t scale up nearly as easily as data centers do.
That, however, wasn’t the computer geeks’ problem. Once it was clear that the NSA could do something, it seemed inarguable that the agency should do it — even after the bounds of information overload (billions of records added to bulging databases every day) or basic decency (spying on allied heads of state, for example) had long since been surpassed. The value of every marginal gigabyte of high tech signals intelligence was, at least in theory, quantifiable. The downside — the inability to prioritize essential intelligence and act on it; the damage to America’s democratic legitimacy — was not. As a result, during the past couple of decades spycraft went from being a pursuit driven by human judgment calls to one driven by technical capability.
Comments Off on The NSA’s rise to being the “centerpiece of the entire intelligence system”
December 11, 2013
Edward Snowden interviewed by Time
He may not have made the cover as “person of the year”, but he’s still very newsworthy:
For Snowden, those impacts are but a means to a different end. He didn’t give up his freedom to tip off German Chancellor Angela Merkel about the American snoops on her cell phone or to detail the ways the NSA electronically records jihadi porn-watching habits. He wanted to issue a warning to the world, and he believed that revealing the classified information at his fingertips was the way to do it. His gambit has so far proved more successful than he reasonably could have hoped — he is alive, not in prison, and six months on, his documents still make headlines daily — but his work is not done, and his fate is far from certain. So in early October, he invited to Moscow some supporters who wanted to give him an award.
After the toasts, some photographs and a brief ceremony, Snowden sat back down at the table, spread with a Russian buffet, to describe once again the dystopian landscape he believes is unfolding inside the classified computer networks on which he worked as a contractor. Here was a place that collected enormous amounts of information on regular citizens as a precaution, a place where U.S. law and policy did not recognize the right to privacy of foreigners operating outside the country, a place where he believed the basic freedoms of modern democratic states — “to speak and to think and to live and be creative, to have relationships and to associate freely” — were under threat.
“There is a far cry between legal programs, legitimate spying, legitimate law enforcement — where it is targeted, it’s based on reasonable suspicion, individualized suspicion and warranted action — and the sort of dragnet mass surveillance that puts entire populations under a sort of an eye and sees everything, even when it is not needed,” Snowden told his colleagues. “This is about a trend in the relationship between the governing and governed in America.”
That is the thing that led him to break the law, the notion that mass surveillance undermines the foundations of private citizenship. In a way, it is the defining critique of the information age, in which data is increasingly the currency of power. The idea did not originate with Snowden, but no one has done more to advance it. “The effect has been transformative,” argues Julian Assange, the founder of WikiLeaks, who has been helping Snowden from the confines of the Ecuadorean embassy in London. “We have shifted from a small group of experts understanding what was going on to broad public awareness of the reality of NSA mass surveillance.” If Facebook’s Mark Zuckerberg is the sunny pied piper of the new sharing economy, Snowden has become its doomsayer.
Comments Off on Edward Snowden interviewed by Time
November 14, 2013
How the internet was “weaponized”
In Wired, Nicholas Weaver looks back on the way the internet was converted from a passive network infrastructure to a spy agency wonderland:
According to revelations about the QUANTUM program, the NSA can “shoot” (their words) an exploit at any target it desires as his or her traffic passes across the backbone. It appears that the NSA and GCHQ were the first to turn the internet backbone into a weapon; absent Snowdens of their own, other countries may do the same and then say, “It wasn’t us. And even if it was, you started it.”
If the NSA can hack Petrobras, the Russians can justify attacking Exxon/Mobil. If GCHQ can hack Belgicom to enable covert wiretaps, France can do the same to AT&T. If the Canadians target the Brazilian Ministry of Mines and Energy, the Chinese can target the U.S. Department of the Interior. We now live in a world where, if we are lucky, our attackers may be every country our traffic passes through except our own.
Which means the rest of us — and especially any company or individual whose operations are economically or politically significant — are now targets. All cleartext traffic is not just information being sent from sender to receiver, but is a possible attack vector.
[…]
The only self defense from all of the above is universal encryption. Universal encryption is difficult and expensive, but unfortunately necessary.
Encryption doesn’t just keep our traffic safe from eavesdroppers, it protects us from attack. DNSSEC validation protects DNS from tampering, while SSL armors both email and web traffic.
There are many engineering and logistic difficulties involved in encrypting all traffic on the internet, but its one we must overcome if we are to defend ourselves from the entities that have weaponized the backbone.
Comments Off on How the internet was “weaponized”
November 6, 2013
Taiwan suffers espionage leak
Strategy Page on the most recent intelligence coup by the Chinese military:
Taiwan recently admitted that it had suffered some serious damage when it discovered that one of its air force officers (identified only as “Major Hao”) sold many technical details of the new E-2K AWACS (Airborne Warning and Control System) aircraft to China. Hao did it for money, and Taiwanese counterintelligence found over a dozen other Chinese intel operatives during the investigation that uncovered the E-2K leaks. Since the E-2K contains mostly American technology and is based on the E-2C use on American aircraft carriers, this intelligence disaster is going to cost America a lot as well. Since China now knows the details of how the E-2 electronics work, they can develop better ways to deceive and disrupt E-2 operations.
Earlier this year Taiwan received the last two of four E-2K aircraft from the U.S., where they have been sent for upgrading to the E-2C 2000 standard. The first two E-2Ks were sent in 2009. The upgrade cost about $63 million per aircraft. Taiwan bought two E-2Ks new in 2006 as well.
The Taiwanese E-2K is very similar to the American E-2C, which is being replaced with a newer model. In 2010 the U.S. Navy received its first E-2D aircraft. This is the latest version of the E-2 Hawkeye radar aircraft that was originally introduced in 1964. The two engine, 24 ton E-2 was never produced in large quantities (fewer than a hundred are in use). Six years ago the E-2 fleet reached a milestone of a million flight hours.
[…]
The U.S. usually does not export the latest versions of electronic equipment. Thus the Taiwan leak means the older American E-2C is compromised but not (to a great extent) the most recent E-2D model. But the Taiwanese are justifiably afraid that there will be even more reluctance by the United States to sell Taiwan the latest versions of anything because of the successful Chinese espionage efforts in Taiwan. Then again, maybe not. That’s because that espionage works both ways. The Taiwanese have been very successful using the same tactics (offering cash or using blackmail and other threats) against the Chinese. While the American and Taiwanese tech is more valuable (because it is more advanced) it’s useful to know the details of the best stuff the Chinese have.
Comments Off on Taiwan suffers espionage leak
