Category Archives: Risk management

KeithAlexanderSpeech

Shhh… Keith Alexander An Active Commodities Player At the NSA

Shhh-cretly last reported about former NSA director Keith Alexander and his private sector aspirations – when he sought in July as many as nine new patents for a computer security system he’s building at the private security firm he has co-founded, IronNet Cybersecurity, Inc., raising questions whether he was cashing in on classified information he has learned at the NSA where he has stepped down in March.

A new Foreign Policy report released Wednesday showed the former spymaster has moved his pawns on the chessboard much earlier – trading in commodities linked to China and Russia, two countries which the NSA was spying on intensely – to seize the acute advantage he enjoyed with his privileged access to highly classified information. A new class of insider trading?

“U.S. officials have long insisted that the information that intelligence agencies steal from foreign corporations and governments is only used to make political and strategic decisions and isn’t shared with U.S. companies. But whether that spying could benefit individual U.S. officials who are privy to the secrets being collected, and what mechanisms are in place to ensure officials don’t personally benefit from insider knowledge, haven’t been widely discussed,” according to the report.

In answering questions on his post NSA ventures back in August:

“If I retired from the Army as a brain surgeon, wouldn’t it be OK for me to go into private practice and make money doing brain surgery?” Alexander said. “I’m a cyber guy. Can’t I go to work and do cyber stuff?”

Now it would be interesting to hear what he has to say about his (undisclosed) commodities trading activities during his NSA tenure.

Here is the full report from Foreign Policy:

Why Was the NSA Chief Playing the Market?

Newly released documents show the NSA chief was investing his money in commodities so obscure that most financial pros stay away.

BY Shane Harris
OCTOBER 22, 2014

At the same time that he was running the United States’ biggest intelligence-gathering organization, former National Security Agency Director Keith Alexander owned and sold shares in commodities linked to China and Russia, two countries that the NSA was spying on heavily.

At the time, Alexander was a three-star general whose financial portfolio otherwise consisted almost entirely of run-of-the-mill mutual funds and a handful of technology stocks. Why he was engaged in commodities trades, including trades in one market that experts describe as being run by an opaque “cartel” that can befuddle even experienced professionals, remains unclear. When contacted, Alexander had no comment about his financial transactions, which are documented in recently released financial disclosure forms that he was required to file while in government. The NSA also had no comment.

Alexander’s stock trades were reviewed by a government ethics official who raised no red flags, and there are no indications the former spymaster did anything wrong. There are also no indications that the trades did much for Alexander’s personal wealth. Disclosure documents show that he earned “no reportable income” from the sale of commodity company stocks, meaning either that it was less than a few hundred dollars or that possibly he lost money on the deals.

Still, the trades raise questions about whether Alexander’s job gave him insights into corporations and markets that may have influenced his personal financial investments. The NSA, which Alexander ran for more than eight years, routinely spies on foreign governments and businesses, including in Russia and China, where the agency has attempted to gain insights into political decision-making, economic strategy, and the countries’ plans for acquiring natural resources.

The financial disclosure documents, which were released to investigative journalist Jason Leopold and published this month by Vice News, reveal nothing explicitly about why Alexander sold the shares when he did. On Jan. 7, 2008, Alexander sold previously purchased shares in the Potash Corp. of Saskatchewan, a Canadian firm that mines potash, a mineral typically used in fertilizer. The potash market is largely controlled by companies in Canada, as well as in Belarus and Russia. And China was, and is, one of the biggest consumers of the substance, using it to expand the country’s agricultural sector and produce higher crop yields.

“It’s a market that’s really odd, involving collusion, where companies essentially coordinate on prices and output,” said Craig Pirrong, a finance professor and commodities expert at the University of Houston’s Bauer College of Business. “Strange things happen in the potash market. It’s a closed market. Whenever you have Russians and Chinese being big players, a lot of stuff goes on in the shadows.”

On the same day he sold the potash company shares, Alexander also sold shares in the Aluminum Corp. of China Ltd., a state-owned company headquartered in Beijing and currently the world’s second-largest producer of aluminum. U.S. government investigators have indicated that the company, known as Chinalco, has received insider information about its American competitors from computer hackers working for the Chinese military. That hacker group has been under NSA surveillance for years, and the Justice Department in May indicted five of its members.

Alexander may have sold his potash company shares too soon. The company’s stock surged into the summer of that year, reaching a high in June 2008 of $76.70 per share, more than $30 higher than the price at which Alexander had sold his shares five months earlier.

He may also have dodged a bullet. Shares in the company plunged in the second half of 2008, amid turmoil in the broader potash market. In 2009, “the bottom fell out of the market,” Pirrong said. Alexander may not have made a lot of money, but he also didn’t lose his shirt.

That didn’t keep the intelligence chief out of the trading game. In October 2008, in the midst of the potash downturn, Alexander purchased shares in an American potash supplier, the Mosaic Company, based in Plymouth, Minnesota. It was a good time to buy: On the day of the purchase, the stock closed at $33.16, having plummeted from highs of more than $150 per share during the summer.

But inexplicably, Alexander sold the shares less than three months later, in January 2009. The stock had barely appreciated in value, and Alexander again disclosed “no reportable income.”

The timing of both the potash and aluminum sales in January 2008 is also intriguing for political reasons. In the spring of 2008, shortly after Alexander sold his positions, senior U.S. officials began to speak on the record for the first time about the threat of cyber-espionage posed by Russia and especially China. Public attention to the intelligence threat was higher than it had been in recent memory. The optics of the NSA director owning stock in a company that his own agency believed may have been receiving stolen information from the Chinese government would have been embarrassing, to say the least.

In May 2008, four months after Alexander sold the shares, Joel Brenner, who at the time was in charge of all counterintelligence for the U.S. government and had previously served as the NSA’s inspector general, gave an interview to me when I was with National Journal and accused China of stealing secrets from American companies “in volumes that are just staggering.” Brenner’s comments came just three months ahead of the opening of the 2008 Olympic Games in Beijing. He eventually went on national U.S. television to warn Americans attending the games that they were at risk of having their cell phones hacked.

U.S. officials at the time said that computer hackers in both China and Russia were routinely breaking into the computers of American businesses to steal proprietary information, such as trade secrets, business strategy documents, and pricing information. Eventually, Alexander himself went on to call state-sponsored cyber-espionage “the greatest transfer of wealth” in American history, blaming it for billions of dollars in losses by U.S. businesses and a loss of competitive advantage.

By 2009, Alexander held no more direct shares in any foreign companies, his records show. His financial transactions while in government apparently garnered no additional scrutiny beyond a standard review by ethics officials, who found no violations. Under official rules governing conflicts of interest, a government employee is prohibited from owning more than $15,000 in holdings of a company “directly involved in a matter to which you have been assigned.” For Alexander, spying on foreign governments and protecting the United States from cyber-espionage would seem to meet that criteria. But his records indicate that he never owned in excess of $15,000 in any foreign company.

The financial disclosure forms don’t say when Alexander bought his shares. Citing ethics rules, the NSA told Leopold that it was only required to release six years’ worth of information, leaving a gap between 2005, when Alexander started at the NSA, and 2008, the first year for which the agency released his financial information. But there’s nothing in the documents that states Alexander used a blind trust, suggesting that he either made the trading decisions himself or was aware of them if they were handled by a broker or advisor.

U.S. officials have long insisted that the information that intelligence agencies steal from foreign corporations and governments is only used to make political and strategic decisions and isn’t shared with U.S. companies. But whether that spying could benefit individual U.S. officials who are privy to the secrets being collected, and what mechanisms are in place to ensure officials don’t personally benefit from insider knowledge, haven’t been widely discussed.

Alexander has arguably blurred the lines between his private interests and public obligations before. In July, Foreign Policy reported that he had filed patents for what he described in an interview as a “unique” approach to detecting malicious hackers and intruders on computer networks. But that technology was directly informed by the years Alexander spent at the NSA and as the head of U.S. Cyber Command, when he was responsible for detecting cyber-intrusions on military and intelligence agency computer networks.

“There is no easy black-and-white answer to this,” Scott Felder, a partner with the law firm Wiley Rein in Washington, said at the time, adding that it’s not uncommon for government employees to be granted patents to their inventions.

But another of Alexander’s business deals has also raised questions about whether he continues to benefit from classified information and access to top players at his old agency.

In an employment deal that prompted an internal investigation at the NSA and inquiries from Capitol Hill, Alexander arranged for the agency’s chief technology officer, Patrick Dowd, to work part time for a new cybersecurity consulting firm that Alexander started this year after leaving the NSA and retiring from the Army with a fourth star. Experts said the public-private setup was highly unusual and possibly unprecedented.

Reuters revealed the arrangement last week, and on Tuesday, Oct. 21, with pressure building from lawmakers to investigate, Alexander said that he was severing the relationship with Dowd. “While we understand we did everything right, I think there’s still enough issues out there that create problems for Dr. Dowd, for NSA, for my company,” Alexander told Reuters when explaining why he scuttled the deal. Alexander’s company, IronNet Cybersecurity, is based in Washington, and he has said he might charge clients as much as $1 million per month for his expertise and insights into cybersecurity.

TimCook-Foxconn-RoadTrip

Shhh… Tim Cook in China to Discuss Data Protection & iCloud Hacks

Apple CEO Tim Cook tweeted his photo Wednesday during a China “road trip” where he visited Foxconn and also met Chinese vice premier Ma Kai in Beijing to discuss recent targeted attacks on iCloud originating from the country – The activist group GreatFire.org has reportedly alleged Chinese government involvement.

Meanwhile, Apple has published a guide on how one can verify the authenticity of the iCloud website in Safari, Chrome and Firefox.

UdoUlfkotte

Shhh… Udo Ulfkotte: CIA Used Journalists to Push for War in Russia

Udo Ulfkotte, a former editor of German newspaper Frankfurter Allgemeine Zeitung, told Russia Today (RT) that he had worked for the CIA and he’s not alone – most so-called journalists in America and Europe are on “non-official cover” to run stories aimed to manipulate readers and create propaganda against Russia.

“The German and American media tries to bring war to the people in Europe, to bring war to Russia,” he said.

Comey-FBI

Shhh… FBI’s Comey Hints Action Against Apple & Google Over Encryption

The FBI director James Comey has been busy making his rounds pressurizing the Congress to force Apple and Google to do away with their new default smartphone encryption.

“Perhaps it’s time to suggest that the post-Snowden pendulum has swung too far in one direction — in a direction of fear and mistrust,” Comey reportedly told the Brookings Institution in a speech last week, where he hinted that the administration might consider new laws and regulations to force companies to offer the government some ways to unlock personal data stored on the phones, such as photos, videos, emails, messages and contacts list “so that those of us in law enforcement, national security and public safety can continue to do the job you have entrusted us to do, in the way you would want us to.”

Here are some video clips to amplify his views on the subject:

BearHacker

Shhh… Sandworm Team Turned Microsoft Windows Flaw into Russian Cyber-espionage Campaign

A group of hackers known as the “Sandworm Team”, allegedly from Russia, has found a fundamental flaw in Microsoft Windows (a zero-day vulnerability impacting all supported versions of Microsoft Windows and Windows Server 2008 and 2012) and turned it into a Russian cyber-espionage campaign targeting NATO, European Union, telecommunications and energy sectors – by pulling emails and documents off computers from NATO, Ukrainian government groups, Western European government officials, and also the energy sector and telecommunications firms, according to new research from iSight Partners, a Dallas-based cybersecurity firm.

iSIGHT_Partners_sandworm_timeline_13oct2014

Photo credit: iSight Partners.

BrowseAnonymously2

Shhh… Privacy: Tor Guide on Browsing Anonymously

Here’s an interesting chart on how to use Tor to browse the web anonymously:

TorInfographics

The Tor Project is a free software and an open network that shields your online identity and thus helps you maintain privacy by defending against network surveillance:

But Tor can still be compromised and multiple layers of security is recommended:

FlashlightApp

Shhh… Top 10 Flashlight Apps Major Privacy Breach & Windfall for CyberCriminals

“I think this is bigger than Ebola right now because 500 million people are infected and they don’t know it. But it’s not them, it’s their smartphone,” said Gary Miliefsky, CEO of SnoopWall, a counterveillance software company focused on helping consumers and enterprises protect their privacy on all of their computing devices including smartphones, tablets and laptops.

“The top 10 flashlight apps today that you can download from the Google Play Store are all malware. They’re malicious, they’re spying, they’re snooping and they’re stealing.”

The personal data stolen from our smartphones – including contacts, emails, messages, bank account details, photos, video, etc – are then sold to cybercriminals in 3 countries: China, India and Russia, according to Miliefsky, a founding member of the US Department of Homeland Security who has advised two White House Administrations on cybersecurity matters.

More information below from SnoopWall press release:

SnoopWall-PR1

SnoopWall-PR2

SnoopWall-PR3

SnoopWall-PR4

SnoopWall-PR5

SnoopWall-PR6

DropBox

Shhh… Dropbox Hacked?

Dropbox reportedly “appears” to have been hacked after anonymous hackers claimed to have compromised some 7 million accounts with several hundreds of usernames and passwords leaked in plain text so far, and with full leak promised if they received donations to their bitcoin address.

Dropbox, however, has denied claims of any data breach:

“Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.”

Advice: Change your password immediately. And just like the recent iCloud hack, think hard before you post anything personal and confidential online.

Google-JapanDoraemon

Shhh… Japan’s “Forget” Ruling on Google

The Tokyo District Court ordered Google Japan last Thursday to follow Europe’s recent “right to be forgotten” ruling and remove the search results of a Japanese man’s past relations with a criminal organization following his complaint of violation into his privacy.

According to the judge preceding the case, some of the Google results “infringe personal rights” and had harmed the plaintiff.

The European Court of Justice ruled in May that anyone living in the European Union and Europeans living outside the region could ask search engines to remove links if they believed the online contents breached their right to privacy and are “inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed.”

But despite the uproar and headlines in the aftermath, the dirty little secret is that nothing has really changed. What Google has effectively done is to remove results from name search of those names approved to be deleted but only on its European websites. The same results remain on the Google US homepage and all its non-European sites.

Furthermore, Google is only removing the results but not the links. Its European sites may have deleted the results for a search on a specific name but a search for the same name accompanied by other key words may still churn out the same results.

In an earlier Shhh-cretly column, I explained with examples why there is a limit on the extent of privacy and any attempt to manually and selectively remove the Google search contents, successful or otherwise, is like playing God.

Snowden-UKobserverIdeas2014

Shhh… Snowden Attacks UK’s “Anything Goes” Privacy Intrusions

In his first UK public appearance via satellite link from Moscow at the Observer Ideas festival on Sunday, Edward Snowden warned that British spy agencies are using digital technology to conduct mass population surveillance without any checks and balances at all and thus overreaching and encroaching on privacy rights in a way that he characterized as even worse than the US NSA had managed.

nsa-facebook

Shhh… NSA Disguised as Facebook Servers

The National Security Agency has been disguising itself as Facebook servers in order to gain access to the computers of intelligence targets, according to a new report by The Intercept:

“In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive.”

Snowden-CitizenFour

Shhh… Laura Poitras’ Documentary “CitizenFour” on Snowden Revelation to be Released

Mark your calendar. The 24th of October has been set for the official release of “Citizenfour”, a long anticipated ground-breaking documentary by Laura Poitras, premiered at the New York Film Festival on Friday night, which reveals a behind-the-scene and intimate portrait of Edward Snowden and his leak of NSA documents as it unfolded at the Mira hotel in Hong Kong last year.

citizenfour_poster

Poitras and former Guardian columnist Glenn Greenwald flew from New York to Hong Kong early June 2013 to meet Snowden for the first time. This documentary captures minute by minute their tense initial encounters and the many days of questioning, cross-examining and waiting for the Guardian greenlight to their explosive exposé that changed the world to this day.

CitizenB-NGF

Shhh-cretly Featured in “Citizen B”: A Documentary on Surveillance & Privacy

Shhh-cretly was interviewed by renowned and award-winning director Werner Boote, who was in Hong Kong with his Austrian crew this week to film Citizen B, a 90-minute documentary on surveillance and privacy to be released in 2015.

IMG_20141009_161005

IMG_20141009_161920

CitizenB

CitizenB2

GoogleHacked

Shhh… iCloud Hack Victims to Sue Google for $100 million

Photo credit: http://www.pitstopmedia.com/

Hollywood lawyer Marty Singer, of Los Angeles-based law firm Lavely & Singer, has written to Google chairman Eric Schmidt and founders Larry Page and Sergey Brin threatening to sue Google for US$100 million if the US search giant failed to remove the naked photos of their clients that were recently hacked and posted online.

Their clients include a dozen of Hollywood celebrities like Kate Upton, Amber Heard, Rihanna, Jennifer Lawrence, Ariana Grande and Cara Delevingne whose nude photos have been hacked and distributed online after hackers took advantage of a flaw in Apple’s password recovery system to gain access to their iCloud accounts.

Singer has accused Google of “blatantly unethical behavior” – as takedown requests were sent to the company days after the photos were leaked but those images remained on YouTube and blogs – and its failure “to act expeditiously, and responsibly to remove the images, but in knowingly accommodating, facilitating, and perpetuating the unlawful conduct. Google is making millions and profiting from the victimization of women”.

“The seriousness of this matter cannot be overstated. If Google continues to thumb its nose at my clients’ rights – and continues to both allow and facilitates the further victimization of these women – and disregards the demands of this letter, it does so at its own peril,” according to the letter (see below).

Google is no stranger to takedown requests.

A landmark ruling that originated from a Spanish court has led the European Court of Justice to rule last May that anyone living in the European Union and Europeans living outside the region could ask search engines to remove links if they believed the online contents breached their right to privacy and are “inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed”.

Following this controversial European “right to be forgotten” ruling, Google has started removing results from its search engine since late June.

Hacked celebrities threaten to sue

HKprotests3

Shhh… Phone Apps Disguised to Spy on Hong Kong Protesters

With the widespread use of social media during the week-long protests in Hong Kong, including attempts to find phone apps capable of defying potential shutdown of the power grid, this story from The Associated Press below (Credits to The Associated Press) is a timely stern reminder:

The Associated Press
Published: October 2, 2014

HONG KONG — The Chinese government might be using smartphone apps to spy on pro-democracy protesters in Hong Kong, a U.S. security firm said.

The applications are disguised as tools created by activists, said the firm, Lacoon Mobile Security. It said that once downloaded, they give an outsider access to the phone’s address book, call logs and other information.

The identities of victims and details of the servers used “lead us to believe that the Chinese government are behind the attack,” said a Lacoon statement.

China is, along with the United States and Russia, regarded as a leader in cyber warfare research. Security experts say China is a leading source of hacking attacks aimed at foreign governments and companies to computers in China.

The Chinese government has denied engaging in cyberspying and says China is among the biggest victims of hacking attacks.

Lacoon said it found two similar “malicious, fake” apps that appeared to be related. One targets phones that run Apple Inc.’s iOS operating system; the other is meant for phones using Google Inc.’s Android system.

The “very advanced software,” known as an mRAT, or multidimensional requirements analysis tool, “is undoubtedly being backed by a nation state,” the company said. Lacoon said it was calling the software Xsser.

“The Xsser mRAT represents a fundamental shift by nation-state cybercriminals from compromising traditional PC systems to targeting mobile devices,” the company said.

Such “cross-platform attacks” that target both Apple and Android phones are rare, which adds to signs a government is involved, Lacoon said. It said the app might be the first spyware for iOS created by a Chinese government entity.

In May, U.S. prosecutors charged five Chinese military officers with cyberspying and stealing trade secrets from major American companies. A security firm, Mandiant, said last year it traced attacks on American and other companies to a military unit in Shanghai.

Emmys

Shhh… The Guardian Bagged An Emmy

Congratulations to The Guardian for winning an Emmy award in New York Tuesday night for its groundbreaking coverage on the Snowden revelations.

The multimedia interactive feature NSA Decoded by The Guardian emerged the winner in the new approaches: current news category at the news and documentary Emmy awards.

The interactive coverage, which includes interviews and discussions with key players like journalist Glenn Greenwald, former NSA employees, senators and members of US congress, helps the audience understand the facts and implications of Edward Snowden’s disclosures last year about the NSA’s mass surveillance program.

The Guardian has also won in April, along with the Washington Post, the Pulitzer prize for public service for their groundbreaking coverage of the Snowden revelations.