Court Ruling: NSA Unconstitutional

December 17 2013 by admin in Uncategorized |No Comments

U.S. District Judge Richard Leon said the National Security Agency’s bulk collection of phone records violates privacy rights. Based on information provided by Edward Snowden the NSA appears to be committing crimes in its pursuit of criminals.

“I cannot imagine a more ‘indiscriminate’ and ‘arbitrary invasion’ than this systematic and high-tech collection and retention of personal data on virtually every citizen for purposes of querying and analyzing it without prior judicial approval,” said Leon, an appointee of President George W. Bush. “Surely, such a program infringes on ‘that degree of privacy’ that the Founders enshrined in the Fourth Amendment.”

“Today, a secret program authorized by a secret court was, when exposed to the light of day, found to violate Americans’ rights. It is the first of many,” according to Snowden.

“The government does not cite a single case in which analysis of the NSA’s bulk metadata collection actually stopped an imminent terrorist attack,” the Judge wrote.

“Given the limited record before me at this point in the litigation – most notably, the utter lack of evidence that a terrorist attack has ever been prevented because searching the NSA database was faster than other investigative tactics – I have serious doubts about the efficacy of the metadata collection program as a means of conducting time-sensitive investigations in cases involving imminent threats of terrorism.”

“Plaintiffs have a substantial likelihood of showing that their privacy interests outweigh the government’s interest in collecting and analysing bulk telephony metadata and therefore the NSA’s bulk collection program is indeed an unreasonable search under the fourth amendment,”

Reform Government Surveillance

December 9 2013 by admin in Uncategorized |Comments Off

Apple, Facebook, Microdosft, LinkedIn, Twitter and Google are calling for government surveillance reform. Ironically, their website, ReformGovernmentSurveillance.com, is currently not working; nevertheless, the tech giants feel the US government has become to intrusive and costly spying on its own citizens.  The revelations brought forth by Edward Snowdown have made the matter painfully clear.

“We understand that governments have a duty to protect their citizens. But this summer’s revelations highlighted the urgent need to reform government surveillance practices worldwide,” the companies say in the letter to President Obama and members of Congress. “The balance in many countries has tipped too far in favor of the state and away from the rights of the individual rights that are enshrined in our Constitution. This undermines the freedoms we all cherish. It’s time for change.”

“People won’t use technology they don’t trust,” wrote Brad Smith general counsel and executive vice president at Microsoft. “Governments have put this trust at risk, and governments need to help restore it.”

“Reports about government surveillance have shown there is a real need for greater disclosure and new limits on how governments collect information,” said Mark Zuckerberg, the CEO of Facebook. “The U.S. government should take this opportunity to lead this reform effort and make things right.”

Safe Cyber Shopping

December 9 2013 by admin in Uncategorized |Comments Off

The FBI reminds holiday shoppers to beware of cyber criminals who are out to steal money and personal information. Scammers use many techniques to defraud consumers, from phishing e-mails offering too good to be true deals on brand-name merchandise to offering quick cash to victims who will re-ship packages to additional destinations. Previously reported scams are still being executed today.

While monitoring credit reports on an annual basis and reviewing account statements each month is always a good idea, consumers should keep a particularly watchful eye on their personal credit information at this time of year. Scrutinizing credit card bills for any fraudulent activity can help to minimize victims’ losses. Unrecognizable charges listed on a credit card statement are often the first time consumers realize their personally identifiable information has been stolen.

Bank transactions and correspondence from financial institutions should also be closely reviewed. Bank accounts can often serve as a target for criminals to initiate account takeovers or commit identity theft by creating new accounts in the victims’ name. Consumers should never click on a link embedded in an e-mail from their bank, but rather open a new webpage and manually enter the URL (web address), because phishing scams often start with phony e-mails that feature the bank’s name and logo.

When shopping online, make sure to use reputable sites. Often consumers are shown specials on the web, or even in e-mail offers, that look too good to be true. These sites are used to capture personally identifiable information, including credit card numbers, addresses and phone numbers to make fraudulent transactions. It’s best to shop on sites with which you are familiar and that have an established reputation as trusted online retailers, according to the MRC, a nonprofit that supports and promotes operational excellence for fraud, payments and risk professionals within eCommerce.

If you look for an item or company name through a search engine site, scrutinize the results listed before going to a website. Do not automatically click on the first result, even if it looks identical or similar to the desired result. Many fraudsters go to extreme lengths to have their own website appear ahead of a legitimate company on popular search engines. Their website may be a mirrored version of a popular website, but with a slightly different URL.

Purchases made on these sites could result in one or more of the following consequences: never receiving the item, having your credit card details stolen, or downloading malware/computer virus to your computer. Before clicking on a result in a search engine, inspect the URL of the destination website. Look for any misspellings or extra characters such as a period or comma as these are indicative of fraud. When taken to the payment page of a website, again verify the URL and ensure it is secure by starting with “HTTPS,” not just “HTTP.”

Here are some additional tips you can use to avoid becoming a victim of cyber fraud:

  • Do not respond to unsolicited (spam) e-mail.
  • Do not click on links contained within an unsolicited e-mail.
  • Be cautious of e-mail claiming to contain pictures in attached files; the files may contain viruses. Only open attachments from known senders. Scan the attachments for viruses if possible.
  • Avoid filling out forms contained in e-mail messages that ask for personal information.
  • Always compare the link in the e-mail to the link you are actually directed to and determine if they match and will lead you to a legitimate site.
  • Log on directly to the official website for the business identified in the e-mail instead of “linking” to it from an unsolicited e-mail. If the e-mail appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information.
  • Contact the actual business that supposedly sent the e-mail to verify that the e-mail is genuine.
  • If you are requested to act quickly or there is an emergency that requires your attention, it may be a scam. Fraudsters create a sense of urgency to get you to act quickly.
  • Remember if it looks too good to be true, it probably is.

Finally, check these additional sources to become even more informed on safe online shopping. Previous Holiday Shopping Tips public service announcements can be viewed on IC3.gov at the following links: http://www.ic3.gov/media/2012/121120.aspx, http://www.ic3.gov/media/2011/111121.aspx and
http://www.ic3.gov/media/2010/101118.aspx.

US-CERT posted a Holiday Season Phishing Scams and Malware Campaigns release on Nov. 19, 2013, reminding consumers to stay aware of seasonal scams. The entire alert can be viewed at https://www.us-cert.gov/ncas/current-activity/2013/11/19/Holiday-Season-Phishing-Scams-and-Malware-Campaigns.

To receive the latest information about cyber scams, go to FBI.gov and sign up for e-mail alerts by clicking on the red envelope labeled “get FBI updates.” If you have received a scam e-mail, notify the IC3 by filing a complaint at www.ic3.gov. For more information on e-scams, please visit the FBI’s “New E-Scams” and Warnings webpage at http://www.fbi.gov/scams-safety/e-scams.

Ransomware

November 25 2013 by admin in Uncategorized |Comments Off

Ransomware is a type of malware that takes over your computer. Then, the captor extorts money from you to restore your computer.

The FBI is aware of a file-encrypting Ransomware known as CryptoLocker. Businesses are receiving emails with alleged customer complaints containing attachments that when opened, appear as a window that is in fact a malware downloader. This downloader installs the actual CryptoLocker malware.

The verbiage in the window states that important files have been encrypted using a unique public key generated for the computer. To decrypt the files you must obtain the private key. A copy of the private key is located on a remote server that will destroy the key after the specified time shown in the window. The attackers demand payment of a ransom ranging from $100 to $300 to decrypt the files.

SCREENSHOT

Ransomware "Fake" Downloader

Ransomware “Fake” Downloader

*Unfortunately, once the encryption of the files is complete, decryption is not feasible. To obtain the file specific Advanced Encryption Standard (AES) key to decrypt a file, you need the private RSA key (an algorithm for public key cryptography) corresponding to the RSA public key generated for the victim’s system by the command and control server. However, this key never leaves the command and control server, putting it out of reach of everyone except the attacker. The recommended solution is to scrub your hard drive and restore encrypted files from a backup.

As with any virus or malware, the way to avoid it is with safe browsing and email habits. Specifically, in this case, be wary of email from senders you don’t know, and never open or download an attachment unless you’re sure you know what it is and that it’s safe. Be especially wary of unexpected email from postal/package services and dispute notifications.

If you have been a victim of an internet scam, please file a complaint at www.ic3.gov.

Google and Yahoo Hacked by U.S.A.

October 31 2013 by admin in Uncategorized |Comments Off

WASHINGTON DC — According to the Washington Post, documents supplied by Edward Snowden revealed that the United States government illegally infiltrated Google and Yahoo spying on millions of US citizens:

The National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world, according to documents obtained from former NSA contractor Edward Snowden and interviews with knowledgeable officials.

By tapping those links, the agency has positioned itself to collect at will from among hundreds of millions of user accounts, many of them belonging to Americans. The NSA does not keep everything it collects, but it keeps a lot.

According to a top secret accounting dated Jan. 9, 2013, NSA’s acquisitions directorate sends millions of records every day from Yahoo and Google internal networks to data warehouses at the agency’s Fort Meade headquarters. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — ranging from “metadata,” which would indicate who sent or received e-mails and when, to content such as text, audio and video.

The NSA’s principal tool to exploit the data links is a project called MUSCULAR, operated jointly with the agency’s British counterpart, GCHQ. From undisclosed interception points, the NSA and GCHQ are copying entire data flows across fiber-optic cables that carry information between the data centers of the Silicon Valley giants.

The infiltration is especially striking because the NSA, under a separate program known as PRISM, has front-door access to Google and Yahoo user accounts through a court-approved process.

The MUSCULAR project appears to be an unusually aggressive use of NSA tradecraft against flagship American companies. The agency is built for high-tech spying, with a wide range of digital tools, but it has not been known to use them routinely against U.S. companies.

White House officials and the Office of the Director of National Intelligence, which oversees the NSA, declined to confirm, deny or explain why the agency infiltrates Google and Yahoo networks overseas.

In a statement, Google said it was “troubled by allegations of the government intercepting traffic between our data centers, and we are not aware of this activity.”

“We have long been concerned about the possibility of this kind of snooping, which is why we continue to extend encryption across more and more Google services and links,” the company said.

At Yahoo, a spokeswoman said: “We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.”

Under PRISM, the NSA already gathers huge volumes of online communications records by legally compelling U.S. technology companies, including Yahoo and Google, to turn over any data matching court-approved search terms. That program, which was first disclosed by The Washington Post and the Guardian newspaper, is authorized under Section 702 of the Foreign Intelligence Surveillance Act and overseen by the Foreign Intelligence Surveillance Court.

Intercepting communications overseas has clear advantages for the NSA, with looser restrictions and less oversight. NSA documents about the effort refer directly to “full take,” “bulk access” and “high volume” operations on Yahoo and Google networks. Such large-scale collection of Internet content would be illegal in the United States, but the operations take place overseas, where the NSA is allowed to presume that anyone using a foreign data link is a foreigner.

In this slide from a National Security Agency presentation on “Google Cloud Exploitation,” a sketch shows where the “Public Internet” meets the internal “Google Cloud” where user data resides. Two engineers with close ties to Google exploded in profanity when they saw the drawing.

Cyber Security

October 25 2013 by admin in Uncategorized |Comments Off

Homeland Security suggests:

The majority of cybercriminals do not discriminate; they target vulnerable computer systems regardless of whether they are part of a government agency, Fortune 500 company, small business, or belong to a home user. However, there are steps you can take to minimize your chances of an incident:

Set strong passwords, change them regularly, and don’t share them with anyone.
Keep your operating system, browser, and other critical software optimized by installing updates.
Maintain an open dialogue with your friends, family, colleagues and community about Internet safety.
Use privacy settings and limit the amount of personal information you post online.
Be cautious about offers online – if it sounds too good to be true, it probably is.

Incident Response

The extent, nature, and timing of cyber incidents are impossible to predict. If you are a victim of a cyber incident, follow the steps below to respond and recover from the incident.

Immediate Actions
  • Check to make sure the software on all of your systems is up-to-date.
  • Run a scan to make sure your system is not infected or acting suspiciously.
  • If you find a problem, disconnect your device from the Internet and perform a full system restore.
If at Home
  • Disconnect your device from the Internet to prevent an attacker or virus from being able to access your system.
  • If you have anti-virus software installed on your device, update the virus definitions and perform a manual scan of your entire system. Install all of the appropriate patches to fix known vulnerabilities.
If at Work
  • If you have access to an IT department, contact them immediately.
  • If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators.
If at a public place (school, library, etc.)
  • Immediately inform a librarian, teacher, or manager in charge. If they have access to an IT department, contact them immediately.

Incident Reporting

After taking immediate action, notify the proper authorities:

Internet Privacy and USA Government Agencies

October 22 2013 by admin in Uncategorized |Comments Off

Any communication through our servers is subject to covert interception and modification by governmental agencies.

Electronic communication within the USA and a substantial portion of all
electronic communication outside the USA is recorded by US governmental
agencies and their contractors.There is therefore no expectation of privacy
in any electronic communication.

Any services we provide will be shared with US law enforcement agencies
or their contractors upon receipt of demand authorized by a court with
appropriate jurisdiction. We may not be able to explicitly inform you
of such a demand, since some of these demands are accompanied by a gag
order which would forbid us from informing anyone.

Even without such a legal demand, your communications are subject to
covert intercept and modification.

Beta Bot Malware Disables Anti-virus Programs

October 10 2013 by admin in Uncategorized |Comments Off

The FBI is aware of a new type of malware known as Beta Bot. Cyber criminals use Beta Bot to target financial institutions, e-commerce sites, online payment platforms, and social networking sites to steal sensitive data such as log-in credentials and financial information. Beta Bot blocks computer users’ access to security websites and disables anti-virus programs, leaving computers vulnerable to compromise.

Beta Bot infection vectors include an illegitimate but official looking Microsoft Windows message box named “User Account Control” that requests a user’s permission to allow the “Windows Command Processor” to modify the user’s computer settings. If the user complies with the request, the hackers are able to exfiltrate data from the computer. Beta Bot is also spread via USB thumb drives or online via Skype, where it redirects the user to compromised websites.

*Windows Command Process message box
Figure 1, Beta Bot “Windows Command Process” message box

Although Beta Box masquerades as the “User Account Control” message box, it is also able to perform modifications to a user’s computer. If the above pop-up message or a similar prompt appears on your computer and you did not request it or are not making modifications to your system’s configuration, do not authorize “Windows Command Processor” to make any changes.

Remediation strategies for Beta Bot infection include running a full system scan with up-to-date anti-virus software on the infected computer. If Beta Bot blocks access to security sites, download the latest anti-virus updates or a whole new anti-virus program onto an uninfected computer, save it to a USB drive and load and run it on the infected computer. It is advisable to subsequently re-format the USB drive to remove any traces of the malware.

NSA Violates Privacy Cracking Encryption

September 6 2013 by admin in Uncategorized |Comments Off

According to documents leaked by Edward Snowden, the Guardian newpaper has reported that the NSA is reading encrypted communications. The US spent over $250,000,000 per year on just one of the programs to crack the code. The Guardian reports:

US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.

The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.

The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – “the use of ubiquitous encryption across the internet”.

Those methods include covert measures to ensure NSA control over setting of international encryption standards, the use of supercomputers to break encryption with “brute force”, and – the most closely guarded secret of all – collaboration with technology companies and internet service providers themselves.

Through these covert partnerships, the agencies have inserted secret vulnerabilities – known as backdoors or trapdoors – into commercial encryption software.

The files, from both the NSA and GCHQ, were obtained by the Guardian, and the details are being published today in partnership with the New York Times and ProPublica. They reveal:

• A 10-year NSA program against encryption technologies made a breakthrough in 2010 which made “vast amounts” of data collected through internet cable taps newly “exploitable”.

• The NSA spends $250m a year on a program which, among other goals, works with technology companies to “covertly influence” their product designs.

• The secrecy of their capabilities against encryption is closely guarded, with analysts warned: “Do not ask about or speculate on sources or methods.”

• The NSA describes strong decryption programs as the “price of admission for the US to maintain unrestricted access to and use of cyberspace”.

• A GCHQ team has been working to develop ways into encrypted traffic on the “big four” service providers, named as Hotmail, Google, Yahoo and Facebook.

Spear-Phishing Email About Missing

August 27 2013 by admin in Uncategorized |Comments Off

by the FBI Cyber Division

The FBI has become aware of a spear phishing e-mail made to appear as if it were from the National Center for Missing and Exploited Children. The subject of the e-mail is “Search for Missing Children,” and a zip file containing 3 malicious files is attached. E-mail recipients should never open attachments or click links in suspicious e-mails. Spear-phishing attacks are often used by individuals conducting targeted, rather than opportunistic, attacks. Those responsible for the attack may be seeking precise information stored on an organization’s network or systems rather than monetary gain. Every organization is at risk of being the target of a spear-phishing attack. This type of activity can best be mitigated with increased cyber security. When weigh ing available options pertaining to the implementation of appropriate mitigation strategies, organizations must begin by asking themselves the following:
If proprietary data, personally identifiable information (PII), research and development – related data, e-mail, or other critical information were stolen, what would the current and future consequences be?

Has my organization evaluated data criticality based on risk? What must be protected in the organization? To mitigate the threat of spear-phishing and other targeted attacks, DHS’s United States Computer Emergency Readiness Team (US-CERT) recommends the following actions:
Always treat unsolicited or unexpected e-mail containing attachments or links with caution, even (and perhaps especially) when the e-mail appears related to known events or projects.

Monitor for and report on suspicious activity, such as spear phishing e-mails, leading up to significant events and meetings.

Educate users about social engineering and e-mail phishing related to high level events and meetings.

Measure expected network activity levels so that changes in patterns can be more easily identified. If you have received a suspicious e-mail at work, please report it to your organization in accordance with your organization’s security policy. You may also report this activity to the FBI by filing a complaint at www.ic3.gov. US-CERT can be reached by telephone at 888-282-0870 or by e-mail at SOC@us-cert.gov. US-CERT’s web site can be found online at www.us-cert.gov.

When available, each report submitted should include the date, time, location, type of activity, number of people, and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.

Next Page »