Snowden Continues to Expose Allied Cyber Tactics

Russian Espionage

NSA whistleblower and Putin poster boy Edward Snowden apparently released yet another document, this one exposing UK cyber spying techniques allegedly used by the GCHQ.

The document, according to The Intercept lists multiple tools that the UK intelligence agency used to spy on social media accounts, interrupt or modify communication and even modify online polls.

Tools like:

  • UNDERPASS – Change outcome of online polls
  • SILVERLORD – Disruption of video-based websites hosting extremist content
  • ANGRY PIRATE – Permanently disables a target’s account on a computer
  • PREDATORS FACE – Targeted Denial Of Service against Web Servers
  • And several others.

The release again leaves me scratching my head.

From ancient times countries spied on each other, even their allies. Only the most naive would assume this practice has magically stopped in the online age. I do love how shocked governments appeared in the media when they found out that the NSA was snooping on them, what a joke.

And in this case, several of these tools listed sound like they are more geared towards fighting or countering online use of enemy communications possibly by Islamic militants.

One would have to ask, does this release from Snowden make the people of the UK or the US safer from government snooping, or more likely would it tell enemy nations exactly what tools have been and will be used against them?

Again with Snowden one would have to ask, is he a champion of internet privacy or simply just a traitor to the US and her allies, exposing tools and techniques used against foreign nations and in the war on terror?

With Snowden pushing for an extension of his stay in Russia, it would seem the later would be correct.

Advertisements

Coded Chinese Robotic “Spy Numbers Station” Messages on the Increase

“59372 98324 19043 78903 95320…”. The mechanized female voice drones on and on… What have you stumbled on to? Instructions to spies? Messages exchanged between drug dealers? Deliberate attempts at deception and mis-information?”

– http://www.spynumbers.com/index.html

A “Numbers Station” is a shortwave radio transmission that transmits random numbers, letters or words over the airwaves. Several nations have used the technique to pass coded messages beginning all the way back in World War 1.

According to the Defense News Blog “Intercepts“, there has been an increase in Chinese based communication using this technique. And it would seem that they prefer to use a mechanical robotic sounding woman’s voice to send their messages.

All the listener needs is a “One Time Pad” to be able to decode the transmission. It’s a very old technique, but seems to still be effective!

Counterfeit Network Equipment Used to Spy on America?

This week, the FBI released information on “Operation Network Raider“. The FBI arrested 30 people and confiscated over 143 Million dollars of network gear from an international counterfeiting ring. The equipment is made overseas, China being one source, and then sold as “new” product. According to the press release:

Today, as a part of this joint initiative, Ehab Ashoor, 49, a Saudi Citizen who resides in Sugarland, Texas, was sentenced in the Southern District of Texas to 51 months in prison and ordered to pay $119,400 in restitution to Cisco Systems. A federal jury found Ashoor guilty on Jan. 22, 2010, of charges related to his trafficking in counterfeit Cisco products.

According to evidence presented at trial, Ashoor purchased counterfeit Cisco Gigabit Interface Converters (GBICs) from an online vendor in China with the intention of selling them to the U.S. Department of Defense for use by U.S. Marine Corps personnel operating in Iraq.

The computer network for which the GBICs were intended is used by the U.S. Marine Corps to transmit troop movements, relay intelligence and maintain security for a military base west of Fallujah, Iraq. The case was investigated by ICE and the Defense Criminal Investigative Service and was prosecuted by the U.S. Attorney’s Office for the Southern District of Texas.

Several red flags appear when you read this quote from the FBI’s statement.

  • The suspect is from Saudi Arabia
  • He is selling counterfeit equipment made in China
  • The equipment was for the US military in Iraq
  • The devices would be used to communicate troop movement, intelligence and security

China now does a lot of our manufacturing. One would have to ask the question, how hard is it to put a back door into networking equipment when you are manufacturing it? Spying using hardware is nothing new. During the cold war, the US installed cameras inside Xerox machines that were installed at the Russian embassy.

Also, what better way to compromise a network than to infiltrate equipment that has backdoors in it? Cisco recently made news by a security flaw in its built in backdoor called Lawful Intercept. This allows law enforcement to view data on the device without leaving any trace that the device had been monitored. Could the counterfeit equipment have this feature tampered with?

I just find it very disturbing that someone from Saudi Arabia is trying to sell the military counterfeit equipment to be sent into an area of operation. It begs the question, is equipment that has been compromised already placed in military and government locations?

Hamas Releases Cyber-spy Warning, Against Israel?

Just when you think you have heard it all. The BBC reported last week that Hamas issued a cyber warning that Israel is spying on its recruits through social networking sites. Okay, Hamas, classified as a terrorist group by Canada, the European Union, Israel, Japan, and the United States is placing warnings against Israel. That is a new one. Read it for yourself at the BBC.

What is next? Will Iran issue similar warnings against the US? Wow, things are getting wierd in the cyber sphere….

What do you think?