Shhh… GCHQ’s Hacking Tools Leaked

The latest Snowden revelations include a leaked document that lists the cyber-spy tools and techniques used by the American NSA’s UK counterpart GCHQ, according to a BBC News report.

More disturbing point: the GCHQ apparently used its toolbox to find ways to “alter the outcome of online polls, find private Facebook photos, and send spoof emails that appeared to be from Blackberry users, among other things”.

Post-Snowden, the US Reaps a Security Whirlwind

From China with Love

It’s the one year anniversary of what is now known as the Snowden revelations, which appeared on June 5 and June 9 when The Guardian broke news of classified National Security Agency documents and Edward Snowden revealed himself in Hong Kong as the source of those leaks.

There is still much to decipher from the chronology of events in the aftermath and the sudden global awakening to the end of privacy. Among the impacts on the personal, business and political fronts, one interesting salient feature is the hypocritical rhetorical spats between the US and China in recent weeks, which could set the undertone for US-Sino relations for years to come.

Snowden said his biggest fear is that nothing would change following his bold decision a year ago.

You can find the entire column here.

Cyberborgs for Cyber Wars

Creating Giants to Battle Snoops by NSA and the Likes

Size matters in the covert wars of cyber espionage – even more so when two Herculean cyber warriors merge on Wall Street. US cyber-security firm FireEye Inc. announced the acquisition of Mandiant Corp. late last week in a deal worth more than US$1 billion, generating not just an immediate surge in FireEye’s share price but a Mexican wave across the world.

This merger and creation of a next-generation cyber-security firm – FireEye is a provider of security software for detecting cyber-attacks and Mandiant a specialist firm best known for emergency responses to computer network breaches – comes at a time when old-style anti-virus software took a dive, with governments, companies and private citizens across the globe hunting desperately for more effective defensive measures to fend off sophisticated hackers and state-sponsored cyber-attacks.

But the interesting and ironic twist to this FireEye and Mandiant deal is that many of Mandiant’s employees came from the US intelligence world and the Defense Department.

Please find the entire column here and there.

Shhh… the NSA’s special app for iPhones

The NSA has a special DROPOUTJEEP program for all Apple devices including the iPhones to intercept all SMS messages, collect contact lists, locate a phone (and its user/owner) and also activate the device’s microphone and camera with 100 percent success rate, according to a leaked document obtained by German magazine Der Speigel and a presentation by security researcher/independent journalist Jacob Applebaum, who said:

“[The NSA] literally claim that anytime they target an iOS device that it will succeed for implantation. Either they have a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves. Not sure which one it is. I’d like to believe that since Apple didn’t join the PRISM program until after Steve Jobs died, that maybe it’s just that they write sh—y software. We know that’s true.”

I wrote in Sept 2012 that the NSA and Defense Information Systems Agency (the unit that manages all communications hardware needs for the Pentagon) issued their own specially developed smartphones for their top level officials. And they chose Android – no surprise now?!

Check out this NSA doc and YouTube presentation.

What Snowden Has Shown the World

The Year 2014 Equals 1 P.S.

Historians can be expected to mark June 9, 2013 as a significant date in the evolution of the surveillance and monitoring of mankind and peg 2013 alongside George Orwell’s Nineteen Eighty-Four, making 2014 officially 1PS – one year Post Snowden.

There is justification for this chronological divide. The world will be working its way out of the events of last June for years and decades to come, trying to come to grips with the astonishing ability of electronic snoopers to surreptitiously monitor the details of millions of lives.

It appears that they will continue to be able to do so despite growing knowledge of the pervasive level of this surveillance.

Please find the full column here.

The Walls that Spy

Bad news for those who say ‘If only the walls could talk’. They can.

Hotel rooms are never safe havens as spies know only too well, but warnings of the risk often fall on deaf ears, to the sorrow or sometimes embarrassment of the tenants. Two recent news stories and the episode that I describe below hopefully change the public perceptions.

The stories describe how the UK’s Government Communications Headquarters (GCHQ) has traced and wiretapped top diplomats in their hotel suites over the past three years through its secret “Royal Concierge” program, which tracked some 350 hotels across the world, according to documents exposed by the former US intelligence contractor turned fugitive Edward Snowden.

Separately, it emerged in media reports last week that US President Barack Obama takes extreme measures to ward off any threats of secret video or audio surveillance by setting up an anti-spy portable tent in his hotel suite when traveling abroad, including in allied countries that the US allegedly targeted in conducting massive surveillance against foreign leaders and citizens. That amplifies the deep US concerns about being spied upon as much as spying on its friends and risks inviting potential hypocritical labeling of the White House.

I have written previously about the risk but there is much more than meets the eye, including an interesting exchange I once had with a foreign agent about the spy trade and hotel room risks.

Please find the entire column here and there.

Security Lapse at the EU Summit

Security officials leave an easily tapped device in closed-door conferences of European leaders

In photos made public of several closed-door bilateral meetings between various European leaders last week, there were two common denominators. One was the presence of the French President Francois Hollande. The other was the VoIP phone on the desk. The question is: What is that phone doing there?

In the middle of a major brouhaha over charges that the US National Security Agency had allegedly monitored the phone conversations of foreign diplomats, the officials in those photos were speaking to each other in the presence of this easily-tapped device.

What these these photos highlight is a security lapse, thus generating many questions: What else have European countries missed and not done to better protect their leaders from American or any eavesdropping?

You can find the entire column here and there.

Was Edward Snowden A Spy?

Or was Dick Cheney looking for a cheap excuse to play politics?

Edward Snowden with his sudden departure from Hong Kong for Moscow and eventually elsewhere, possibly a country hostile to the US, would reignite the question if he’s a spy or double agent.

But the allegations made last week by former US vice president Dick Cheney that the National Security Agency whistle-blower Edward Snowden could be a spy for China is off track, and he knows it, and are a deliberate public distraction as the Obama administration searches for scapegoats in the midst of defending the NSA surveillance programs with their one and only trump card.

Snowden left with his passport annulled, a warrant on his head plus criminal charges of espionage, theft and communicating classified intelligence to unauthorized persons.

But here is the dichotomy: While the corporate world is still coping with US regulations on better corporate governance practices, where does the notion of whistleblowing stand right now?

Please read the entire column here.

The Guardian Online Interview with Snowden

Check out the Guardian online interview with Edward Snowden here. Thousands of comments from readers and still counting.

If I Were Snowden

The Art of Hiding and Being Undetectable

The world knows by now Edward Snowden, the former private contractor for the National Security Agency who leaked revelations of massive US clandestine electronic surveillance and eavesdropping programs, is still at large in Hong Kong.

You might wonder how Snowden managed to remain obscure, both in the physical and cyber spheres.

Hong Kong, a former British colony now a major global financial center and Special Administrative Region of China, is one of the most densely populated areas in the world with a population of over seven million spread over just 1,104 square kilometers.

But it is precisely for these reasons that Hong Kong may be the ideal place. One could be easily spotted or located or one could capitalize on the dense crowd and modern infrastructure to negotiate his way unnoticed in the physical, digital and cyber dimensions.

And Snowden sure knows how to do that.

So what would you do if you were Snowden or if you simply needed to hide and remain undetectable for a period of time?

Please read the full column here and there.

The Enemies of the US

Take your pick: Edward Snowden, Internet and phone service providers, or just everybody?

The furor over the past week about how US intelligence agencies like the National Security Agency and the Federal Bureau of Investigation have for years scooped up massive loads of private communications data raises one critical and distressing question.

Who, worldwide and in the US, are the general public supposed to trust now that it seems all forms of digital and cyber communications risk being read by the American authorities? The Americans, it seems, don’t believe it’s that big a deal. By 62-34, according to the latest poll by Pew Research and the Washington Post, they say it’s more important to investigate the threats than protect their privacy. But what about the rest of the world?

The immediate acknowledgement, rather than point blank denial, of the massive clandestine eavesdropping programs is no doubt alarming even for those long suspicious of such covert undertakings. But the more disturbing part is that the official response amounts to plain outright lies.

Please read this entire Opinion Column here.

The Spying Game

Spies in the newsroom? Or spying on newsrooms? There’s far too much of both

(The Inside Story of the Bloomberg Spying Scandal – and Snooping on the Associated Press – and Some Remedies.)

I often get strange, tough questions from the clients of my business intelligence and commercial investigation firm, but the recent bombardments highlight a new trend: bloated or irrational paranoia, depending on your take.

Should I stop using emails? Would you recommend a personal VPN? Is it safer to discuss in person than over an electronic device?

Just last week, one client pondered whether he should be using the Bloomberg terminal and another questioned if his phone, video and Skype calls were safe. I can’t blame them. Just look at the headline news the past week alone…

Please read the full column here.

The Year of Red October

It is just three weeks into the new year and the signs are already on the wall: this is going to be a busy year of cyber espionage and cyber crime activities.

Please read full article here and there.

DIY Counter Espionage

Spying on Spies

The FBI probe into the scandal involving former CIA director David Petraeus and his mistress may have stolen global headlines the past week.

But there is something else the FBI knows that should warrant more attention. Something closer to those of us less exalted than the boss of the world’s most famous spy agency.

The FBI is known to have video footage, covertly taken in a hotel room somewhere in China, showing how Chinese agents broke in and swept through the belongings and laptop of an American businessman.

There were recent media reports of similar incidents. The FBI is now showing the clip as a warning to corporate security experts of major US companies.

The FBI also warned some months ago about the risks of using hotel wi-fi networks and recommended all government officials, businessmen and academic personnel take extra caution when traveling abroad.

Whilst the corporate world is often most at risks, the average citizens are also highly vulnerable, especially to electronic surveillance on home and foreign soil.

So what can one do to protect the personal data and business secrets on the computers, especially when traveling abroad?

Please read full article here and there.

How to Beat the CIA and Protect Your Data

A little secret and long overdue column – as I have promised some weeks ago.

How about leading a cyber lifestyle without the risks of compromising your computer, privacy and precious confidential data… ie. your life?!

There’s an easy solution and you do not have to be a computer expert. But the CIA, MI6, etc, wouldn’t want you to know the trick… because you can beat those spies and hackers by going online and leaving no trace.

Read the full article here.

Shhh… How to Beat the CIA and Protect Your Data

Business travel is a nightmare these days, especially when one visits a country known for high espionage/ corporate espionage activities or active government eavesdropping and wiretapping.

So what if you need to transmit confidential data, sensitive business information and trade secrets via emails or the cloud? Or simply access your online banking account?

Public wifi pose significant risks. The Internet connection in your hotel room is not any better. And you can forget the Internet cafe.

No worries, there’s a solution and I will soon be posting a column on this matter. Watch this space.