nsa
Latest
Microsoft is patching a major Windows 10 flaw discovered by the NSA (updated)
The IT world was waiting on pins and needles today for a high-profile Microsoft Windows 10 security patch, and now we know why. The US National Security Agency (NSA) acknowledged it has discovered a serious flaw in Windows 10 that could expose users to surveillance or serious data breaches, as reported initially by the Washington Post. That was backed by Krebs on Security, which reported that the NSA confirmed that it did find a major vulnerability that it passed on to Microsoft.
Court says data swept up by the NSA is protected by the Fourth Amendment
An appeals court may have just shaped how the US treats the NSA's bulk data collection. The Second Circuit Court of Appeals has ruled that American communications scooped up under the Foreign Intelligence Surveillance Act's Section 702 and PRISM is protected by Fourth Amendment rights baring unreasonable searches and seizures. Judges found that the "vast majority" of the evidence collected in a terrorism case against Agron Hasbajrami was permissible under the Fourth Amendment, but that the querying that data "could violate" the amendment -- and thus that it was fair to challenge the data use on constitutional grounds. It also believed that the accidental collection of Americans' data raised "novel constitutional questions" that could be answered later.
The NSA says it stopped tracking cellphone locations without a warrant
Last year the Supreme Court ruled, in a 5-4 decision, that a search warrant is required for law enforcement to perform cellphone tower searches to track someone's location. The Daily Beast reported on a letter sent by the Office of the Director of National Intelligence (ODNI) to Senator Ron Wyden affirming that ever since that Carpenter decision, the "Intelligence community" has not sought cell-site location data or GPS records without a warrant. It had been doing that, claiming authority under the Title V of the Foreign Intelligence Surveillance Act (FISA) / Section 215 of the Patriot Act. However Section 215 of the Patriot Act is set to expire next month, and in the letter (PDF), the assistant director writing it never confirms that the Supreme Court decision means they couldn't, or wouldn't, do it in the future.
The US is suing Edward Snowden over his memoir
The United States is suing whistleblower Edward Snowden over his memoir, Permanent Record. It claims the former Central Intelligence Agency employee and National Security Agency contractor violated non-disclosure agreements with both agencies because he didn't submit the book to them for review before publication.
NSA contractor sentenced to nine years over theft of classified info
In 2016, federal agents arrested NSA contractor Harold Martin for stealing up to 50TB of classified information, and reports claimed that included offensive hacking technology designed to break into foreign computer networks. Sources for the data he took included the NSA, CIA and US Cyber Command over two decades between 1996 and 2016. On Friday, U.S. District Judge Richard Bennett sentenced Martin to nine years in prison for the offense -- per his plea agreement, even as each of the twenty charges against him could have carried up to a 10 year sentence -- and while that has ended the case, it didn't answer all the questions. Around that same time, the "Shadow Brokers" started leaking classified NSA hacking tools online, tools that included exploits later used by malware like NotPetya and WannaCry. According to CyberScoop, the judge noted a suspicious Twitter message linked to an account Martin supposedly operated that went out hours before the leaks, and the government declined to comment further. Prosecutors told the judge they never found proof he shared the documents from anyone, and speculation about how the group got its classified information is still unconfirmed. As for Martin, his sentence includes credit for three years already served, as well as three years of supervised release.
NSA improperly collected even more call records than we thought
According to documents obtained by the ACLU, the NSA's problem of collecting unauthorized American phone call data is worse than we first thought. Last May, the NSA deleted more than 600 million call records that it collected in error. The agency claimed that telecoms shared information on calls unrelated to NSA targets, and in doing so, violated federal laws. To be safe, the NSA dumped a massive amount of call records and said it had gotten to the "root cause" of the problem. But a report released by the ACLU, states that just a few months later, the NSA once again obtained information about Americans' phone calls that it was not authorized to collect under Section 215 of the Patriot Act.
Ransomware attacks in US cities are using a stolen NSA tool
The ransomware attacks in Baltimore and other US cities appear to have a common thread: they're using NSA tools on the agency's home soil. In-the-know security experts talking to the New York Times said the malware in the cyberattacks is using the NSA's stolen EternalBlue as a "key component," much like WannaCry and NotPetya. While the full list of affected cities isn't available, San Antonio and the Pennsylvania city of Allentown have reportedly been victims of EternalBlue-based campaigns.
Warrantless searches of Americans’ data spiked 28 percent in 2018
An annual transparency report published by the Office of the Director of National Intelligence shows warrantless searches of Americans' data jumped 28 percent in 2018. According to the report, the National Security Agency (NSA) conducted 9,637 warrantless search queries of Americans' calls, texts, and emails in 2018. That's up from 7,512 searches in 2017, and it's more than double the 4,672 warrantless searches the NSA made in 2015.
FBI, DHS task forces to address election security are now permanent
In response to questions after a speech Friday in front of the Council on Foreign Relations, FBI director Christopher Wray called Russian efforts using social media to influence elections in the US "pretty much a 365-days-a-year" threat. According to the New York Times, an unnamed senior official said that a Foreign Influence Task Force at the agency that had been formed temporarily ahead of the midterm elections in response to the threat is now permanent, and that nearly 40 agents and analysts had been moved into it. It also reported the midterm election task force at the Department of Homeland Security is now permanent, and the same goes for a joint task force formed by the National Security Agency and US Cyber Command. One of the possibilities they described preparing for is that an influence campaign could try to raise questions about irregularities or possible fraud in results -- items the president has already claimed are problems but blaming very different sources. While those operations were apparently at "full speed" in the 2018 cycle, Wray called that a "dress rehearsal" for 2020.
The NSA says it's time to drop its massive phone-surveillance program
The National Security Agency (NSA) has formally recommended that the White House drop the phone surveillance program that collects information about millions of US phone calls and text messages. The Wall Street Journal reports that people familiar with the matter say the logistical and legal burdens of maintaining the program outweigh any intelligence benefits it brings.
US could soon end mass phone surveillance program exposed by Snowden
The US government might put an end to the controversial NSA phone surveillance program Edward Snowden exposed by the end of 2019. Republican congressional national security adviser Luke Murry revealed during a Lawfare podcast that Congress might not renew the USA Freedom Act, which authorizes the agency's call data bulk collection, when it expires later this year. He also said that the NSA hasn't even been using the system for the past six months, putting into question the agency's previous claim that data collection is vital to national security.
NSA will release a free tool for reverse engineering malware
The NSA has frequently been accused of holding on to info that could potentially improve security, but this time it's being a little less secretive. The agency is planning to release a free reverse engineering tool, GHIDRA, in tandem with the RSA Conference on March 5th. The software dissects binaries for Android, iOS, macOS and Windows, turning them into assembly code that can help analyze malware or pinpoint questionable activity in otherwise innocent-looking software.
NSA official: China is preparing for possible high-profile hacks
NSA official Rob Joyce told guests at a Wall Street Journal security conference that hacking-related Chinese activity had been climbing in recent months. He was concerned the country was "prepositioning" itself to attack "critical infrastructure" such as energy, health care, finance and transportation. China's hacking as of late has revolved around spying and swiping trade secrets, so this would be out of the norm.
Former NSA staffer will go to prison for taking top secret documents home
A former NSA employee with links to the Kaspersky saga has been sentenced to five-and-a-half years in prison for illegally taking classified information from the spy agency. Nghia Hoang Pho -- a 68-year-old naturalised US citizen from Vietnam who worked in the NSA's elite hacking unit -- had been amassing "troves" of data at his home between 2010 and March 2015, when he was caught, said the Department of Justice (DOJ). After pleading guilty last December, a judge today handed down his sentence, including three years of supervised release after his prison stint.
NSA leaker Reality Winner sentenced to 5 years in prison
Reality Winner, the whistleblower who leaked NSA election hacking data, pled guilty back in June to a single count of transmitting national defense information. Today, she was sentenced to 63 months in prison, which prosecutors called the longest sentence imposed for a federal crime related to unauthorized disclosure of classified info to the media.
Uber hires former NSA counsel as new security head
Uber has hired a new chief security officer, the New York Times reports, filling the role that has remained vacant since Joe Sullivan was fired last year. Sullivan was fired for his role in covering up a data breach that exposed the personal info of around 57 million Uber customers and drivers. Instead of reporting the breach, Uber paid the hackers that stole the information $100,000 to delete the data. Matt Olsen, former general counsel of the National Security Agency and former director of the National Counterterrorism Center, stepped in to help the company structure its security processes following the disclosure and he has now been named as its new chief security officer.
NSA has yet to fix security holes that helped Snowden leaks
Edward Snowden's success in leaking NSA data was chalked up in part to the agency's own security lapses, so you'd think that the agency would have tightened up its procedures in the past five years... right? Apparently not. The NSA Inspector General's office has published an audit indicating that many of the Snowden-era digital security policies still haven't been addressed, at least as of the end of March 2018. It hasn't correctly implemented two-person access controls for data centers and similar rooms, doesn't properly check job duties and has computer security plans that are either unfinished or inaccurate.
NSA leader creates task force to fight Russian cyberattacks
The President might have claimed that Russia stopped hacking the US, but intelligence officials know otherwise -- and they're stepping up their fight against the ongoing threat. Recently installed NSA and Cyber Command chief Paul Nakasone has created a dedicated task force (the Russia Small Group) to tackle online threats from Putin's regime. While he wasn't specific about what the group would do, he said it was "in line" with what intelligence agencies have been doing ever since the 2016 presidential election. In short: they're devoting extra energy to preventing a repeat of the widespread hacking from two years ago.
NSA deletes hundreds of millions of call records over privacy violations
The NSA unfortunately has a long history of violating privacy rules, although this time the agency might not be entirely to blame. The NSA is deleting hundreds of millions of call and text message data records (collected since 2015) after learning of "technical irregularities" that led to receiving records it wasn't supposed to obtain under the USA Freedom Act. General counsel Glenn Gerstell told the New York Times in an interview that "one or more" unnamed telecoms had responded to data requests for targets by sending logs that included not just the relevant data, but records for people who hadn't been in contact with the targets. As it was "infeasible" to comb through all the data and find just the authorized data, the NSA decided to wipe everything.
Reality Winner pleads guilty to leaking NSA election hacking data
Reality Winner was expected to plead guilty to leaking NSA data, and she's done just that. The whistleblower has officially pleaded guilty to a charge of unlawful retention and dissemination of national defense information. Sentencing will have to wait, but the felony carries a maximum penalty of 63 months (5.25 years) with up to three years of supervised release.