espionage
Latest
Russia used a cybercriminal's botnet for a spying campaign
It's no secret that the lines between state-sponsored hacking and cybercrime are fuzzy. After all, relying on professional crooks offers plausible deniability if the intruders are ever caught. However, it's now apparent that those lines sometimes disappear altogether. The New York Times reports that Russian intelligence 'piggybacked' on criminal hacker Evgeniy Bogachev's now-defunct botnet, GameOver ZeuS, to conduct spying campaigns in the US and abroad. Between 2011 and 2014, infected computers were asked to search for documents that clearly reflected Russian political interests, including US support for Syrian rebels, Ukrainian operations and English searches for "top secret" and "Department of Defense." Those last queries suggest that there were at least some American government or contractor systems that had been compromised, and they're definitely not what you'd expect from an outfit siphoning bank accounts.
'SpyParty' finally looks like a real video game
Yes, after nearly 10 years, SpyParty is still in development. It's an underground kind of independent, competitive game where one player is a spy attempting to complete discreet tasks at a fancy party, and another player is positioned outside, observing the scene through the scope of a sniper rifle. The spy attempts to blend in with a room full of AI-powered partygoers while the sniper tries to figure out which one is actually human (and then shoot that character, of course). And soon, it will all be much, much prettier. Creator Chris Hecker, artist John Cimino and newly hired environment artist Reika Yoshino today revealed five new characters, a professional-looking UI and an updated version of SpyParty's largest map, Veranda. The update isn't live yet, but it's coming in hot and should be available in the game's paid beta late tonight.
US catches spies shipping military tech to Russia
We got some good things out of the Cold War, like James Bond and John le Carré, but overall it was a pretty miserable period in history. That's why it's so disappointing to see Russia trying to bring us back to those dark with its latest attempt at ham-fisted espionage. The Department of Justice has announced that an American and two Russians have been arrested on suspicion of running a scheme to swipe military technology. According to a statement, the trio posed as a US electronics startup in order to buy integrated circuits for weapons.
US, China have an 'understanding' to fight cyber economic espionage
Ahead of a state dinner in Washington D.C. attended by a number of notable tech CEOs (Tim Cook, Mark Zuckerberg and Satya Nadella, to name a few), President Obama and Chinese President Xi Jinping announced an unprecedented agreement on the topic of hacking. After a number of recent hacks on commercial and government targets in the US were blamed on Chinese hackers it was expected the two might try to reach a deal, and according to Obama, they now have an understanding.
France evicted from moral high ground over spying revelations
France has joined the US and UK on an ignoble list of countries intercepting international communications, according to a report from L'Observateur. The news follows a Wikileaks article detailing how the NSA recorded highly sensitive calls placed by three different French Presidents. The paper noted that since France was allegedly doing something similar, it may explain why President Francois Hollande had a muted response to the earlier revelation, calling it merely "unacceptable." Meanwhile, it's getting hard to keep track of who's spying on who without a cheat sheet -- not even counting spying done by nations on their own citizens.
China says 'absurd logic' is behind US hacking accusations
China isn't taking accusations that it's connected to the recent hack of US government employee data lying down. "We have noticed that the US is still investigating, but feels that China is responsible," Chinese foreign ministry spokesman Lu Kang said at a recent general briefing. "This is absurd logic." This wouldn't be the first time the US has pointed the finger at China -- it was also suspected to be behind last year's major USPS hack, among many other instances over the years. The most recent hack leaked information for more than four million federal employees, including incredibly detailed data from background checks. While that attack is still being investigated, the American government has said that it'll be making online records more secure. China, for its part, says it's also facing regular cyberattacks from the US. Meanwhile, the two frenemies are also trying to work together to take on cybercriminals. [Photo credit: Jewel Samad/AFP/Getty Images]
Iran bans some officials from using smartphones over spying jitters
As you might gather, Iran is more than a little nervous about people bringing the wrong devices into high-security locations -- the last time that happened, its nuclear program went down the tubes. It's no surprise, then, that the country just said it will ban officials from using smartphones for work if they have access to classified info. Brigadier General Gholamreza Jalali claims that these handsets are a perfect cocktail of security risks. They often back up their data to the cloud, he argues, and it's at once easy to access that data yet hard to remove it. The move is bound to be a big hassle for staffers who'll only have basic cellphones while at work, but the Iranian government will likely consider it a worthwhile sacrifice if it prevents other nations from spying on its political maneuvers. [Image credit: AP Photo/Vahid Salemi]
Retro-futuristic stealth game 'Invisible, Inc.' hits Steam in May
Step back in time -- to the future! Invisible, Inc. is a tactical espionage game set in a futuristic, corporate-controlled world where hacking is as cool as 1950s-style fedoras and trench coats. It launches on Steam for PC, Mac and Linux on May 12th, Klei Entertainment announced in a shiny new trailer today. Klei is the studio behind excellently quirky games like Don't Starve and Mark of the Ninja, meaning Invisible, Inc. is on track to be a superb experience. An in-progress version of the game has been available via Steam Early Access since last year, but now the full thing will be up for grabs, no bug reporting required. It's also headed to PlayStation 4, though that release date is still up in the air. Get a taste of Invisible, Inc.'s stylish, stealthy exploits in the new trailer below.
China's 'Great Cannon' shoots down websites it doesn't like
According to a new report from Citizen Lab, China has not only built itself a "Great Cannon" but has already fired it as well. This potent online weapon seems to be capable of intercepting internet traffic at the national level then directing it at specific networks to knock them offline. China's already widely suspected of being behind the recent attack against Github, which was overloaded for nearly a week via "an ongoing and evolving large DDOS attack." Now it appears that Github's attackers used the Cannon to redirect that traffic from Chinese search engine giant Baidu to cripple the website. All reportedly because the San Francisco-based website hosted a pair of pages that link to content banned in China.
Russia might have hacked the White House
Russia's military overtures haven't been limited to its recent arctic war games. Cyber operatives reportedly working for Russia have already compromised an unsecured State Department computer system. Now US officials have admitted that the White House's network has been hit as well. While the affected White House's computers were part of an non-classified network serving the executive office, the attackers were still able to access sensitive information like the president's real-time daily schedule. Even more disturbing, a CNN report suggests that the hackers used an account on the State Department network to phish their way into the White House.
Apple lets China examine iOS code to assuage spying fears
China spent the bulk of 2014 throwing shade at American technology companies, saying that the NSA was using Windows 8, IBM servers and iPhones for espionage. It appears that Tim Cook is bored of the abuse, and is prepared to let the country's security experts poke inside iOS to prove Apple's gear is secure. According to the Beijing News, Chinese officials met with the CEO in December to reach a deal which will allow the State Council Information Office check for backdoors.
North Korea treats its state-sponsored hackers like royalty
There's still a dispute as to whether or not North Korean hackers broke into Sony Pictures' network, but one thing is clear: the country spoils its cyberwarriors rotten. A defector tells Reuters that Bureau 121, the spy division responsible for at least some state-sponsored internet attacks, gives hackers "very strong" financial incentives. They get giant apartments in posher parts of town, and they're relatively wealthy; one Bureau member could pay to move his entire rural family to the capital if he wanted. Many North Koreans see one of these jobs as an honor.
Sophisticated malware has been spying on computers since 2008 (updated)
Highly sophisticated malware isn't limited to relatively high-profile sabotage code like Stuxnet -- sometimes, it's designed to fly well under the radar. Symantec has discovered Regin, a very complex trojan that has been spying on everyone from governments to individuals since at least 2008. The malware is highly modular, letting its users customize their attacks depending on whether they need to remote control a system, get screenshots or watch network traffic. More importantly, it's uncannily good at covering its tracks. Regin is encrypted in multiple stages, making it hard to know what's happening unless you capture every stage; it even has tools to fight forensics, and it can use alternative encryption in a pinch. Researchers at Symantec suspect that the trojan is a government-created surveillance tool, since it likely took "months, if not years" to create.
New exhibit showcases art in the digital surveillance era
It's safe to say that surveillance technology had a profound effect on American culture, even before Edward Snowden's leaks arrived -- there's a sense that you can never really escape the government's eye. If you've ever shared that feeling, you'll be glad to hear that there's finally an art exhibition devoted to exploring high-tech monitoring. The Scottsdale Museum of Contemporary Art's newly opened Covert Operations is full of projects that not only protest data collection, but sometimes use it to drive their points home. Jenny Holzer's Ribs (above) streams real US government documents on its LED displays. Hasan Elahi's Tracking Transience, meanwhile, uses selections from an online collection of 70,000-plus photos and location info as a sort of challenge; he wants you to mimic an FBI agent trying to piece together his life. If you're interested in seeing any of these projects first-hand, you'll want to swing by the Arizona-based museum no later than January 11th. [Image credit: Richard-Max Tremblay / Jenny Holzer]
Germany accidentally spied on phone calls from Hillary Clinton and John Kerry
Germany may be upset with the US over its eagerness to spy on national leaders (and seemingly everyone else), but it turns out that Germany itself isn't completely above reproach. Der Spiegel has revealed that the country's BND intelligence agency accidentally scooped up calls from US Secretaries of State Hillary Clinton (in 2012) and John Kerry (in 2013) while spying on Middle Eastern terrorist targets. The German agents reportedly destroyed the intercepted calls as soon as they realized what they had, but they also kept the discovery hush-hush.
Chinese government drops foreign security software (update: with limits)
China's government isn't just giving the boot to foreign operating systems; it's doing the same for security software, too. A national procurement agency has dropped Kaspersky and Symantec from its antivirus supplier list, leaving only Chinese companies as options. It's not clear that the move is directly linked to the country's concerns about foreign software being used for espionage. Kaspersky tells Reuters that it's in "conversations with authorities" about the move, but there isn't an official statement on the subject just yet. It wouldn't be shocking if there was a connection, however, since security tools are at the very heart of China's fears. The real surprise is the nature of the targets -- while many would expect China to distrust an American outfit like Symantec, it may be treating a Russian developer (Kaspersky) with a similar level of suspicion. Update: Symantec says the list only applies to "certain types of procurement," and that it's not an out-and-out ban. Still, the company is looking into the report -- and any significant contract losses still represent significant problems.
US claims Chinese exec used hackers to steal warplane data
The US isn't done throwing the book at alleged Chinese industrial spies. The Department of Justice has charged a Chinese executive living in Canada, Su Bin, with stealing sensitive info for Boeing and Lockheed Martin warplanes like the C-17 cargo hauler and F-22 fighter. Reportedly, Su partnered with two people to hack into the aircraft makers' networks and either pass along or sell any secrets to interested parties in China. Unlike other targets of the DOJ's wrath, though, it appears that Su was more concerned about profit than helping any government intelligence efforts. While he was handing over data to state-owned aviation firms, he complained of "stingy" buyers and was willing to take a long time to hash out a deal -- not exactly the hallmarks of a government-backed spy.
Most of the NSA's intercepted messages involve ordinary people
It's no secret that the NSA's surveillance efforts reach far and wide. However, we now know which sort of people get caught in that dragnet -- and most of them, it turns out, are very ordinary. About 90 percent of users in a cache of Intercepted messages (leaked by Edward Snowden to the Washington Post) were innocents who either talked to suspects or simply happened to be in the wrong chat room at the wrong time. Some of the information is very personal, too, ranging from kids' school records to couples' love affairs.
US considers blocking Chinese nationals from hacking conferences
Following its decision to charge five Chinese officials for allegedly stealing trade secrets, the US is apparently ready to take further action. Reuters reports that the US government may impose visa restrictions on Chinese computer experts, stopping them from attending the high-profile Def Con and Black Hat hacking conferences in August. Black Hat currently has three Chinese speakers lined up to present, while Def Con has none on its roster. The move is said to be part of a "broader effort to curb Chinese cyber espionage," after cybercriminals were said to have infiltrated six American private-sector companies to help give Chinese state-owned firms a competitive advantage. Organizers of both events, which include Def Con and Black Hat founder Jeff Moss, were unaware of the government's plans, but Moss did note on Twitter that such actions would not help build a "positive community." While an official block has yet to be imposed, stopping Chinese nationals already in the country from attending could prove difficult -- Def Con's privacy-conscious setup requires attendees to pay using only cash and they never have to share their name.
NSA may have spied on 122 foreign leaders
We've known for a while that the NSA has spied on German Chancellor Angela Merkel and other international leaders, but it now looks like that surveillance was just the tip of the iceberg. Der Spiegel and The Intercept have published an Edward Snowden leak revealing that the NSA snooped on as many as 122 foreign heads of state in 2009, ranging from Merkel to Ukranian Prime Minister Yulia Tymoshenko. A custom search system, Nymrod, helped the US agency both locate transcripts of those leaders' communications as well as secret reports. The National Security Council tells The Intercept that President Obama's administration hasn't tracked Merkel and doesn't plan to start, but it also didn't deny that the German leader had once been under close watch.
