DOCSLIB.ORG

Nation-State Attackers and Their Effects on Computer Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Nation-State Attackers and their Effects on Computer Security by Andrew Springall A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy (Computer Science and Engineering) in the University of Michigan 2018 Doctoral Committee: Professor J. Alex Halderman, Chair Research Professor Peter Honeyman Professor Atul Prakash Assistant Professor Florian Schaub Andrew Springall [email protected] ORCID: 0000-0001-5999-9881 ©Andrew Springall 2018 Acknowledgments This dissertation, the research inside and outside of it, and so many more things would not be possible without the support of an innumerable number of people. I first want to thank my advisor, J. Alex Halderman for everything. The guidance, encouragement, advice, and freedom he’s given me over the last five years is nothing short of miraculous. I also want to thank Peter Honeyman for his steadfast view- points and willingness to openly challenge my perspective over the years. I’d also like to thank my labmates Zakir Durumeric, Eric Wustrow, James Kasten, David Adrian, Ariana Mirian, Benjamin VanderSloot, Matthew Bernhard, Allison Mc- Donald, and Chris Dzombak for their help, willingness to put up with me, and the wonderful discussions. To Mom, the prayers and pleadings to finish high school, and later college, have gotten me here and although I dismissed them at the time, they were undoubtedly needed and welcome. To Dad. you know. To the Marines, Sol- diers, Sailors, and Airmen from Parris Island, California, Maryland, Iraq, and Afghanistan, I can credit you for the mindset and insanity needed to get me this far. To Goose, Katherine, Ariana, and Cecylia, you’ve helped me keep what little of my sanity I have left throughout all this. Throughout the good and the bad, you’ve all been willing to help, mentor, counsel, and inspire me to do things I hon- estly never even imagined were possible. So to everyone listed above and everyone else, whether they know it or not: Thank You for everything you’ve done for me. i TABLE OF CONTENTS Acknowledgments ................................... i List of Figures ..................................... v List of Tables ...................................... viii Abstract ......................................... x Chapter 1 Introduction ..................................... 1 1.1 Computer Security and Nation-State Attackers...............2 1.2 Overview..................................4 2 Nation-State Attacker Model ............................ 6 2.1 Lexicon...................................7 2.1.1 Actors................................8 2.1.2 Actions...............................9 2.1.3 Descriptive............................. 10 2.1.4 Usage................................ 11 2.2 Characteristics of a Nation State Attacker................. 13 2.2.1 Sovereignty............................. 13 2.2.2 Access............................... 14 2.2.3 Money............................... 15 2.3 Advantages of a Nation State Attacker................... 17 2.3.1 Near Superset Attacker....................... 17 2.3.2 Specialization............................ 19 2.3.3 Non-Symmetric Defeats...................... 21 2.3.4 Distant Return Horizons...................... 24 2.4 Constraints of a Nation State Attacker................... 25 2.4.1 Scale................................ 25 2.4.2 Human Capital........................... 28 2.4.3 Oversight.............................. 31 2.4.4 Required Hard Victims....................... 33 2.5 Differences between Nation State Attackers................ 35 2.5.1 Treatment of Domestic Victims.................. 35 2.5.2 Acceptability of Public Attribution................ 36 2.5.3 Delegating Operations....................... 37 ii 2.6 Accounting for NS-Attackers........................ 39 2.6.1 Individual Perspective....................... 40 2.6.2 Organizational Perspective..................... 42 2.6.3 Researcher Perspective....................... 44 3 Impact on Computer Security ........................... 47 3.1 Background................................. 49 3.1.1 National ID Cards......................... 49 3.1.2 I-Voting Server Infrastructure................... 51 3.1.3 Voting Processes.......................... 53 3.2 Observations................................ 55 3.2.1 Inadequate Procedural Controls.................. 55 3.2.2 Lax Operational Security...................... 56 3.2.3 Insufficient Transparency...................... 57 3.2.4 Vulnerabilities in Published Code................. 60 3.3 Experimental Methodology......................... 60 3.3.1 Mock Election Setup........................ 61 3.3.2 Threat Model............................ 61 3.4 Attacks................................... 62 3.4.1 Client-side Attacks......................... 63 3.4.2 Server-side Attacks......................... 66 3.4.3 Attacking Ballot Secrecy...................... 68 3.5 Discussion.................................. 69 3.6 Conclusions................................. 70 4 Explaining and Evaluating Operations ...................... 73 4.1 Diffie-Hellman Cryptanalysis........................ 75 4.2 Attacking TLS................................ 78 4.2.1 TLS and Diffie-Hellman...................... 79 4.2.2 Active Downgrade to Export-Grade DHE............. 80 4.2.3 512-bit Discrete Log Computations................ 82 4.2.4 Active Attack Implementation................... 84 4.2.5 Other Weak and Misconfigured Groups.............. 85 4.3 State-Level Threats to DH......................... 87 4.3.1 Scaling NFS to 768- and 1024-bit DH............... 88 4.3.2 Is NSA Breaking 1024-bit DH?.................. 92 4.3.3 Effects of a 1024-bit Break..................... 95 4.4 Recommendations.............................. 97 4.5 Disclosure and Response.......................... 99 4.6 Conclusion................................. 99 5 Identifying and Analyzing Vulnerabilities ..................... 102 5.1 Background................................. 103 5.1.1 Forward Secrecy in TLS...................... 104 5.1.2 Session Resumption........................ 104 iii 5.1.3 Reusing Ephemeral Values..................... 106 5.1.4 Changes in TLS 1.3........................ 106 5.2 Data Collection............................... 107 5.3 TLS Secret State Longevity......................... 108 5.3.1 Session ID Lifetime........................ 109 5.3.2 Session Ticket Lifetime...................... 110 5.3.3 STEK Lifetime........................... 110 5.3.4 EC(DHE) Value Lifetime..................... 112 5.4 TLS Secret State Sharing.......................... 114 5.4.1 Shared Session ID Caches..................... 115 5.4.2 Shared STEKs........................... 116 5.4.3 Shared (EC)DHE Values...................... 116 5.5 Crypto Shortcut Dangers.......................... 118 5.5.1 Exposure from Session Tickets................... 118 5.5.2 Exposure from Session Caches................... 119 5.5.3 Exposure from Diffie-Hellman Reuse............... 120 5.5.4 Combined Exposure........................ 121 5.6 Nation-state Perspective........................... 121 5.6.1 The STEK as an Enabling Vector................. 122 5.6.2 Target Analysis: Google...................... 123 5.7 Discussion.................................. 125 5.7.1 Security Community Lessons................... 125 5.7.2 Server Operators Recommendations................ 126 5.8 Conclusion................................. 127 6 Future Work and Conclusion ............................ 129 6.1 Going Forward............................... 129 6.2 Conclusion................................. 131 Bibliography ...................................... 133 iv LIST OF FIGURES 1.1 NSA’s Scale of Attackers—Stratification of attackers according to an internal NSA presentation [74]. The classes are reasonably believed to be grandmother, 13 year old in the US, script kiddie, 16 year old in Romania, has some talent, has talent, and nation-state [380, 397].......................3 2.1 Definition of “person”—Privacy and Civil Liberties Oversight Board’s defi- nition of “persons” in relation to Section 702 [234]................7 2.2 Area Specialization—NSA’s collaborative effort for exploiting VPN traffic for intelligence [309]................................ 20 2.3 Single-Target Pseudocode ............................ 22 2.4 Multi-Target Pseudocode ............................ 22 2.5 Tiered Data Types—The tiers of network traffic and the NSA systems which store and handle that traffic [425]......................... 26 2.6 NSA’s Technology Risk Matrix—NSA’s risk analysis matrix used to priori- tize technologies for resource expenditure [288]................. 30 2.7 Tactical Choke Point—An example of a tactical choke point with one force stationed north of the river, and its opposition located across the river to the south [62]..................................... 42 2.8 Network Choke Point—An example of network structure with an underlying choke point [57].................................. 42 2.9 Vuvuzela System Architecture—The design of the Vuvuzela private messag- ing system [411].................................. 44 2.10 Hornet System Architecture—The design of the HORNET onion routing system [55]..................................... 44 3.1 I-voting client—Estonians use special client software and national ID smart- cards to cast votes online............................. 50 3.2 Verification app—A smartphone app allows voters to confirm that their votes were correctly recorded. We present two strategies an attacker can use to by- pass it......................................
Recommended publications
  • Dialectical Versus Empirical Thinking: Ten Key Elements of the Russian Understanding of Information Operations

    Dialectical Versus Empirical Thinking: Ten Key Elements of the Russian Understanding of Information Operations

    WARNING! The views expressed in FMSO publications and reports are those of the authors and do not necessarily represent the official policy or position of the Department of the Army, Department of Defense, or the U.S. Government. Dialectical Versus Empirical Thinking: Ten Key Elements of the Russian Understanding of Information Operations CALL Publication #98-21 by Mr. Thimothy L. Thomas Foreign Military Studies Office, Fort Leavenworth, KS. This article was previously published in The Journal of Slavic Military Studies, Vol. 11, No 1 (March 1998), pp. 40-62. and Conflict Studies Research Centre, RMA Sandhurst, England, July 1997, Report AA29 Introduction Finding similarities in the Russian and U.S. approaches to information operations (IO) is not a difficult task. Both countries' specialists closely study electronic warfare and command and control systems of other countries, and both stress the importance of the use of computers and information management in the preparation and conduct of modern combat operations. This includes the use of information to conduct psychological operations (PSYOP). Upon closer examination, however, the Russian approach to the information warfare (IW) aspect of IO has several elements that makes it unique and different. There are three principal reasons for the distinct Russian method. First, there is the issue of overall context. The Russian state, economy, and society are in a transition period resulting in institutional and philosophical instability. Russian mass consciousness, according to many prominent scientists and government officials, is vulnerable to manipulation by slick marketing campaigns and to exploitation by promises of economic and social prosperity during this transition period.
  • Foreign Interference with Democratic Institutions

    Foreign Interference with Democratic Institutions

    The Center for Ethics and the Rule of Law (CERL) at the University of Pennsylvania presents: FOREIGN INTERFERENCE WITH DEMOCRATIC INSTITUTIONS Featuring the 2017 Distinguished Haaga Lecture APRIL 18, 2017 Golkin 100, Fitts Auditorium | Penn Law CO-SPONSORED BY: CONFERENCE SCHEDULE TUESDAY, APRIL 18 | FITTS AUDITORIUM Ms. Carrie Cordero, Private practitioner and cybersecurity 1:00 – 2:30 PM expert; former Director of National Security Studies, PANEL 1: RUSSIAN CYBERHACKING Georgetown University Law Center AS AN ACT OF WAR? Mr. Luke Harding, Foreign Correspondent and former Moscow Bureau Chief, The Guardian Moderator: Prof. William Burke-White, Richard Perry Professor of Law and Director, Perry World House, University Dr. Timothy P. Murphy, President, Thomson Reuters Special of Pennsylvania Services; former FBI Deputy Director Col. Gary Corn, Staff Judge Advocate, US Cyber Command This program has been approved for 3.0 ethics CLE credits for Daniel (DJ) Rosenthal, Associate Managing Director, Kroll; Pennsylvania lawyers. CLE credit may be available in other former NSC Director for Counterterrorism and Senior Counsel jurisdictions as well. Attendees seeking CLE credit should at the ODNI and DOJ bring separate payment in the amount of $100.00 ($50.00 public interest/non-profit attorneys) cash or check made payable to Dr. Fred Kagan, Resident Scholar and Director, Critical Threats The Trustees of the University of Pennsylvania. Project, American Enterprise Institute Sean Kanuck, Center for International Security and Cooperation, Stanford University; former U.S. National 4:30 – 6:00 PM Intelligence Officer for Cyber Issues from 2011-2016 The 2017 Distinguished Haaga Lecture: Mr. David Sanger, Chief Washington Correspondent, The New York Times RUSSIAN MEDDLING IN THE 2016 PRESIDENTIAL ELECTION: IMPLICATIONS FOR THE RULE OF LAW 2:30 – 2:45 PM Speaker: General Michael Hayden BREAK Moderator: Prof.
  • Mutual Watching and Resistance to Mass Surveillance After Snowden

    Mutual Watching and Resistance to Mass Surveillance After Snowden

    Media and Communication (ISSN: 2183-2439) 2015, Volume 3, Issue 3, Pages 12-25 Doi: 10.17645/mac.v3i3.277 Article “Veillant Panoptic Assemblage”: Mutual Watching and Resistance to Mass Surveillance after Snowden Vian Bakir School of Creative Studies and Media, Bangor University, Bangor, LL57 2DG, UK; E-Mail: [email protected] Submitted: 9 April 2015 | In Revised Form: 16 July 2015 | Accepted: 4 August 2015 | Published: 20 October 2015 Abstract The Snowden leaks indicate the extent, nature, and means of contemporary mass digital surveillance of citizens by their intelligence agencies and the role of public oversight mechanisms in holding intelligence agencies to account. As such, they form a rich case study on the interactions of “veillance” (mutual watching) involving citizens, journalists, intelli- gence agencies and corporations. While Surveillance Studies, Intelligence Studies and Journalism Studies have little to say on surveillance of citizens’ data by intelligence agencies (and complicit surveillant corporations), they offer insights into the role of citizens and the press in holding power, and specifically the political-intelligence elite, to account. Atten- tion to such public oversight mechanisms facilitates critical interrogation of issues of surveillant power, resistance and intelligence accountability. It directs attention to the veillant panoptic assemblage (an arrangement of profoundly une- qual mutual watching, where citizens’ watching of self and others is, through corporate channels of data flow, fed back into state surveillance of citizens). Finally, it enables evaluation of post-Snowden steps taken towards achieving an equiveillant panoptic assemblage (where, alongside state and corporate surveillance of citizens, the intelligence-power elite, to ensure its accountability, faces robust scrutiny and action from wider civil society).
  • Inside Russia's Intelligence Agencies

    Inside Russia's Intelligence Agencies

    EUROPEAN COUNCIL ON FOREIGN BRIEF POLICY RELATIONS ecfr.eu PUTIN’S HYDRA: INSIDE RUSSIA’S INTELLIGENCE SERVICES Mark Galeotti For his birthday in 2014, Russian President Vladimir Putin was treated to an exhibition of faux Greek friezes showing SUMMARY him in the guise of Hercules. In one, he was slaying the • Russia’s intelligence agencies are engaged in an “hydra of sanctions”.1 active and aggressive campaign in support of the Kremlin’s wider geopolitical agenda. The image of the hydra – a voracious and vicious multi- headed beast, guided by a single mind, and which grows • As well as espionage, Moscow’s “special services” new heads as soon as one is lopped off – crops up frequently conduct active measures aimed at subverting in discussions of Russia’s intelligence and security services. and destabilising European governments, Murdered dissident Alexander Litvinenko and his co-author operations in support of Russian economic Yuri Felshtinsky wrote of the way “the old KGB, like some interests, and attacks on political enemies. multi-headed hydra, split into four new structures” after 1991.2 More recently, a British counterintelligence officer • Moscow has developed an array of overlapping described Russia’s Foreign Intelligence Service (SVR) as and competitive security and spy services. The a hydra because of the way that, for every plot foiled or aim is to encourage risk-taking and multiple operative expelled, more quickly appear. sources, but it also leads to turf wars and a tendency to play to Kremlin prejudices. The West finds itself in a new “hot peace” in which many consider Russia not just as an irritant or challenge, but • While much useful intelligence is collected, as an outright threat.
  • UNITED STATES DISTRICT COURT NORTHERN DISTRICT of INDIANA SOUTH BEND DIVISION in Re FEDEX GROUND PACKAGE SYSTEM, INC., EMPLOYMEN

    UNITED STATES DISTRICT COURT NORTHERN DISTRICT of INDIANA SOUTH BEND DIVISION in Re FEDEX GROUND PACKAGE SYSTEM, INC., EMPLOYMEN

    USDC IN/ND case 3:05-md-00527-RLM-MGG document 3279 filed 03/22/19 page 1 of 354 UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF INDIANA SOUTH BEND DIVISION ) Case No. 3:05-MD-527 RLM In re FEDEX GROUND PACKAGE ) (MDL 1700) SYSTEM, INC., EMPLOYMENT ) PRACTICES LITIGATION ) ) ) THIS DOCUMENT RELATES TO: ) ) Carlene Craig, et. al. v. FedEx Case No. 3:05-cv-530 RLM ) Ground Package Systems, Inc., ) ) PROPOSED FINAL APPROVAL ORDER This matter came before the Court for hearing on March 11, 2019, to consider final approval of the proposed ERISA Class Action Settlement reached by and between Plaintiffs Leo Rittenhouse, Jeff Bramlage, Lawrence Liable, Kent Whistler, Mike Moore, Keith Berry, Matthew Cook, Heidi Law, Sylvia O’Brien, Neal Bergkamp, and Dominic Lupo1 (collectively, “the Named Plaintiffs”), on behalf of themselves and the Certified Class, and Defendant FedEx Ground Package System, Inc. (“FXG”) (collectively, “the Parties”), the terms of which Settlement are set forth in the Class Action Settlement Agreement (the “Settlement Agreement”) attached as Exhibit A to the Joint Declaration of Co-Lead Counsel in support of Preliminary Approval of the Kansas Class Action 1 Carlene Craig withdrew as a Named Plaintiff on November 29, 2006. See MDL Doc. No. 409. Named Plaintiffs Ronald Perry and Alan Pacheco are not movants for final approval and filed an objection [MDL Doc. Nos. 3251/3261]. USDC IN/ND case 3:05-md-00527-RLM-MGG document 3279 filed 03/22/19 page 2 of 354 Settlement [MDL Doc. No. 3154-1]. Also before the Court is ERISA Plaintiffs’ Unopposed Motion for Attorney’s Fees and for Payment of Service Awards to the Named Plaintiffs, filed with the Court on October 19, 2018 [MDL Doc.
  • Lattice-Based Cryptography - a Comparative Description and Analysis of Proposed Schemes

    Lattice-Based Cryptography - a Comparative Description and Analysis of Proposed Schemes

    Lattice-based cryptography - A comparative description and analysis of proposed schemes Einar Løvhøiden Antonsen Thesis submitted for the degree of Master in Informatics: programming and networks 60 credits Department of Informatics Faculty of mathematics and natural sciences UNIVERSITY OF OSLO Autumn 2017 Lattice-based cryptography - A comparative description and analysis of proposed schemes Einar Løvhøiden Antonsen c 2017 Einar Løvhøiden Antonsen Lattice-based cryptography - A comparative description and analysis of proposed schemes http://www.duo.uio.no/ Printed: Reprosentralen, University of Oslo Acknowledgement I would like to thank my supervisor, Leif Nilsen, for all the help and guidance during my work with this thesis. I would also like to thank all my friends and family for the support. And a shoutout to Bliss and the guys there (you know who you are) for providing a place to relax during stressful times. 1 Abstract The standard public-key cryptosystems used today relies mathematical problems that require a lot of computing force to solve, so much that, with the right parameters, they are computationally unsolvable. But there are quantum algorithms that are able to solve these problems in much shorter time. These quantum algorithms have been known for many years, but have only been a problem in theory because of the lack of quantum computers. But with recent development in the building of quantum computers, the cryptographic world is looking for quantum-resistant replacements for today’s standard public-key cryptosystems. Public-key cryptosystems based on lattices are possible replacements. This thesis presents several possible candidates for new standard public-key cryptosystems, mainly NTRU and ring-LWE-based systems.
  • The Whistleno. 96, October 2018

    The Whistleno. 96, October 2018

    “All that is needed for evil to prosper is for people of good will to do nothing”—Edmund Burke The Whistle No. 96, October 2018 Newsletter of Whistleblowers Australia (ISSN 2205-0299) Reality Winner, imprisoned whistleblower Articles National Appreciation Day. The Senate resolu- tion encourages US federal agencies to Whistleblower Day inform IN 1777, ten sailors and marines from employees, contractors working on the ship Warren petitioned the US behalf of United States taxpayers, Continental Congress — the precursor and members of the public about the of the US Congress — to take action legal rights of citizens of the United against their commander, the first States to “blow the whistle” by commodore of the US Navy, who they honest and good faith reporting of alleged was war profiteering and misconduct, fraud, misdemeanors, mistreating prisoners of war. Congress or other crimes to the appropriate supported them, including when the authorities. commander took them to court. On July 30 the following year, the The resolution also acknowledges the US Continental Congress unani- After Whistleblowers Australia formed contributions whistleblowers have mously: in 1991, we were in contact with the made, at their own personal risk, NWC to support Australian whistle- “combating waste, fraud, abuse.” Resolved, That it is the duty of all blowers from the late 1980s, those who The US Congress has not yet desig- persons in the service of the United had forced the 1989 Queensland nated July 30 as National Whistle- States, as well as all other the in- Fitzgerald Inquiry and ones who later blower Day on a permanent basis.
  • In the United States Court of Appeals for The

    In the United States Court of Appeals for The

    Case: 17-15458 Date Filed: 01/31/2018 Page: 1 of 5 IN THE UNITED STATES COURT OF APPEALS FOR THE ELEVENTH CIRCUIT _______________________ No. 17-15458 _______________________ UNITED STATES OF AMERICA, Plaintiff-Appellee, vs. REALITY LEIGH WINNER, Defendant-Appellant _______________________ On Appeal from the United States District Court for the Southern District of Georgia _______________________ BEFORE: MARTIN, JORDAN, and ROSENBAUM, Circuit Judges. PER CURIAM: Reality Winner, who is charged with violating 18 U.S.C. § 793(e) by allegedly providing a classified top-secret government document to a news organization without authorization, appeals from the district court’s pretrial detention order. The district court found by a preponderance of the evidence that no condition, or combination of conditions, would reasonably assure Ms. Winner’s presence at trial, which is currently scheduled for March of 2018. See 18 U.S.C. § Case: 17-15458 Date Filed: 01/31/2018 Page: 2 of 5 3142(e)(1). See also United States v. Medina, 775 F.3d 1398, 1402 (11th Cir. 1985) (holding that risk of flight under the Bail Reform Act is determined under a preponderance of the evidence standard). Generally speaking, cases arising under the Bail Reform Act present mixed questions of law and fact which receive plenary review on appeal, but purely factual findings are reviewed only for clear error. See United States v. King, 849 F.2d 485, 487 (11th Cir. 1988); United States v. Hurtado, 779 F.2d 1465, 1471-72 (11th Cir. 1985). As explained in Hurtado, conclusions concerning the nature and circumstances of the offense and the weight of the evidence under § 3142(g)(1)- (2), as well as the factors set forth in § 3142(c)(1)(B), require the exercise of judgment and are reviewed de novo.
  • Case3:08-Cv-04373-JSW Document174-2 Filed01/10/14 Page1 of 7 Exhibit 2

    Case3:08-Cv-04373-JSW Document174-2 Filed01/10/14 Page1 of 7 Exhibit 2

    Case3:08-cv-04373-JSW Document174-2 Filed01/10/14 Page1 of 7 Exhibit 2 Exhibit 2 1/9/14 Case3:08-cv-04373-JSWNew Details S Document174-2how Broader NSA Surveil la n Filed01/10/14ce Reach - WSJ.com Page2 of 7 Dow Jones Reprints: This copy is for your personal, non-commercial use only. To order presentation-ready copies for distribution to your colleagues, clients or customers, use the Order Reprints tool at the bottom of any article or visit www.djreprints.com See a sample reprint in PDF Order a reprint of this article now format. U.S. NEWS New Details Show Broader NSA Surveillance Reach Programs Cover 75% of Nation's Traffic, Can Snare Emails By SIOBHAN GORMAN and JENNIFER VALENTINO-DEVRIES Updated Aug. 20, 2013 11:31 p.m. ET WASHINGTON—The National Security Agency—which possesses only limited legal authority to spy on U.S. citizens—has built a surveillance network that covers more Americans' Internet communications than officials have publicly disclosed, current and former officials say. The system has the capacity to reach roughly 75% of all U.S. Internet traffic in the hunt for foreign intelligence, including a wide array of communications by foreigners and Americans. In some cases, it retains the written content of emails sent between citizens within the U.S. and also filters domestic phone calls made with Internet technology, these people say. The NSA's filtering, carried out with telecom companies, is designed to look for communications that either originate or end abroad, or are entirely foreign but happen to be passing through the U.S.
  • The Iranian Cyber Threat

    The Iranian Cyber Threat

    The Iranian Cyber Threat May 2021 0 Contents Introduction .............................................................................................................................................. 2 Cyber Retaliation ..................................................................................................................................... 2 Iran’s National Security Strategy .............................................................................................................. 4 Laying the Groundwork ........................................................................................................................... 5 Structure ................................................................................................................................................... 5 Defense ................................................................................................................................................... 6 Offense .................................................................................................................................................... 6 History of Iranian Cyber Attacks and Incidents ........................................................................................... 7 The Attacks .............................................................................................................................................. 8 Iranian Cyber Army .................................................................................................................................
  • I,St=-Rn Endorsedb~ Chief, Policy, Information, Performance, and Exports

    I,St=-Rn Endorsedb~ Chief, Policy, Information, Performance, and Exports

    NATIONAL SECURITY AGENCY CENTRAL SECURITY SERVICE NSA/CSS POLICY 2-4 Issue Date: IO May 20 I 9 Revised: HANDLING OF REQUESTS FOR RELEASE OF U.S. IDENTITIES PURPOSE AND SCOPE This policy, developed in consultation with the Director of National Intelligence (DNI), the Attorney General, and the Secretary of Defense, implements Intelligence Community Policy Guidance I 07 .1 , "Requests for Identities of U.S. Persons in Disseminated Intelligence Reports" (Reference a), and prescribes the policy, procedures, and responsibilities for responding to a requesting entity, other than NSA/CSS, for post-publication release and dissemination of masked US person idenlity information in disseminated serialized NSA/CSS reporting. This policy applies exclusively to requests from a requesting entity, other than NSA/CSS, for post-publication release and dissemination of nonpublic US person identity information that was masked in a disseminated serialized NSA/CSS report. This policy does not apply in circumstances where a U.S. person has consented to the dissemination of communications to, from, or about the U.S. person. This policy applies to all NSA/CSS personnel and to all U.S. Cryptologic System Government personnel performing an NSA/CSS mission. \ This policy does not affect any minimization procedures established pursuant to the Foreign Intelligence Surveillance Act of 1978 (Reference b), Executive Order 12333 (Reference £), or other provisions of law. This policy does not affect the requirements established in Annex A, "Dissemination of Congressional Identity Information," of Intelligence Community Directive 112, "Congressional Notification" (Reference d). ~A General, U.S. Army Director, NSA/Chief, CSS i,st=-rn Endorsedb~ Chief, Policy, Information, Performance, and Exports NSA/CSS Policy 2-4 is approved for public release.
  • Mass Surveillance

    Mass Surveillance

    Mass Surveillance Mass Surveillance What are the risks for the citizens and the opportunities for the European Information Society? What are the possible mitigation strategies? Part 1 - Risks and opportunities raised by the current generation of network services and applications Study IP/G/STOA/FWC-2013-1/LOT 9/C5/SC1 January 2015 PE 527.409 STOA - Science and Technology Options Assessment The STOA project “Mass Surveillance Part 1 – Risks, Opportunities and Mitigation Strategies” was carried out by TECNALIA Research and Investigation in Spain. AUTHORS Arkaitz Gamino Garcia Concepción Cortes Velasco Eider Iturbe Zamalloa Erkuden Rios Velasco Iñaki Eguía Elejabarrieta Javier Herrera Lotero Jason Mansell (Linguistic Review) José Javier Larrañeta Ibañez Stefan Schuster (Editor) The authors acknowledge and would like to thank the following experts for their contributions to this report: Prof. Nigel Smart, University of Bristol; Matteo E. Bonfanti PhD, Research Fellow in International Law and Security, Scuola Superiore Sant’Anna Pisa; Prof. Fred Piper, University of London; Caspar Bowden, independent privacy researcher; Maria Pilar Torres Bruna, Head of Cybersecurity, Everis Aerospace, Defense and Security; Prof. Kenny Paterson, University of London; Agustín Martin and Luis Hernández Encinas, Tenured Scientists, Department of Information Processing and Cryptography (Cryptology and Information Security Group), CSIC; Alessandro Zanasi, Zanasi & Partners; Fernando Acero, Expert on Open Source Software; Luigi Coppolino,Università degli Studi di Napoli; Marcello Antonucci, EZNESS srl; Rachel Oldroyd, Managing Editor of The Bureau of Investigative Journalism; Peter Kruse, Founder of CSIS Security Group A/S; Ryan Gallagher, investigative Reporter of The Intercept; Capitán Alberto Redondo, Guardia Civil; Prof. Bart Preneel, KU Leuven; Raoul Chiesa, Security Brokers SCpA, CyberDefcon Ltd.; Prof.