The National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals.
The surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from each of the countries in the “Five Eyes” alliance — the United States, Canada, the United Kingdom, New Zealand and Australia.
The top-secret document, obtained from NSA whistleblower Edward Snowden, was published Wednesday by CBC News in collaboration with The Intercept. The document outlines a series of tactics that the NSA and its counterparts in the Five Eyes were working on during workshops held in Australia and Canada between November 2011 and February 2012.
The main purpose of the workshops was to find new ways to exploit smartphone technology for surveillance. The agencies used the Internet spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables and then to track down smartphone connections to app marketplace servers operated by Samsung and Google. (Google declined to comment for this story. Samsung said it would not be commenting “at this time.”)
As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users’ connections to app stores so that they would be able to send malicious “implants” to targeted devices. The implants could then be used to collect data from the phones without their users noticing.
Previous disclosures from the Snowden files have shown agencies in the Five Eyes alliance designed spyware for iPhones and Android smartphones, enabling them to infect targeted phones and grab emails, texts, web history, call records, videos, photos and other files stored on them. But methods used by the agencies to get the spyware onto phones in the first place have remained unclear.
The newly published document shows how the agencies wanted to “exploit” app store servers — using them to launch so-called “man-in-the-middle” attacks to infect phones with the implants. A man-in-the-middle attack is a technique in which hackers place themselves between computers as they are communicating with each other; it is a tactic sometimes used by criminal hackers to defraud people. In this instance, the method would have allowed the surveillance agencies to modify the content of data packets passing between targeted smartphones and the app servers while an app was being downloaded or updated, inserting spyware that would be covertly sent to the phones.
Tag: Edward Snowden
UK government quietly rewrites hacking laws to give GCHQ immunity
The UK government has quietly passed new legislation that exempts GCHQ, police, and other intelligence officers from prosecution for hacking into computers and mobile phones.
While major or controversial legislative changes usually go through normal parliamentary process (i.e. democratic debate) before being passed into law, in this case an amendment to the Computer Misuse Act was snuck in under the radar as secondary legislation. According to Privacy International, “It appears no regulators, commissioners responsible for overseeing the intelligence agencies, the Information Commissioner’s Office, industry, NGOs or the public were notified or consulted about the proposed legislative changes… There was no public debate.”
Privacy International also suggests that the change to the law was in direct response to a complaint that it filed last year. In May 2014, Privacy International and seven communications providers filed a complaint with the UK Investigatory Powers Tribunal (IPT), asserting that GCHQ’s hacking activities were unlawful under the Computer Misuse Act.
On June 6, just a few weeks after the complaint was filed, the UK government introduced the new legislation via the Serious Crime Bill that would allow GCHQ, intelligence officers, and the police to hack without criminal liability. The bill passed into law on March 3 this year, and it went into effect on May 3. Privacy International says there was no public debate before the law was enacted, with only a rather one-sided set of stakeholders being consulted (Ministry of Justice, Crown Prosecution Service, Scotland Office, Northern Ireland Office, GCHQ, police, and National Crime Agency).
Despite filing its complaint back way back in 2014, Privacy International wasn’t told about the changes to the Computer Misuse Act until last week—after the new legislation became effective. The UK government is allowed to do this, of course, but it’s a little more underhanded and undemocratic than usual.
New Zealand Plotted Hack on China With NSA
New Zealand spies teamed with National Security Agency hackers to break into a data link in the country’s largest city, Auckland, as part of a secret plan to eavesdrop on Chinese diplomats, documents reveal.
The covert operation, reported Saturday by New Zealand’s Herald on Sunday in collaboration with The Intercept, highlights the contrast between New Zealand’s public and secret approaches to its relationship with China, its largest and most important trading partner.
The hacking project suggests that New Zealand’s electronic surveillance agency, Government Communications Security Bureau, or GCSB, may have violated international treaties that prohibit the interception of diplomatic communications.
New Zealand has signed both the 1961 Vienna Convention on Diplomatic Relations and the 1963 Vienna Convention on Consular Relations, international treaties that protect the “inviolability” of diplomatic correspondance. The country’s prime minister, John Key, said in a recent speech on security that New Zealand had an obligation to support the rule of law internationally, and was “known for its integrity, reliability and independence.”
Last year, Key said that New Zealand’s relationship with China, worth an estimated $15 billion in annual two-way trade, had “never been stronger.” The relationship was not just about “purely trading,” he said, “it is so much broader and much deeper than that.”
In 2013, Key described a meeting with top Chinese officials in Beijing as “extremely warm” and told of how he was viewed as a “real friend” by the country’s premier, Li Keqiang.
At the same time, as minister in charge of the GCSB, Key was overseeing spying against China – which included the top-secret planned operation in Auckland, aimed at the Chinese consulate.
The hacking project is outlined in documents obtained by The Intercept from NSA whistleblower Edward Snowden.
Lobbyists for Spies Appointed To Oversee Spying
Who’s keeping watch of the National Security Agency? In Congress, the answer in more and more cases is that the job is going to former lobbyists for NSA contractors and other intelligence community insiders.
A wave of recent appointments has placed intelligence industry insiders into key Congressional roles overseeing intelligence gathering. The influx of insiders is particularly alarming because lawmakers in Washington are set to take up a series of sensitive surveillance and intelligence issues this year, from reform of the Patriot Act to far-reaching “information sharing” legislation.
After the first revelations of domestic surveillance by NSA whistleblower Edward Snowden, President Obama defended the spying programs by claiming they were “subject to congressional oversight and congressional reauthorization and congressional debate.” But as Rep. Alan Grayson, D-Fla., and other members of Congress have pointed out, there is essentially a “two-tiered” system for oversight, with lawmakers and staff on specialized committees, such as the House and Senate committees on Intelligence and Homeland Security, controlling the flow of information and routinely excluding other Congress members, even those who have asked for specific information relating to pending legislation.
Britain Used Spy Team to Shape Latin American Public Opinion on Falklands
Faced with mounting international pressure over the Falkland Islands territorial dispute, the British government enlisted its spy service, including a highly secretive unit known for using “dirty tricks,” to covertly launch offensive cyberoperations to prevent Argentina from taking the islands.
A shadowy unit of the British spy agency Government Communications Headquarters (GCHQ) had been preparing a bold, covert plan called “Operation QUITO” since at least 2009. Documents provided to The Intercept by National Security Agency whistleblower Edward Snowden, published in partnership with Argentine news site Todo Notícias, refer to the mission as a “long-running, large scale, pioneering effects operation.”
At the heart of this operation was the Joint Threat Research and Intelligence Group, known by the acronym JTRIG, a secretive unit that has been involved in spreading misinformation.
The British government, which has continuously administered the Falkland Islands — also known as the Malvinas — since 1833, has rejected Argentine and international calls to open negotiations on territorial sovereignty. Worried that Argentina, emboldened by international opinion, may attempt to retake the islands diplomatically or militarily, JTRIG and other GCHQ divisions were tasked “to support FCO’s [Foreign and Commonwealth Office’s] goals relating to Argentina and the Falkland Islands.” A subsequent document suggests the main FCO goal was to “[prevent] Argentina from taking over the Falkland Islands” and that new offensive cyberoperations were underway in 2011 to further that end.
Tensions between the two nations, which fought a war over the small archipelago in the South Atlantic Ocean in 1982, reached a boil in 2010 with the British discovery of large, offshore oil and gas reserves potentially worth billions of dollars.
The British government frames the issue as one of residents’ self-determination. Prime Minister David Cameron maintains that the islands will remain British as long as that was the will of their inhabitants, “full stop, end of story.”
Argentine President Cristina Kirchner, known for her provocative, left-leaning foreign policy since taking office in 2007, rallied regional and international leaders to pass resolutions in international bodies supportive of Argentina’s claim to the islands and stand against what she called the U.K.’s “downright colonialism.”
Even the United States, Britain’s closest ally, declined to support the U.K. position, instead offering to mediate a resolution between the two sides in 2010. Prime Minister Cameron rejected the proposal, calling it “disappointing.”
GCHQ’s efforts on Argentina and the Falklands between 2008 and 2011, the time period the documents cover, were broad and not limited solely to JTRIG. Surveillance of Argentine “military and Leadership” communications on various platforms was a “high priority” task. Despite the Obama administration’s unwillingness to publicly back their ally, NSA assistance was ongoing as of 2010. According to an NSA “Extended Enterprise Report” dated June 2008, based on NSA officials’ meetings with GCHQ representatives, Argentina was “GCHQ’s primary interest in the region.”
Encryption is the REAL threat – Head Europlod
Europe’s top cop has taken to the BBC to once again slam encryption as the biggest threat to counter-terrorism and law enforcement.
Europol Director Rob Wainright said encrypted communications gave plods across the continent the biggest headaches, and his main gripe was with the IT companies that provide them.
“We are disappointed by the position taken by these tech firms and it only adds to our problems in getting to the communications of the most dangerous people that are abusing the internet,” he said.
He told the civil liberties committee of the European Parliament the same thing last November. Now he says there is “a significant capability gap” that must be closed.
“It’s changed the very nature of counter-terrorist work from one that has been traditionally reliant on having good monitoring capability of communications to one that essentially doesn’t provide that anymore,” he told the Beeb.
However, Wainright himself will not get his hands on any of that “capability”. According to Europol’s website, the organisation itself “has neither the technical equipment nor the legal authorisation to wiretap or monitor members of the public by any technological means”.
“Any information being analysed by Europol is provided directly by the co-operating law enforcement agencies. Europol’s principal role is to gather, analyse and re-distribute data,” he said in the interview.
That hasn’t stopped EU countries beefing up Europol with a new European Internet Referral Unit to find, identify and potentially remove websites used by terrorist groups.
National leaders across the EU have been calling for increased access to private communications since the Charlie Hebdo attacks in Paris. The European Council hopes the new unit will be up and running by June.
Meanwhile, tech companies will continue to boost end-to-end encryption after the Snowden revelations created a business case, as consumers demanded their communications be secured.
Dutch MEP Sophie In’t Veld said she found his comments (which echo those of UK PM David Cameron) extremely worrying. “What is next? Having a lock on the front door of your home being a criminal offence? Banning people from protecting their private communications is unacceptable in a democratic society. We are really on a slippery slope here.”
“Not only individual citizens have a right to privacy, but journalists, politicians, lawyers, whistleblowers, NGOs, etc must be able to communicate freely, safely and knowing they are unobserved,” she added.
“There seems to be no limit to the appetite of secret services to know EVERYTHING about us, without being subject to any meaningful kind of oversight or bound by laws,” continued In’t Veld.
“He believes all of this is caused by the ‘revelations’ on NSA mass surveillance. “One would think it was the secret and illegal mass surveillance itself, not the fact it was revealed, that has breached trust,” said In’t Veld.
Inquiry Launched into New Zealand Mass Surveillance
New Zealand’s spy agency watchdog is launching an investigation into the scope of the country’s secret surveillance operations following a series of reports from The Intercept and its partners.
On Thursday, Cheryl Gwyn, New Zealand’s inspector-general of intelligence and security, announced that she would be opening an inquiry after receiving complaints about spying being conducted in the South Pacific by eavesdropping agency Government Communications Security Bureau, or GCSB.
In a press release, Gwyn’s office said: “The complaints follow recent public allegations about GCSB activities. The complaints, and these public allegations, raise wider questions regarding the collection, retention and sharing of communications data.”
This month, The Intercept has shined a light on the GCSB’s surveillance with investigative reports produced in partnership with the New Zealand Herald, Herald on Sunday, and Sunday-Star-Times.
The reports, based on information from National Security Agency whistleblower Edward Snowden and other sources, have revealed how the GCSB has been intercepting communications in bulk across a variety of neighboring South Pacific islands, raising concerns that New Zealand citizens’ emails and phone calls are being swept up in the dragnet.
The reports have also shown how the GCSB is funneling data into the NSA’s XKEYSCORE internet surveillance system from a surveillance base in the Waihopai Valley and is spying on about 20 countries across the world, predominantly in the Asia-Pacific region, including major trading partners such as Japan, Vietnam and China. The most recent stories have revealed that GCSB used XKEYSCORE to spy on emails about candidates vying to be the director general of the World Trade Organization and target top government officials and an anti-corruption campaigner in the Solomon Islands.
Following the disclosures, several of New Zealand’s opposition political leaders have criticized the surveillance and filed complaints with Gwyn, the inspector-general of intelligence and security.
In her statement on Thursday announcing the initiation of an inquiry, Gwyn said she would be conducting “a focused review of a particular area of GCSB or New Zealand Security Intelligence Service practice.”
She added: “I have today notified the acting director of the GCSB of my inquiry and of my intention in this inquiry to provide as much information to the public on my findings as I can, withholding only that information that cannot be disclosed without endangering national security. The director has assured me of the Bureau’s full co-operation.”
John Key, New Zealand’s prime minister, last year claimed that “there has never been any mass surveillance and New Zealand has not gathered mass information and provided it to international agencies.”
However, after The Intercept’s recent reports, former GCSB chief Bruce Ferguson admitted that the agency had been engaged in “mass collection” of data and said it was “mission impossible” to eliminate New Zealand citizens’ communications from being vacuumed up.
Responding to the news about the inspector general’s inquiry on Thursday, Prime Minister Key told the media he was “not fearful in the slightest” about its findings.
“That’s the reason we beefed up the inspector-general and, in fact, we’ve been talking to her,” Key said. “We’ve got absolutely no concerns about it.”
UK Police Can’t Confirm Or Deny Investigation Of Journalists It Publicly Confirmed In 2013
If you’re a UK-based journalist who’s reported on the Snowden leaks, it’s safe to say you’re under investigation. Not only are you being investigated, but that investigation itself is so secret, it can’t be discussed. The Intercept’s Ryan Gallagher sent a Freedom of Information request to London’s Metropolitan Police (the Met) for more information about the investigation — something twice publiclyconfirmed by Met representatives.
But when asked specifically for information on the ongoing investigation, the agency had nothing to say.
[T]he Metropolitan Police… says everything about the investigation’s existence is a secret and too dangerous to disclose. In response to a Freedom of Information Act request from this reporter, the force has repeatedly refused to release any information about the status of the investigation, how many officers are working on it, or how much taxpayer money has been spent on it. The Met wrote in its response:
“to confirm or deny whether we hold any information concerning any current or previous investigations into the alleged actions of Edward Snowden could potentially be misused proving detrimental to national security.’
In this current environment, where there is a possibility of increased threat of terrorist activity, providing any details even to confirm or deny that any information exists could assist any group or persons who wish to cause harm to the people of the nation which would undermine the safeguarding of national security.”
New Zealand Spied on WTO Director Candidates
New Zealand launched a covert surveillance operation targeting candidates vying to be director general of the World Trade Organization, a top-secret document reveals.
In the period leading up to the May 2013 appointment, the country’s electronic eavesdropping agency programmed an Internet spying system to intercept emails about a list of high-profile candidates from Brazil, Costa Rica, Ghana, Indonesia, Jordan, Kenya, Mexico, and South Korea.
New Zealand’s trade minister Tim Groser was one of nine candidates in contention for the position at the WTO, a powerful international organization based in Geneva, Switzerland that negotiates trade agreements between nations. The surveillance operation, carried out by Government Communications Security Bureau, or GCSB, appears to have been part of a secret effort to help Groser win the job.
Groser ultimately failed to get the position.
A top-secret document obtained by The Intercept and the New Zealand Herald reveals how GCSB used the XKEYSCORE Internet surveillance system to collect communications about the WTO director general candidates.
XKEYSCORE is run by the National Security Agency and is used to analyze billions of emails, Internet browsing sessions and online chats that are vacuumed up from about 150 different locations worldwide. GCSB has gained access to XKEYSCORE because New Zealand is a member of the Five Eyes surveillance alliance alongside the United States, the United Kingdom, Canada and Australia.
US Threatened Germany Over Snowden, Vice Chancellor Says
German Vice Chancellor Sigmar Gabriel said this week in Homburg that the U.S. government threatened to cease sharing intelligence with Germany if Berlin offered asylum to NSA whistleblower Edward Snowden or otherwise arranged for him to travel to that country. “They told us they would stop notifying us of plots and other intelligence matters,” Gabriel said.
The vice chancellor delivered a speech in which he praised the journalists who worked on the Snowden archive, and then lamented the fact that Snowden was forced to seek refuge in “Vladimir Putin’s autocratic Russia” because no other nation was willing and able to protect him from threats of imprisonment by the U.S. government (I was present at the event to receive an award). That prompted an audience member to interrupt his speech and yell out: “Why don’t you bring him to Germany, then?”
There has been a sustained debate in Germany over whether to grant asylum to Snowden, and a major controversy arose last year when a Parliamentary Committee investigating NSA spying divided as to whether to bring Snowden to testify in person, and then narrowly refused at the behest of the Merkel government. In response to the audience interruption, Gabriel claimed that Germany would be legally obligated to extradite Snowden to the U.S. if he were on German soil.
Afterward, however, when I pressed the vice chancellor (who is also head of the Social Democratic Party, as well as the country’s economy and energy minister) as to why the German government could not and would not offer Snowden asylum — which, under international law, negates the asylee’s status as a fugitive — he told me that the U.S. government had aggressively threatened the Germans that if they did so, they would be “cut off” from all intelligence sharing. That would mean, if the threat were carried out, that the Americans would literally allow the German population to remain vulnerable to a brewing attack discovered by the Americans by withholding that information from their government.