GCHQ secret unit uses DDOS attack tactics against Anonymous – Snowden leak

GCHQ secret unit uses DDOS attack tactics against Anonymous – Snowden leak
Published time: February 05, 2014 08:48
Edited time: February 05, 2014 10:51 Get short URL
AFP Photo / Peter StefenAFP Photo / Peter Stefen

http://rt.com/news/gchq-ddos-attacks-anonymous-670/

British intelligence has its own hacker subdivision that uses questionable practices for hunting down enemies of the state, reveals a new leak from Edward Snowden. GCHQ is fighting Anonymous and LulzSec hacktivists with DDoS attacks and malware.

A classified document obtained by NBC News reveals that the British secret service is brandishing a cyber-sword in the guise of the Joint Threat Research Intelligence Group (JTRIG), an intelligence unit not constrained by domestic or international laws.

The JTRIG unit is staging distributed denial of service (DDoS) cyber-attacks, implanting malware to disclose identities of hackers in order to prevent their communications. JTRIG is such a secret unit that its very name has never been mentioned anywhere before.

A PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, obviously from the collection of documents from the former NSA contractor, Edward Snowden, contains information about the Rolling Thunder operation against Anonymous hacktivists. JTRIG organized a DDoS attack on the internet relay chat (IRC) used by Anonymous, which reportedly resulted in 80 percent of the users quitting internet chat rooms.

The fact that the presentation was made at a conference of America’s National Security Agency is particularly interesting. It means that the NSA was informed about such governmental activities in the UK.

A DDoS attack is a criminal offence in most countries, the US and UK included. For example, in the UK a person found guilty of a cyber attack would be charged in accordance with the Computer Misuse Act, while in the US such illegal activities are prosecuted with the Computer Fraud and Abuse Act (CFAA).

Besides that, according to cyber experts, a DDOS attack takes down an entire server, with all websites hosted on it, along with other severs operated by the same Internet Server Provider (ISP). This means that while attacking Anonymous chat rooms, JTRIG was actually disabling other web resources that had no connection to Anonymous whatsoever.

If the fact of a DDoS attack by a secret service gets some independent proof, it would mean that Britain will become the first state incriminated in staging a cyber-attack, internationally recognized as unlawful.

“Law enforcement and intelligence officials must be able to pursue individuals who are going far beyond speech and into the realm of breaking the law: defacing and stealing private property that happens to be online,” said the former head of the US National Counterterrorism Center and now an NBC News analyst Michael Leiter, noting that “there must, of course, be limitations”.

“No one should be targeted for speech or thoughts, but there is no reason law enforcement officials should unilaterally declare law breakers safe in the online environment,” said Leiter.

“Targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs,” said NBC News’ Gabriella Coleman, an anthropology professor at McGill University.

In another NSA document in possession of NBC News, a JTRIG official maintains that the unit’s activities are definitely not limited to computer network protection. JTRIG is staging attacks itself, Such as “Active Covert Internet Operations” and “Covert Technical Operations”. The unit is vigorously using cyber tools to disrupt enemy communications, engaging in computer and phone jamming, breaching email accounts and conducting ‘false flag’ operations.

The Anonymous global hacker community emerged in 2011, and conducted the “Operation Payback” campaign, a series of attacks against government websites in Britain and the US in protest against the prosecution of Chelsea Manning, who handed over thousands of classified US military documents to WikiLeaks. They also attacked several financial organizations, such as credit card companies and the PayPal pay service for blocking donations support to WikiLeaks.

Washington State Bill Would Turn Off Resources to NSA's Yakima Facility

Thursday, January 16, 2014
Washington State Bill Would Turn Off Resources to NSA's Yakima Facility

Activist Post

The state level campaign to turn off power and electricity to the NSA got a big boost Wednesday.

In a bipartisan effort, Washington became first state with a physical NSA location to consider the Fourth Amendment Protection Act, designed to make life extremely difficult for the massive spy agency.

Rep. David Taylor (R-Moxee) and Rep Rep. Luis Moscoso (D- Mountlake Terrace) introduced HB2272 late Tuesday night. Based on model language drafted by the OffNow coalition, it would make it the policy of Washington “to refuse material support, participation, or assistance to any federal agency which claims the power, or with any federal law, rule, regulation, or order which purports to authorize, the collection of electronic data or metadata of any person pursuant to any action not based on a warrant.”

Practically speaking, the bill prohibits state and local agencies from providing any material support to the NSA within their jurisdiction. This includes barring government-owned utilities from providing water and electricity. It makes information gathered without a warrant by the NSA and shared with law enforcement inadmissible in state court. It blocks public universities from serving as NSA research facilities or recruiting grounds. And it disincentivizes corporations attempting to fill needs not met in the absence of state cooperation.

Lawmakers in Oklahoma, California and Indiana have already introduced similar legislation, and a senator in Arizona has committed to running it there, but Washington counts as the first state with an actual NSA facility within its borders to consider the Fourth Amendment Protection Act. The NSA operates a listening center on the Army’s Yakima Training Center (YTC). The NSA facility is in Taylor’s district, and he said he cannot sit idly by while a secretive facility in his own backyard violate the rights of people everywhere.

“We’re running the bill to provide protection against the ever increasing surveillance into the daily lives of our citizens,” he said. “Our Founding Fathers established a series of checks and balances in the Constitution. Given the federal government’s utter failure to address the people’s concerns, it’s up to the states to stand for our citizens’ constitutional rights.”

According to documents made public by the US Military, as of 2008, a company called PacifiCorp serves as the primary supplier of electric power, and Cascade Natural Gas Corporation supplies natural gas to YTC. The Kittitas Public Utility District, a function of the state of Washington, provides electric power for the MPRC and the Doris site, but no documentation has yet proven that it also provides electricity used directly by the NSA facility on site. And while YTC does provide a bulk of its own water, documents also show that some of it gets there by first passing through upstream dams owned and operated by the State.

The Army report states, “YTC lies within three WAUs whose boundaries coincide with WRIAs, as defined by the State of Washington natural resource agencies.”

WAU’s are Washington State Water Administration Units. WRIAs are Washington State Water Resource Inventory Areas

A Washington company also has a strong link to the NSA. Cray Inc. builds supercomputers for the agency.

If the bill passes, it would set in motion actions to stop any state support of the Yakima center as long as it remains in the state, and could make Cray ineligible for any contracts with the state or its political subdivisions.

Three public universities in Washington join 166 schools nationwide partnering with the NSA. Taylor’s bill would address these schools’ status as NSA “Centers of Academic Excellence,” and would bar any new partnerships with other state colleges or universities.

Tenth Amendment Center national communications director Mike Maharrey says the bills prohibition against using unconstitutionally gathered data in state court would probably have the most immediate impact. In fact, lawmakers in Kansas and Missouri will consider bills simply addressing this kind of data sharing.

“We know the NSA shares data with state and local law enforcement. We know from a Reuters report that most of this shared data has absolutely nothing to do with national security issues. This bill would make that information inadmissible in state court,” he said. “This data sharing shoves a dagger into the heart of the Fourth Amendment. This bill would stop that from happening. This is a no-brainer. Every state should do it.”

Maharrey said he expects at least three more states to introduce the act within the next few weeks.

“This idea is catching fire,” he said. “And why wouldn’t it? We have an out of control agency spying on virtually everybody in the world. We have a president and a Congress that appears poised to maybe put a band aid on it. Americans are realizing if we are going to slow down the NSA, we are going to have to take a different approach. This is it.”

ACTION ITEMS

1. Washington State Residents – Visit this page and take the specific actions today.
http://offnow.org/washington/

2. Other states – follow this link:
http://offnow.org/state

The OffNow coalition is group of grassroots organizations and individuals spanning the political spectrum committed to stopping unconstitutional NSA spying through state and local activism

Contact: Mike Maharrey
Communications Director
O: 213.935.0553
media@tenthamendmentcenter.com

How the NSA hacks PCs, phones, routers, hard disks 'at speed of light': Spy tech catalog leaks - It's not as bad as you thought - it's much worse

How the NSA hacks PCs, phones, routers, hard disks 'at speed of light': Spy tech catalog leaks - It's not as bad as you thought - it's much worse
http://www.theregister.co.uk/2013/12/31/nsa_weapons_catalogue_promises_pwnage_at_the_speed_of_light/
By Iain Thomson, 31st December 2013

Analysis A leaked NSA cyber-arms catalog has shed light on the technologies US and UK spies use to infiltrate and remotely control PCs, routers, firewalls, phones and software from some of the biggest names in IT.

The exploits, often delivered via the web, provide clandestine backdoor access across networks, allowing the intelligence services to carry out man-in-the-middle attacks that conventional security software has no chance of stopping.


And if that fails, agents can simply intercept your hardware deliveries from Amazon to install hidden gadgets that rat you out via radio communications.

The 50-page top-secret document, written by an NSA division called ANT, is part of an information dump sent to German magazine Der Spiegel, and expounded upon by journalist Jacob Appelbaum in his keynote to the 30th Chaos Communication Congress in Germany on Monday. You can watch a clearly furious Appelbaum in the video below.

The dossier is a glorified shopping catalog of technology for spies in the so-called "Five Eyes" alliance of the UK, the US, Canada, Australia, and New Zealand. It gives the clearest view yet of what the NSA, GCHQ and associated intelligence agencies can do with your private data, and how they manage it. Here's an easy-to-digest roundup of what was discussed.

Satellite and optic-fiber communications stored
According to Appelbaum, the NSA is running a two-stage data dragnet operation. The first stage is TURMOIL, which collects data traffic passively via satellite and cable taps and stores it – in some cases for up to 15 years – for future reference. The NSA does not consider this surveillance because no human operator is involved, just automatic systems.

Der Spiegel gave the example of the SEA-ME-WE-4 underwater cable system, which runs from Europe to North Africa, then on to the Gulf states to Pakistan and India before terminating in the Far East. The documents show that on February 13 this year a tap was installed on the line by the NSA that gave layer-two access to all internet traffic flowing through that busy route.



However, this passive capability is backed up by TURBINE, the active intervention side of the NSA, run by its Tailored Access Operations (TAO) hacking squad. By using a selection of hardware and software tools, not to mention physical measures as we'll see later on, the NSA promises that systems can be hacked "at the speed of light," and the staffers in Maryland even took time to build a LOLcat picture highlighting the capability:

Sure they own you, but look at the little kitty. Credit: NSA

"Tailored Access Operations is a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies," the NSA said in a statement on the report, adding that TAO's "work is centered on computer network exploitation in support of foreign intelligence collection."

Windows crash reports boon for spies
On the subject of operating systems, Appelbaum said the documents revealed subversion techniques against Windows, Linux, and Solaris. In the case of Microsoft, the NSA is monitoring Windows software crash reports to gain insight into vulnerabilities on a target system and exploit them for its own ends.

“Customers who choose to use error reports send limited information about, for example, the process, application, or device driver, that may have encountered a problem," a Microsoft spokesperson told El Reg in a statement responding to Der Spiegel's report.

"Reports are then reviewed and used to improve customer experiences. Microsoft does not provide any government with direct or unfettered access to our customer’s data. We would have significant concerns if the allegations about government actions are true."

NSA buys up security exploits to attack vulnerabilities
When it comes to active penetration, the TAO team has a system dubbed QUANTUMTHEORY, an arsenal of zero-day exploits that it has either found itself or bought on the open market from operators like VUPEN. Once inside a computer, software dubbed SEASONEDMOTH is automatically secreted and used to harvest all activity by the target in a 30-day period.

For computers and networks that have firewalls and other security systems in place, the NSA uses QUANTUMNATION, a tool that will scan defenses using software dubbed VALIDATOR to find an exploitable hole, and then use it to seize control using code dubbed COMMENDEER.

A system dubbed QUANTUMCOPPER also gives the NSA the ability to interfere with TCP/IP connections and disrupt downloads to inject malicious code or merely damage fetched files. Appelbaum said such a system could be used to crash anonymizing systems like Tor by forcing an endless series of resets – and makes the designers of the Great Firewall of China look like amateurs.

The website you are visiting is really not the website you want
But it's a scheme dubbed QUANTUMINSERT that Appelbaum said was particularly concerning. The documents show that if a target tries to log onto Yahoo! servers, a subverted local router can intercept the request before it hits Meyer & Co's data center and redirect it to a NSA-hosted mirror site where all activity can be recorded and the connection tampered.

It's not just Yahoo! in the firing line: QUANTUMINSERT can be set up to automatically attack any computer trying to access all sorts of websites. The code predominantly injects malware into religious or terrorism websites to seize control of vulnerable web browsers and their PCs.

But the technology has also been spotted monitoring visits to sites such as LinkedIn and CNN.com, and will work with most major manufacturer's routers to pull off its software injection. (If you think using HTTPS will highlight any of these man-in-the-middle attacks, bear in mind it's believed that the NSA and GCHQ have penetrated the security certificate system underpinning SSL/TLS to allow the agencies' computers to masquerade as legit web servers.)

According to the catalog, Cisco hardware firewalls, such as the PIX and ASA series, and Juniper Netscreen and ISG 1000 products, can have backdoors installed in their firmware to monitor traffic flowing in and out of small businesses and corporate data centers. A boot ROM nasty exists for the Huawei Eudemon firewalls, we're told; Huawei being the gigantic Chinese telcoms electronics maker. Other BIOS-level malware is available for Juniper and and Hauawei routers, according to the dossier.

"At this time, we do not know of any new product vulnerabilities, and will continue to pursue all avenues to determine if we need to address any new issues. If we learn of a security weakness in any of our products, we will immediately address it," said Cisco in a blog post.

"As we have stated prior, and communicated to Der Spiegel, we do not work with any government to weaken our products for exploitation, nor to implement any so-called security ‘back doors’ in our products."

​Major computer security firm RSA took $10 million from NSA to weaken encryption

​
Amazing... they sold their company's future reputation down the drain for only $10 million? -Bill

Major computer security firm RSA took $10 mln from NSA to weaken encryption

Published time: December 20, 2013 23:48 Get short URL
RSA SecureID electronic keys (Reuters / Michael Caronna)RSA SecureID electronic keys (Reuters / Michael Caronna)


The National Security Agency arranged a clandestine US$10 million contract with computer security power RSA that allowed the spy agency to embed encryption software it could use to infiltrate the company’s widely used products, Reuters reported.

Revelations provided by former NSA contractor Edward Snowden and first reported in September showed that the NSA created and perpetuated a corruptible formula that was ultimately a “back door” into encryption products.

Reuters later reported RSA became the lead distributor of the formula, installing it into a software tool known as BSAFE that is widely used to boost security in personal computers and other products.

Unknown then was the $10 million deal that set the NSA’s formula as the default method for the security measure - in which random numbers are generated on a key for access to a product - in BSAFE, according to Reuters’ sources. Though the sum of money for the deal seems low, it represented over a third of revenue the relevant division at RSA had made the previous year, according to security filings.

RSA was previously known for its crusading fights to protect computer security and privacy in the face of government interests, as it played a major role in blocking an effort by the NSA in the 1990s to require a special chip that would have enabled surveillance on many computer and communication products.

Following the September disclosure, RSA, now a subsidiary of computer storage company EMC Corp, privately warned thousands of its customers to immediately discontinue using all versions of company's BSAFE toolkit and Data Protection Manager (DPM), both using Dual_EC_DRNG (Dual Elliptic Curve Deterministic Random Bit Generator) encryption algorithm to protect sensitive data.

RSA and EMC would not comment to Reuters about the alleged deal, but RSA said in a statement:

"RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products. Decisions about the features and functionality of RSA products are our own."

The NSA declined to comment.



Most of the dozen current and former RSA employees interviewed by Reuters cited the company’s move away from strictly providing cryptography products as a reason the ill-advised deal was made. Though several also said government officials deceived RSA by portraying the corrupt formula as secure.

"They did not show their true hand," said one source that knew of the NSA deal.

RSA’s advocacy for security
RSA’s history as pioneers of trusted cryptography goes back to the 1970s. Their encryption tools have been licensed by many major technology companies, which have used RSA products to secure hundreds of millions of personal computers around the world. Their core technology - public key cryptography - uses two keys rather than one to publicly encode messages, then privately reveal them.

Even in the earliest days of RSA’s existence, it quarreled with US intelligence entities that worried the dual-key format would block government access. As RSA’s products became more widespread, the contention rose. In the 1990s, the Clinton administration pushed the Clipper Chip, a mandatory piece of hardware in phones and computers that would have enabled officials to supersede encryption without a warrant. RSA led a campaign to block the Clipper Chip, arguing products so easily surveilled would cripple overseas sales of US tech products.

The White House then moved to advocating stronger export controls to keep top cryptography in the US, yet RSA again persuaded the industry to oppose the effort. The export restrictions were eventually discarded.

A new era
But the attacks of September 11, 2001, flipped some of the power dynamics. In addition, many top engineers of the old fights against the government left the company, and BSAFE was becoming an increasingly smaller share of the company’s revenue.

"When I joined there were 10 people in the labs, and we were fighting the NSA," said Victor Chan, an top RSA engineer before he left in 2005. "It became a very different company later on."

By 2006, RSA was considered a prime government partner in the fight against overseas hackers.

New RSA Chief Executive Art Coviello, who declined an interview request with Reuters, signed on to adopt an algorithm called Dual Elliptic Curve - designed by the NSA - even before the formula was approved for government use. RSA’s use of the algorithm actually helped the NSA win approval with the National Institutes of Standards and Technology, which oversees government tech product usage.

RSA’s contract made Dual Elliptic Curve the default formula for producing random numbers in the company’s encryption tools. Former employees said given company business leaders approved the deal rather than technologists, no alarms were raised.

"The labs group had played a very intricate role at BSAFE, and they were basically gone," said labs veteran Michael Wenocur, who left RSA in 1999.

Though it privately urged customers to stop using the Dual Elliptic Curve following the September revelations, RSA has been publicly quiet about its relationship with the NSA.

The RSA deal again implicates a key strategy the NSA employs for enhanced surveillance, as shown by Snowden’s leaked documents: the weakening of security tools as a result of the agency’s “commercial relationships” with security and tech companies.

A review board established by the White House to investigate the NSA’s controversial surveillance operations said this week it believes the NSA should make changes to spying protocol, including measures that have usurped cryptography.

Among the recommendations, the panel called for the US government to "fully support and not undermine efforts to create encryption standards," and "not in any way subvert, undermine, weaken or make vulnerable generally available commercial software."

The lead reporter for last night's pro-NSA '60 Minutes' episode was secretly negotiating a "99.44% done deal" to be hired as a senior intelligence official at the same time.

December 16, 2013

By Richard Johnson

Via: http://12160.info/page/the-lead-reporter-for-last-night-s-pro-nsa-60-minutes-episode-was

CBS newsman John Miller is negotiating his exit as a senior correspondent to join his old friend Bill Bratton back at the Police Department, a reliable source tells me.

Miller has twice left the news business to serve under Bratton, first in the NYPD and later during the veteran top cop’s stint as commissioner of the Los Angeles Police Department.

In the past two years, Miller has been a prominent presence discussing national security and crime on “CBS This Morning” and on the “CBS Evening News with Scott Pelley.”

“John has been doing great on television,” commented a close friend, “but at heart, he’s a ‘buff.’

“He wants the badge, the gun and the adrenaline — to be in the center of the action.”

Miller is expected to land a top intelligence or counterterrorism role with Bratton.

“As of this minute, it’s a 99.44 percent done deal,” says my source of the likelihood Miller will bolt CBS for Bratton II.

A CBS News spokesman declined comment.

The veteran newsman had been rumored for a top post under Bratton even before Mayor-elect Bill de Blasio officially gave Bratton the NYPD commissioner job.

Miller has long worked both sides of the yellow tape.

He left NBC in 1994, after two decades in journalism, to take a post as Bratton’s deputy commissioner for public information during the Giuliani administration.

He resigned that gig a year later, after feuding with Giuliani, who wanted him to reorganize the public-information staff — a directive Miller refused to follow.

He landed back at ABC in 1995, working as a correspondent and co-anchor to Barbara Walters on “20/20.’’

In January 2003, he was summoned again by Bratton and headed the LAPD’s counterterrorism and criminal intelligence units.

While there, Miller launched the Automated Critical Asset Management System, a terror-target risk-assessment program that’s now used by several other states.

In LA, Miller enrolled in the police academy, attending part-time. After seven months, he was sworn in by his buddy Bratton.

“It was the proudest day of his life,” Bratton recently told Men’s Journal.

By 2005, Miller had left the LAPD for a job with the FBI and Office of the Director of National Intelligence.

In 2011, CBS lured him back to television.

Federal Judge: NSA phone program likely unconstitutional

The NSA headquarters are pictured. | AP Photo

Judge: NSA phone program likely unconstitutional
http://www.politico.com/story/2013/12/national-security-agency-phones-judge-101203.html?hp=l2

The ruling is the first significant legal setback for the NSA’s surveillance program. 

By JOSH GERSTEIN | 12/16/13 1:36 PM EST
A federal judge ruled Monday that the National Security Agency program which collects information on nearly all telephone calls made to, from or within the United States is likely to be unconstitutional.

U.S. District Court Judge Richard Leon found that the program appears to run afoul of the Fourth Amendment prohibition on unreasonable searches and seizures. He also said the Justice Department had failed to demonstrate that collecting the so-called metadata had helped to head off terrorist attacks.

Acting on a lawsuit brought by conservative legal activist Larry Klayman, Leon issued a preliminary injunction barring the NSA from collecting metadata pertaining to the Verizon accounts of Klayman and one of his clients. However, the judge stayed the order to allow for an appeal.

(Also on POLITICO: NSA probe: Snowden can still do damage)

“Plaintiffs have a very significant expectation of privacy in an aggregated collection of their telephone metadata covering the last five years, and the NSA’s Bulk Telephony Metadata Program significantly intrudes on that expectation,” wrote Leon, an appointee of President George W. Bush. “I have significant doubts about the efficacy of the metadata collection program as a means of conducting time-sensitive investigations in cases involving imminent threats of terrorism.”

“I cannot imagine a more ‘indiscriminate’ and ‘arbitrary invasion’ than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying it and analyzing it without judicial approval,” Leon added.

Leon’s ruling is the first significant legal setback for the NSA’s surveillance program since it was disclosed in June in news stories based on leaks from former NSA contractor Edward Snowden. The metadata program has been approved repeatedly by numerous judges on the Foreign Intelligence Surveillance Court and at least one judge sitting in a criminal case.

(WATCH: Boehner says Edward Snowden is a ‘traitor’)

Similar lawsuits challenging the program are pending in at least three other federal courts around the country.

World's leading authors: state surveillance of personal data is theft

Clockwise from top left, eight of the people who have signed
 the petition: Hanif Kureishi, Björk, Arundhati Roy, Don DeLillo,
 Ian McEwan, Tom Stoppard, Margaret Atwood and Martin Amis

World's leading authors: state surveillance of personal data is theft
• 500 signatories include five Nobel prize winners
• Writers demand 'digital bill of rights' to curb abuses

Matthew Taylor and Nick Hopkins
The Guardian, Tuesday 10 December 2013

More than 500 of the world's leading authors, including five Nobel prize winners, have condemned the scale of state surveillance revealed by the whistleblower Edward Snowden and warned that spy agencies are undermining democracy and must be curbed by a new international charter.

The signatories, who come from 81 different countries and include Margaret Atwood, Don DeLillo, Orhan Pamuk, Günter Grass and Arundhati Roy, say the capacity of intelligence agencies to spy on millions of people's digital communications is turning everyone into potential suspects, with worrying implications for the way societies work.

They have urged the United Nations to create an international bill of digital rights that would enshrine the protection of civil rights in the internet age.

Their call comes a day after the heads of the world's leading technology companies demanded sweeping changes to surveillance laws to help preserve the public's trust in the internet – reflecting the growing global momentum for a proper review of mass snooping capabilities in countries such as the US and UK, which have been the pioneers in the field.

The open letter to the US president, Barack Obama, from firms including Apple, Google, Microsoft and Facebook, will be followed by the petition, which has drawn together a remarkable list of the world's most respected and widely-read authors, who have accused states of systematically abusing their powers by conducting intrusive mass surveillance.


Julian Barnes, Martin Amis, Ian McEwan, Irvine Welsh, Hari Kunzru, Jeanette Winterson and Kazuo Ishiguro are among the British authors on the list.

It also includes JM Coetzee, Yann Martel, Ariel Dorfman, Amit Chaudhuri, Roddy Doyle, Amos Oz, David Grossman, and the Russian Mikhail Shishkin.

Henning Mankell, Lionel Shriver, Hanif Kureishi and the antipodean writers CK Stead, Thomas Keneally and Anna Funder are other globally renowned signatories.

The Guardian has published a series of stories about the mass surveillance techniques of GCHQ and its US counterpart, the NSA, over the past six months; two of the most significant programmes uncovered in the Snowden files were Prism, run by the NSA, and Tempora, which was set up by GCHQ. Between them, they allow the agencies to harvest, store and analyse data about millions of phone calls, emails and search-engine queries.

Though Tuesday's statement does not mention these programmes by name, it says the extent of surveillance revealed by Snowden has challenged and undermined the right of all humans to "remain unobserved and unmolested" in their thoughts, personal environments and communications. "This fundamental human right has been rendered null and void through abuse of technological developments by states and corporations for mass surveillance purposes," the statement adds.

"A person under surveillance is no longer free; a society under surveillance is no longer a democracy. To maintain any validity, our democratic rights must apply in virtual as in real space."

Demanding the right "for all people to determine to what extent their personal data may be legally collected, stored and processed", the writers call for a digital rights convention that states will sign up to and adhere to. "Surveillance is theft. This data is not public property, it belongs to us. When it is used to predict our behaviour, we are robbed of something else – the principle of free will crucial to democratic liberty."

McEwan told the Guardian: "Where Leviathan can, it will. The state, by its nature, always prefers security to liberty. Lately, technology has offered it means it can't resist, means of mass surveillance that Orwell would have been amazed by. The process is inexorable – unless it's resisted. Obviously, we need protection from terrorism, but not at any cost."

The intervention comes after the Guardian and some of the world's other major media organisations, including the New York Times, the Washington Post and Der Spiegel, began disclosing details of the extent and reach of secret surveillance programmes run by Britain's eavesdropping centre, GCHQ, and the National Security Agency.

The revelations have sparked a huge debate on the legal framework and oversight governing western spy agencies. Obama has launched a review of US intelligence operations, and earlier this month the UN's senior counter-terrorism official, Ben Emmerson, announced an investigation into the techniques used by both US and British intelligence agencies.

Civil liberties groups have criticised the UK government for putting intense political pressure on the Guardian and other media groups covering the leaks rather than addressing the implications of the mass surveillance programmes that have been uncovered. But campaigners hope Tuesday's statement will increase the pressure on governments to address the implications of the Snowden revelations.

"International moral pressure is what's needed to ensure politicians address the mass invasion of our privacy by the intelligence services in the UK and US," said Jo Glanville, from English Pen, which along with its sister organisations around the world has supported the Writers Against Mass Surveillance campaign. "The signatories to the appeal are a measure of the level of outrage and concern."

Tuesday's statement is being launched simultaneously in 27 countries, and organisers hope members of the public will now sign up through the change.org website.

Eva Menasse, one of the small group of international writers who initiated the project, said it began with an open letter from a group of authors to the German chancellor, Angela Merkel, when the first Snowden revelations came to light. "When we started, we did not know how far we would get. But more and more colleagues joined us and within the last weeks we were sitting at our computers day and night, using our networks as more people came forward. This started as an entirely private initiative, but now has worldwide support."

Another author who helped set up the campaign, Juli Zeh, said writers around the world had felt compelled to act: "We all have to stand up now, and we as writers do what we can do best: use the written word to intervene publicly."

Winterson told the Guardian she regarded Snowden as a "brave and selfless human being"."We should be supporting him in trying to determine the extent of the state in our lives. We have had no debate, no vote, no say, hardly any information about how our data is used and for what purpose. Our mobile phones have become tracking devices. Social networking is data profiling. We can't shop, spend, browse, email, without being monitored. We might as well be tagged prisoners. Privacy is an illusion. Do you mind about that? I do."