GCHQ secret unit uses DDOS attack tactics against Anonymous – Snowden leak

GCHQ secret unit uses DDOS attack tactics against Anonymous – Snowden leak
Published time: February 05, 2014 08:48
Edited time: February 05, 2014 10:51 Get short URL
AFP Photo / Peter StefenAFP Photo / Peter Stefen

http://rt.com/news/gchq-ddos-attacks-anonymous-670/

British intelligence has its own hacker subdivision that uses questionable practices for hunting down enemies of the state, reveals a new leak from Edward Snowden. GCHQ is fighting Anonymous and LulzSec hacktivists with DDoS attacks and malware.

A classified document obtained by NBC News reveals that the British secret service is brandishing a cyber-sword in the guise of the Joint Threat Research Intelligence Group (JTRIG), an intelligence unit not constrained by domestic or international laws.

The JTRIG unit is staging distributed denial of service (DDoS) cyber-attacks, implanting malware to disclose identities of hackers in order to prevent their communications. JTRIG is such a secret unit that its very name has never been mentioned anywhere before.

A PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, obviously from the collection of documents from the former NSA contractor, Edward Snowden, contains information about the Rolling Thunder operation against Anonymous hacktivists. JTRIG organized a DDoS attack on the internet relay chat (IRC) used by Anonymous, which reportedly resulted in 80 percent of the users quitting internet chat rooms.

The fact that the presentation was made at a conference of America’s National Security Agency is particularly interesting. It means that the NSA was informed about such governmental activities in the UK.

A DDoS attack is a criminal offence in most countries, the US and UK included. For example, in the UK a person found guilty of a cyber attack would be charged in accordance with the Computer Misuse Act, while in the US such illegal activities are prosecuted with the Computer Fraud and Abuse Act (CFAA).

Besides that, according to cyber experts, a DDOS attack takes down an entire server, with all websites hosted on it, along with other severs operated by the same Internet Server Provider (ISP). This means that while attacking Anonymous chat rooms, JTRIG was actually disabling other web resources that had no connection to Anonymous whatsoever.

If the fact of a DDoS attack by a secret service gets some independent proof, it would mean that Britain will become the first state incriminated in staging a cyber-attack, internationally recognized as unlawful.

“Law enforcement and intelligence officials must be able to pursue individuals who are going far beyond speech and into the realm of breaking the law: defacing and stealing private property that happens to be online,” said the former head of the US National Counterterrorism Center and now an NBC News analyst Michael Leiter, noting that “there must, of course, be limitations”.

“No one should be targeted for speech or thoughts, but there is no reason law enforcement officials should unilaterally declare law breakers safe in the online environment,” said Leiter.

“Targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs,” said NBC News’ Gabriella Coleman, an anthropology professor at McGill University.

In another NSA document in possession of NBC News, a JTRIG official maintains that the unit’s activities are definitely not limited to computer network protection. JTRIG is staging attacks itself, Such as “Active Covert Internet Operations” and “Covert Technical Operations”. The unit is vigorously using cyber tools to disrupt enemy communications, engaging in computer and phone jamming, breaching email accounts and conducting ‘false flag’ operations.

The Anonymous global hacker community emerged in 2011, and conducted the “Operation Payback” campaign, a series of attacks against government websites in Britain and the US in protest against the prosecution of Chelsea Manning, who handed over thousands of classified US military documents to WikiLeaks. They also attacked several financial organizations, such as credit card companies and the PayPal pay service for blocking donations support to WikiLeaks.

​Major computer security firm RSA took $10 million from NSA to weaken encryption

​
Amazing... they sold their company's future reputation down the drain for only $10 million? -Bill

Major computer security firm RSA took $10 mln from NSA to weaken encryption

Published time: December 20, 2013 23:48 Get short URL
RSA SecureID electronic keys (Reuters / Michael Caronna)RSA SecureID electronic keys (Reuters / Michael Caronna)


The National Security Agency arranged a clandestine US$10 million contract with computer security power RSA that allowed the spy agency to embed encryption software it could use to infiltrate the company’s widely used products, Reuters reported.

Revelations provided by former NSA contractor Edward Snowden and first reported in September showed that the NSA created and perpetuated a corruptible formula that was ultimately a “back door” into encryption products.

Reuters later reported RSA became the lead distributor of the formula, installing it into a software tool known as BSAFE that is widely used to boost security in personal computers and other products.

Unknown then was the $10 million deal that set the NSA’s formula as the default method for the security measure - in which random numbers are generated on a key for access to a product - in BSAFE, according to Reuters’ sources. Though the sum of money for the deal seems low, it represented over a third of revenue the relevant division at RSA had made the previous year, according to security filings.

RSA was previously known for its crusading fights to protect computer security and privacy in the face of government interests, as it played a major role in blocking an effort by the NSA in the 1990s to require a special chip that would have enabled surveillance on many computer and communication products.

Following the September disclosure, RSA, now a subsidiary of computer storage company EMC Corp, privately warned thousands of its customers to immediately discontinue using all versions of company's BSAFE toolkit and Data Protection Manager (DPM), both using Dual_EC_DRNG (Dual Elliptic Curve Deterministic Random Bit Generator) encryption algorithm to protect sensitive data.

RSA and EMC would not comment to Reuters about the alleged deal, but RSA said in a statement:

"RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products. Decisions about the features and functionality of RSA products are our own."

The NSA declined to comment.



Most of the dozen current and former RSA employees interviewed by Reuters cited the company’s move away from strictly providing cryptography products as a reason the ill-advised deal was made. Though several also said government officials deceived RSA by portraying the corrupt formula as secure.

"They did not show their true hand," said one source that knew of the NSA deal.

RSA’s advocacy for security
RSA’s history as pioneers of trusted cryptography goes back to the 1970s. Their encryption tools have been licensed by many major technology companies, which have used RSA products to secure hundreds of millions of personal computers around the world. Their core technology - public key cryptography - uses two keys rather than one to publicly encode messages, then privately reveal them.

Even in the earliest days of RSA’s existence, it quarreled with US intelligence entities that worried the dual-key format would block government access. As RSA’s products became more widespread, the contention rose. In the 1990s, the Clinton administration pushed the Clipper Chip, a mandatory piece of hardware in phones and computers that would have enabled officials to supersede encryption without a warrant. RSA led a campaign to block the Clipper Chip, arguing products so easily surveilled would cripple overseas sales of US tech products.

The White House then moved to advocating stronger export controls to keep top cryptography in the US, yet RSA again persuaded the industry to oppose the effort. The export restrictions were eventually discarded.

A new era
But the attacks of September 11, 2001, flipped some of the power dynamics. In addition, many top engineers of the old fights against the government left the company, and BSAFE was becoming an increasingly smaller share of the company’s revenue.

"When I joined there were 10 people in the labs, and we were fighting the NSA," said Victor Chan, an top RSA engineer before he left in 2005. "It became a very different company later on."

By 2006, RSA was considered a prime government partner in the fight against overseas hackers.

New RSA Chief Executive Art Coviello, who declined an interview request with Reuters, signed on to adopt an algorithm called Dual Elliptic Curve - designed by the NSA - even before the formula was approved for government use. RSA’s use of the algorithm actually helped the NSA win approval with the National Institutes of Standards and Technology, which oversees government tech product usage.

RSA’s contract made Dual Elliptic Curve the default formula for producing random numbers in the company’s encryption tools. Former employees said given company business leaders approved the deal rather than technologists, no alarms were raised.

"The labs group had played a very intricate role at BSAFE, and they were basically gone," said labs veteran Michael Wenocur, who left RSA in 1999.

Though it privately urged customers to stop using the Dual Elliptic Curve following the September revelations, RSA has been publicly quiet about its relationship with the NSA.

The RSA deal again implicates a key strategy the NSA employs for enhanced surveillance, as shown by Snowden’s leaked documents: the weakening of security tools as a result of the agency’s “commercial relationships” with security and tech companies.

A review board established by the White House to investigate the NSA’s controversial surveillance operations said this week it believes the NSA should make changes to spying protocol, including measures that have usurped cryptography.

Among the recommendations, the panel called for the US government to "fully support and not undermine efforts to create encryption standards," and "not in any way subvert, undermine, weaken or make vulnerable generally available commercial software."