DOCSLIB.ORG

Cyber Espionage

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyber Espionage Die approbierte Originalversion dieser Diplom-/ Masterarbeit ist in der Hauptbibliothek der Tech- nischen Universität Wien aufgestellt und zugänglich. http://www.ub.tuwien.ac.at The approved original version of this diploma or master thesis is available at the main library of the Vienna University of Technology. http://www.ub.tuwien.ac.at/eng Cyber Espionage An analysis of threats from Intelligence Gathering with an emphasis on Industrial Espionage in today’s information society DIPLOMARBEIT zur Erlangung des akademischen Grades Diplom-Ingenieur im Rahmen des Studiums Wirtschaftsinformatik eingereicht von Oleg Denisov Matrikelnummer 0725490 am Fachbereich Rechtswissenschaften der Technischen Universität Wien Betreuung: Ao. Univ.-Prof. Dr. iur. Markus Haslinger Wien, 20.04.2014 (Unterschrift Verfasser) (Unterschrift Betreuung) Technische Universität Wien A-1040 Wien Karlsplatz 13 Tel. +43-1-58801-0 www.tuwien.ac.at Cyber Espionage An analysis of threats from Intelligence Gathering with an emphasis on Industrial Espionage in today’s information society MASTER’S THESIS submitted in partial fulfillment of the requirements for the degree of Diplom-Ingenieur in Business Informatics by Oleg Denisov Registration Number 0725490 to the department of law at the Vienna University of Technology Advisor: Ao. Univ.-Prof. Dr. iur. Markus Haslinger Vienna, 20.04.2014 (Signature of Author) (Signature of Advisor) Technische Universität Wien A-1040 Wien Karlsplatz 13 Tel. +43-1-58801-0 www.tuwien.ac.at Erklärung zur Verfassung der Arbeit Oleg Denisov Geerzkamp 7, 22119 Hamburg Hiermit erkläre ich, dass ich diese Arbeit selbständig verfasst habe, dass ich die verwende- ten Quellen und Hilfsmittel vollständig angegeben habe und dass ich die Stellen der Arbeit - einschließlich Tabellen, Karten und Abbildungen -, die anderen Werken oder dem Internet im Wortlaut oder dem Sinn nach entnommen sind, auf jeden Fall unter Angabe der Quelle als Ent- lehnung kenntlich gemacht habe. (Ort, Datum) (Unterschrift Verfasser) i Acknowledgements First and foremost, I would like to thank my supervisor, Professor Markus Haslinger. Your expertise, enthusiasm and support have made it a pleasure to work with you. A special ’thank you’ goes to the seven interview partners, who helped me with their support and know-how on this very sensitive topic, and who can not be named in respect to the obligation of confidentiality regarding the company’s identity. Finally, I want to thank my beloved family, who supported me through the whole writing process. This work is dedicated to you. iii Abstract In recent years the technological advancements in the IT sector have created capabilities for state-affiliated authorities of an extent beyond belief. Taking into account the vast global net- work that is the internet, new opportunities arose to carry out cyber espionage for agencies like the US-American NSA or the British GCHQ, targeting individuals, companies, institutions and providers of critical infrastructure. This thesis analyses the present techniques of cyber espi- onage, and the corresponding emerging risks and threats to the know-how of companies, and to the privacy of individuals, outgoing from intelligence gathering techniques and industrial espionage: topics, that, due to their confidential character, have been subject only to limited research. Further, it investigates the possible preventive measures in the sphere of information secu- rity, to protect corporate and personal information, data in particular. In addition, further risks associated with global surveillance and cyber espionage in today’s information society are con- sidered, including the topics of Big Data, mobile devices and Cloud Computing, as well as the presence of cyber war. Furthermore, the European Union’s strategy to fight cyber attacks and intelligence gathering, as well as their plans concerning reporting requirements are highlighted. Finally, a look is taken into the scope of security measures, covering inter alia corporate security and alternatives for the individual person. After a theoretical introduction and a situational analysis with the objective to develop anti- cipation and prevention, the findings of seven interviews with IT experts are presented, evaluated and integrated into the existing state of knowledge. The results reveal that awareness needs to be raised regarding the various risks to information security, not only in the IT related sphere, but also with respect to the highest risk imposing body, the human being. v Kurzfassung In den letzten Jahren haben die technologischen Fortschritte in der IT-Branche staatlichen Be- hörden Möglichkeiten geschaffen, die weit jenseits der Vorstellungskraft liegen. Unter Berück- sichtigung des riesigen globalen Netzwerks, des Internet, enstanden neue Möglichkeiten für Geheimdienste, wie die US-amerikanische NSA oder die britische GCHQ, Cyber-Spionage an Einzelpersonen sowie Unternehmen, Institutionen und Anbietern von kritischen Infrastrukturen durchzuführen. Diese Masterthesis analysiert die aktuellen Techniken der Cyber-Spionage und die entsprechend auftretenden Risiken und Bedrohungen für das Know-how von Unternehmen und für die Privatsphäre des Einzelnen, ausgehend von modernen Techniken der Informations- beschaffung (Intelligence Gathering) und der Industriespionage: Themen, welche aufgrund ihrer geheimen Charakteristik bisher Gegenstand nur begrenzter Forschung waren. Ferner wird untersucht, welche möglichen präventiven Maßnahmen im Bereich der Infor- mationssicherheit existieren, um die unternehmensinternen Informationen und die Privatsphäre des Individuums, insbesondere Daten, zu schützen. Zusätzlich werden weitere entstandene Ri- siken in der heutigen Informationsgesellschaft betrachtet, die mit der zunehmenden globalen Überwachung und Cyber-Spionage entstanden sind, unter Berücksichtigung der Themen Big Data, mobile Geräte und Cloud Computing, sowie der Präsenz eines Cyber-Krieges. Ebenfalls diskutiert wird die Strategie der Europäischen Union im Kampf gegen Cyber-Angriffe und die globale Informationsbeschaffung sowie deren Pläne bezüglich einer Meldepflicht. Schließlich wird ein Blick auf eine Auswahl von Sicherheitsmaßnahmen geworfen, die unter anderem für die Unternehmenssicherheit und die Sicherheit der Privatsphäre der einzelnen Person existieren. Nach einer theoretischen Einführung und einer situativen Analyse mit dem Ziel, Antizipation und Prävention zu entwickeln, werden die Ergebnisse von sieben Interviews mit IT-Experten vorgestellt, bewertet und in den bestehenden Wissensstand integriert. Die Ergebnisse zeigen, dass das Bewusstsein im Hinblick auf die verschiedenen Risiken für die Informationssicherheit gesteigert werden muss: Und zwar nicht nur in der IT-bezogenen Umgebung, sondern auch in Bezug auf den Menschen, der heute immer noch das größte Risiko für ein Unternehmen darstellt. vii Contents List of Figures xiv List of Tables xv Abbreviations xix 1 History 1 1.1 Short introduction into the history of espionage . 1 2 Theoretical Political and Practical Background 5 2.1 Definitions of espionage . 5 What is espionage? . 5 What is cyber espionage? . 6 Targets of (cyber) espionage . 6 Methods of espionage . 6 Human Intelligence . 7 Signals Intelligence . 8 2.2 Industrial Espionage in numbers . 8 No reliance on accurate data . 10 2.3 How is espionage carried out? . 11 Difference between random and targeted attacks . 12 2.4 Technical conditions for intercepting communication and access . 13 The importance of fibre-optic cables . 15 Hollow fibre-optic cables . 15 Automated evaluation of intercepted communication . 15 2.5 Brusa, UKUSA, Five Eyes . 16 2.6 The communication interception system ECHELON . 17 Neglected propositions . 19 Damage caused by ECHELON . 20 Technology behind ECHELON . 20 ECHELON-type communications interception system and European Union law 21 Communications surveillance as a violation of the fundamental right to privacy 21 The protection of privacy under international agreements . 21 ix Monitoring of intelligence services . 23 ECHELON’s capabilities of conducting industrial espionage . 24 Conclusions taken from ECHELON . 24 2.7 Insurance companies advance to new markets . 25 2.8 NSA and its assignments . 26 How the events of 9/11 affected US authorities . 27 3 Cyber Spying 29 3.1 USA’s view on world cyber security issues . 29 3.2 Increasing industrial espionage over the internet . 29 3.3 UN’s input on Internet surveillance . 30 3.4 International Cyber Espionage activities . 31 Chinese industrial espionage . 31 ThyssenKrupp and EADS as targets . 31 Other Chinese espionage activities . 31 Targeting US-weapon systems . 32 Drone technology . 32 US investigations on threats by Chinese telecommunication companies 33 Australian company reports cyber attack from China . 34 Chinese counter-espionage . 34 Dummy infrastructure yields excessive cyber attacks . 35 Verizon report indicating industrial espionage . 35 Phishing . 38 Evolving cyber espionage techniques . 39 Watering hole attack . 39 3.5 Internet surveillance in Russia . 39 3.6 BND and surveillance . 40 Germany’s role in intelligence gathering . 41 3.7 British plans of building a new military cyber unit . 42 3.8 Austria develops cyber ’militia’ . 42 3.9 Mobile malware on the rise . 42 3.10 Visualization tools . 43 Google’s malware statistics . 44 3.11 Outlook . 44 4 Programs 47 4.1 Programs and operations indicating state-affiliated cyber espionage . 47 FinFisher . 47 FinFisher in detail . 48 BKA acquires FinFisher . 50 Information provided through presentation slides . 51 FinUSB Suite . 51 FinIntrusion Kit . 51 FinFly USB . 51 x FinFly Web . 52 FinFly ISP . 52 FinSpy Mobile . 52 China’s cyber operations . 53 Structure of an attack on the example of APT1 . 55 Infrastructure . 58 Stuxnet . 59 Flame, miniFlame, Gauss and Duqu . 63 Flame . 63 Gauss . 64 miniFlame . 65 Duqu . 66 GhostNet . 66 Planet Blue Coat . 68 Red October . 69 Winnti . 71 NetTraveler . 72 4.2 Analysis . 72 5 Governmental surveillance 75 5.1 A new pinnacle of global surveillance outgoing from the USA . 75 Edward Snowden’s confidential documents . 76 5.2 Prism . 77 Microsoft’s cooperation . 78 Backdoors in Skype, SkyDrive and Outlook . 79 How Prism works . 79 Fairview & Blarney . ..
Load more

Recommended publications
  • Understanding Schrems II and Its Impact on the EU-US Privacy Shield
    EU Data Transfer Requirements and U.S. Intelligence Laws: Understanding Schrems II and Its Impact on the EU-U.S. Privacy Shield March 17, 2021 Congressional Research Service https://crsreports.congress.gov R46724 SUMMARY R46724 EU Data Transfer Requirements and U.S. March 17, 2021 Intelligence Laws: Understanding Schrems II Chris D. Linebaugh and Its Impact on the EU-U.S. Privacy Shield Legislative Attorney On July 16, 2020, in a decision referred to as Schrems II, the Court of Justice of the European Edward C. Liu Union (CJEU) invalidated the EU-U.S. Privacy Shield (Privacy Shield). Privacy Shield is a Legislative Attorney framework developed by the European Union (EU) and the United States to facilitate cross- border transfers of personal data for commercial purposes. Privacy Shield requires companies and organizations that participate in the program to abide by various data protection requirements and, in return, assures the participants that the transfer is compliant with EU law. The CJEU, however, found Privacy Shield inadequate in part because it does not restrain U.S. intelligence authorities’ data collection activities. According to the CJEU, U.S. law allows intelligence agencies to collect and use the personal data transferred under the Privacy Shield framework in a manner that is inconsistent with rights guaranteed under EU law. The CJEU focused on Section 702 of the Foreign Intelligence Surveillance Act, Executive Order 12333, and Presidential Policy Directive 28, which govern how the U.S. government may conduct surveillance of non-U.S. persons located outside of the United States. The CJEU’s Schrems II ruling has significant implications for personal data transfers between the EU and the United States.
    [Show full text]
  • Through a PRISM, Darkly(PDF)
    NANOG 59 – October 7, 2013 Through a PRISM, Darkly Mark Rumold Staff Attorney, EFF NANOG 59 – October 7, 2013 Electronic Frontier Foundation NANOG 59 – October 7, 2013 NANOG 59 – October 7, 2013 NANOG 59 – October 7, 2013 What we’ll cover today: • Background; what we know; what the problems are; and what we’re doing • Codenames. From Stellar Wind to the President’s Surveillance Program, PRISM to Boundless Informant • Spying Law. A healthy dose of acronyms and numbers. ECPA, FISA and FAA; 215 and 702. NANOG 59 – October 7, 2013 the background NANOG 59 – October 7, 2013 changes technologytimelaws …yet much has stayed the same NANOG 59 – October 7, 2013 The (Way) Background • Established in 1952 • Twin mission: – “Information Assurance” – “Signals Intelligence” • Secrecy: – “No Such Agency” & “Never Say Anything” NANOG 59 – October 7, 2013 The (Mid) Background • 1960s and 70s • Cold War and Vietnam • COINTELPRO and Watergate NANOG 59 – October 7, 2013 The Church Committee “[The NSA’s] capability at any time could be turned around on the American people and no American would have any privacy left, such is the capability to monitor everything. Telephone conversations, telegrams, it doesn't matter. There would be no place to hide.” Senator Frank Church, 1975 NANOG 59 – October 7, 2013 Reform • Permanent Congressional oversight committees (SSCI and HPSCI) • Foreign Intelligence Surveillance Act (FISA) – Established requirements for conducting domestic electronic surveillance of US persons – Still given free reign for international communications conducted outside U.S. NANOG 59 – October 7, 2013 Changing Technology • 1980s - 2000s: build-out of domestic surveillance infrastructure • NSA shifted surveillance focus from satellites to fiber optic cables • BUT: FISA gives greater protection for communications on the wire + surveillance conducted inside the U.S.
    [Show full text]
  • New Ukusa Agree 10May55.Pdf
    ••• 1 / ! i -"----·-·-· TOP SECRET LSIB/J.U/55. lOih l~~ 1955~ caw No. • •• •lt . .... TO Tffii: UKUS.A. AGREEMKNT (TIIIIID EDITION) Please aO.d the follo·.ving liote ai'ter ;iaragre.ph 16 of tbe I · L~troduction to the UKUSA A?pendices (dated 1st June 1951): 1'0n 1st ldBy 1955 USCIE and ~IB agreed th.at a. general revision o£ the .A:~pendices 'Vo.A required. They furtner ag!"eed th.at. as a l"irzt steiJ tO\':B....rC such revision USCIB II ..,ould furnish LSIB, for cowment, detailed proposals v.:1ich are being -prepared by USCJ3. P~ndir,g agreement by both partie'5 on a general revision of the .A:ppendiccs, the Directon;, NSll. a.'ld GCHQ will: (a) determine ,jointly uny changes ·,\'11ich ~ be requi:rec_ in Appendices C, D, E, F, K, L,. and JI. and (b) implement. any suc:i c!'la!lgOS w'nicb they agn~ to be necessary. Although this interim auL.orization enables the Directors, rIBA a.r,d GCHQ, to change or interpret S"f>eCified A1Cpendices by !JlU~.l agreement, it does r.ot require USCIB O'r ISIB to appr"JYe such chP...nge:; o:r: interpret~ tions ?roviiled thcP.c- an: <:titoin tlt" spirit and intt:nt of curren'.;; liKUSA policy. IC ~/.I ~\··· Secretary, Sigint Board. eclassitied and approved for release by NSA on 04-08-2010 pursuant to E .0. 12958, as mended. ST5683LI TOP SECR.E'f , • '=' OGA" ... TOP SECRET EO L .. 4. (·d.)°. TO BE HANDLED IN ACCORDANCE WITH IRSIG .... ... ... ··-.. - .. ,__ ... --.... .,_ ''• ·-----Re'f•· TOP SECRET EmR.
    [Show full text]
  • The Right to Privacy and the Future of Mass Surveillance’
    ‘The Right to Privacy and the Future of Mass Surveillance’ ABSTRACT This article considers the feasibility of the adoption by the Council of Europe Member States of a multilateral binding treaty, called the Intelligence Codex (the Codex), aimed at regulating the working methods of state intelligence agencies. The Codex is the result of deep concerns about mass surveillance practices conducted by the United States’ National Security Agency (NSA) and the United Kingdom Government Communications Headquarters (GCHQ). The article explores the reasons for such a treaty. To that end, it identifies the discriminatory nature of the United States’ and the United Kingdom’s domestic legislation, pursuant to which foreign cyber surveillance programmes are operated, which reinforces the need to broaden the scope of extraterritorial application of the human rights treaties. Furthermore, it demonstrates that the US and UK foreign mass surveillance se practices interferes with the right to privacy of communications and cannot be justified under Article 17 ICCPR and Article 8 ECHR. As mass surveillance seems set to continue unabated, the article supports the calls from the Council of Europe to ban cyber espionage and mass untargeted cyber surveillance. The response to the proposal of a legally binding Intelligence Codexhard law solution to mass surveillance problem from the 47 Council of Europe governments has been so far muted, however a soft law option may be a viable way forward. Key Words: privacy, cyber surveillance, non-discrimination, Intelligence Codex, soft law. Introduction Peacetime espionage is by no means a new phenomenon in international relations.1 It has always been a prevalent method of gathering intelligence from afar, including through electronic means.2 However, foreign cyber surveillance on the scale revealed by Edward Snowden performed by the United States National Security Agency (NSA), the United Kingdom Government Communications Headquarters (GCHQ) and their Five Eyes partners3 1 Geoffrey B.
    [Show full text]
  • Electronic Security Squadron
    6915th ELECTRONIC SECURITY SQUADRON USAFSS turned over Hof Air Station, Germany, to the United States Air Forces in Europe (USAFE) and inactivated the 6915 SS. 1971 6915th Hof , West Germany (Closed 1971) 6915th ESS Bad Aibling, Ger. 1 Aug '79-30 Sept '93 LINEAGE STATIONS Bad Aibling Station, West Germany ASSIGNMENTS COMMANDERS LTC Arthur R. Marshall HONORS Service Streamers Campaign Streamers Armed Forces Expeditionary Streamers Decorations EMBLEM EMBLEM SIGNIFICANCE MOTTO NICKNAME OPERATIONS The 6915th Electronic Security Squadron is located at Bad Aibling Station, West Germany, in the heart of Bavaria, 35 miles southeast of Munich. The 6915th is a tenant unit, as Bad Aibling Station is "owned" by the Department of Defense. All facets of life on station are joint service. The 6915th enjoys a good relationship with the other services, both on the job and in the community. The mission is a challenging one with electronic equipment that is on the leading edge of technology. All work spaces are new or recently renovated and there are several new facility upgrades projected over the next years. In any workplace except the orderly room, a member's supervisor and coworkers could be Army, Navy, Air Force or civilian, making for a unique and interesting work environment. Although Bad Aibling Station is a small community, 6915th members enjoy a wide range of off duty activities. BAS has the full compliment of sports and leisure facilities with skiing, sight seeing, local German fests and many other outdoor activities offered off-station most of the year. In September 1987, the 6915th hosted their first Air Force Dining-Out.
    [Show full text]
  • Advocating for Basic Constitutional Search Protections to Apply to Cell Phones from Eavesdropping and Tracking by Government and Corporate Entities
    University of Central Florida STARS HIM 1990-2015 2013 Brave New World Reloaded: Advocating for Basic Constitutional Search Protections to Apply to Cell Phones from Eavesdropping and Tracking by Government and Corporate Entities Mark Berrios-Ayala University of Central Florida Part of the Legal Studies Commons Find similar works at: https://stars.library.ucf.edu/honorstheses1990-2015 University of Central Florida Libraries http://library.ucf.edu This Open Access is brought to you for free and open access by STARS. It has been accepted for inclusion in HIM 1990-2015 by an authorized administrator of STARS. For more information, please contact [email protected]. Recommended Citation Berrios-Ayala, Mark, "Brave New World Reloaded: Advocating for Basic Constitutional Search Protections to Apply to Cell Phones from Eavesdropping and Tracking by Government and Corporate Entities" (2013). HIM 1990-2015. 1519. https://stars.library.ucf.edu/honorstheses1990-2015/1519 BRAVE NEW WORLD RELOADED: ADVOCATING FOR BASIC CONSTITUTIONAL SEARCH PROTECTIONS TO APPLY TO CELL PHONES FROM EAVESDROPPING AND TRACKING BY THE GOVERNMENT AND CORPORATE ENTITIES by MARK KENNETH BERRIOS-AYALA A thesis submitted in partial fulfillment of the requirements for the Honors in the Major Program in Legal Studies in the College of Health and Public Affairs and in The Burnett Honors College at the University of Central Florida Orlando, Florida Fall Term 2013 Thesis Chair: Dr. Abby Milon ABSTRACT Imagine a world where someone’s personal information is constantly compromised, where federal government entities AKA Big Brother always knows what anyone is Googling, who an individual is texting, and their emoticons on Twitter.
    [Show full text]
  • A Failure of Intelligence: the Echelon Interception System & the Fundamental Right to Privacy in Europe
    Pace International Law Review Volume 14 Issue 2 Fall 2002 Article 7 September 2002 Post-Sept. 11th International Surveillance Activity - A Failure of Intelligence: The Echelon Interception System & the Fundamental Right to Privacy in Europe Kevin J. Lawner Follow this and additional works at: https://digitalcommons.pace.edu/pilr Recommended Citation Kevin J. Lawner, Post-Sept. 11th International Surveillance Activity - A Failure of Intelligence: The Echelon Interception System & the Fundamental Right to Privacy in Europe, 14 Pace Int'l L. Rev. 435 (2002) Available at: https://digitalcommons.pace.edu/pilr/vol14/iss2/7 This Article is brought to you for free and open access by the School of Law at DigitalCommons@Pace. It has been accepted for inclusion in Pace International Law Review by an authorized administrator of DigitalCommons@Pace. For more information, please contact [email protected]. POST-SEPT. 11TH INTERNATIONAL SURVEILLANCE ACTIVITY - A FAILURE OF INTELLIGENCE: THE ECHELON INTERCEPTION SYSTEM & THE FUNDAMENTAL RIGHT TO PRIVACY IN EUROPE Kevin J. Lawner* I. Introduction ....................................... 436 II. Communications Intelligence & the United Kingdom - United States Security Agreement ..... 443 A. September 11th - A Failure of Intelligence .... 446 B. The Three Warning Flags ..................... 449 III. The Echelon Interception System .................. 452 A. The Menwith Hill and Bad Aibling Interception Stations .......................... 452 B. Echelon: The Abuse of Power .................. 454 IV. Anti-Terror Measures in the Wake of September 11th ............................................... 456 V. Surveillance Activity and the Fundamental Right to Privacy in Europe .............................. 460 A. The United Nations International Covenant on Civil and Political Rights and the Charter of Fundamental Rights of the European Union... 464 B.
    [Show full text]
  • Open Source Intelligence (OSINT)
    ATP 2-22.9 Open-Source Intelligence July 2012 DISTRIBUTION RESTRICTION: Unlimited Distribution Headquarters, Department of the Army *ATP 2-22.9 Army Techniques Publication Headquarters No. 2-22.9 (FMI 2-22.9) Department of the Army Washington, DC, 10 July 2012 Open-Source Intelligence Contents Page PREFACE.............................................................................................................. iv INTRODUCTION .................................................................................................... v Chapter 1 OPEN-SOURCE INTELLIGENCE (OSINT) FUNDAMENTALS ........................ 1-1 Definition and Terms .......................................................................................... 1-1 Characteristics .................................................................................................... 1-1 The Intelligence Warfighting Function ................................................................ 1-2 The Intelligence Process .................................................................................... 1-3 The Planning Requirements and Assessing Collection Process ........................ 1-4 The Military Decisionmaking Process ................................................................ 1-4 Intelligence Preparation of the Battlefield ........................................................... 1-5 Chapter 2 PLANNING AND PREPARATION OF THE OSINT MISSION ............................. 2-1 Section I – Planning OSINT Activities ...........................................................
    [Show full text]
  • Considering the Creation of a Domestic Intelligence Agency in the United States
    HOMELAND SECURITY PROGRAM and the INTELLIGENCE POLICY CENTER THE ARTS This PDF document was made available CHILD POLICY from www.rand.org as a public service of CIVIL JUSTICE the RAND Corporation. EDUCATION ENERGY AND ENVIRONMENT Jump down to document6 HEALTH AND HEALTH CARE INTERNATIONAL AFFAIRS The RAND Corporation is a nonprofit NATIONAL SECURITY research organization providing POPULATION AND AGING PUBLIC SAFETY objective analysis and effective SCIENCE AND TECHNOLOGY solutions that address the challenges SUBSTANCE ABUSE facing the public and private sectors TERRORISM AND HOMELAND SECURITY around the world. TRANSPORTATION AND INFRASTRUCTURE Support RAND WORKFORCE AND WORKPLACE Purchase this document Browse Books & Publications Make a charitable contribution For More Information Visit RAND at www.rand.org Explore the RAND Homeland Security Program RAND Intelligence Policy Center View document details Limited Electronic Distribution Rights This document and trademark(s) contained herein are protected by law as indicated in a notice appearing later in this work. This electronic representation of RAND intellectual property is provided for non-commercial use only. Unauthorized posting of RAND PDFs to a non-RAND Web site is prohibited. RAND PDFs are protected under copyright law. Permission is required from RAND to reproduce, or reuse in another form, any of our research documents for commercial use. For information on reprint and linking permissions, please see RAND Permissions. This product is part of the RAND Corporation monograph series. RAND monographs present major research findings that address the challenges facing the public and private sectors. All RAND mono- graphs undergo rigorous peer review to ensure high standards for research quality and objectivity.
    [Show full text]
  • Jus Algoritmi: How the NSA Remade Citizenship
    Extended Abstract Jus Algoritmi: How the NSA Remade Citizenship John Cheney-Lippold 1 1 University of Michigan / 500 S State St, Ann Arbor, MI 48109, United States of America / [email protected] Introduction It was the summer of 2013, and two discrete events were making analogous waves. First, Italy’s Minister for Integration, Cécile Kyenge was pushing for a change in the country’s citizenship laws. After a decades-long influx of immigrants from Asia, Africa, and Eastern Europe, the country’s demographic identity had become multicultural. In the face of growing neo-nationalist fascist movements in Europe, Kyenge pushed for a redefinition of Italian citizenship. She asked the state to abandon its practice of jus sanguinis, or citizenship rights by blood, and to adopt a practice of jus soli, or citizenship rights by landed birth. Second, Edward Snowden fled the United States and leaked to journalists hundreds of thousands of classified documents from the National Security Agency regarding its global surveillance and data mining programs. These materials unearthed the classified specifics of how billions of people’s data and personal details were being recorded and processed by an intergovernmental surveillant assemblage. These two moments are connected by more than time. They are both making radical moves in debates around citizenship, though one is obvious while the other remains furtive. In Italy, this debate is heavily ethnicized and racialized. According to jus sanguinis, to be a legitimate part of the Italian body politic is to have Italian blood running in your veins. Italian meant white. Italian meant ethnic- Italian. Italian meant Catholic.
    [Show full text]
  • PRISM/US-984XN Overview
    TOP SFCRF.T//SI//ORCON//NOFORX a msn Hotmail Go« „ paltalk™n- Youffl facebook Gr-iai! AOL b mail & PRISM/US-984XN Overview OR The SIGAD Used Most in NSA Reporting Overview PRISM Collection Manager, S35333 Derived From: NSA/CSSM 1-52 April 20L-3 Dated: 20070108 Declassify On: 20360901 TOP SECRET//SI// ORCON//NOFORN TOP SECRET//SI//ORCON//NOEÛEK ® msnV Hotmail ^ paltalk.com Youi Google Ccnmj<K8t« Be>cnö Wxd6 facebook / ^ AU • GM i! AOL mail ty GOOglC ( TS//SI//NF) Introduction ILS. as World's Telecommunications Backbone Much of the world's communications flow through the U.S. • A target's phone call, e-mail or chat will take the cheapest path, not the physically most direct path - you can't always predict the path. • Your target's communications could easily be flowing into and through the U.S. International Internet Regional Bandwidth Capacity in 2011 Source: Telegeographv Research TOP SECRET//SI// ORCON//NOFORN TOP SECRET//SI//ORCON//NOEQBN Hotmail msn Google ^iïftvgm paltalk™m YouSM) facebook Gm i ¡1 ^ ^ M V^fc i v w*jr ComnuMcatiw Bemm ^mmtmm fcyGooglc AOL & mail  xr^ (TS//SI//NF) FAA702 Operations U « '«PRISM/ -A Two Types of Collection 7 T vv Upstream •Collection of ;ommujai£ations on fiber You Should Use Both PRISM • Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google Facebook, PalTalk, AOL, Skype, YouTube Apple. TOP SECRET//SI//ORCON//NOFORN TOP SECRET//SI//ORCON//NOEÛEK Hotmail ® MM msn Google paltalk.com YOUE f^AVi r/irmiVAlfCcmmjotal«f Rhnnl'MirBe>coo WxdS6 GM i! facebook • ty Google AOL & mail Jk (TS//SI//NF) FAA702 Operations V Lfte 5o/7?: PRISM vs.
    [Show full text]
  • SURVEILLE NSA Paper Based on D2.8 Clean JA V5
    FP7 – SEC- 2011-284725 SURVEILLE Surveillance: Ethical issues, legal limitations, and efficiency Collaborative Project This project has received funding from the European Union’s Seventh Framework Programme for research, technological development and demonstration under grant agreement no. 284725 SURVEILLE Paper on Mass Surveillance by the National Security Agency (NSA) of the United States of America Extract from SURVEILLE Deliverable D2.8: Update of D2.7 on the basis of input of other partners. Assessment of surveillance technologies and techniques applied in a terrorism prevention scenario. Due date of deliverable: 31.07.2014 Actual submission date: 29.05.2014 Start date of project: 1.2.2012 Duration: 39 months SURVEILLE WorK PacKage number and lead: WP02 Prof. Tom Sorell Author: Michelle Cayford (TU Delft) SURVEILLE: Project co-funded by the European Commission within the Seventh Framework Programme Dissemination Level PU Public X PP Restricted to other programme participants (including the Commission Services) RE Restricted to a group specified by the consortium (including the Commission Services) CO Confidential, only for members of the consortium (including the Commission Services) Commission Services) Executive summary • SURVEILLE deliverable D2.8 continues the approach pioneered in SURVEILLE deliverable D2.6 for combining technical, legal and ethical assessments for the use of surveillance technology in realistic serious crime scenarios. The new scenario considered is terrorism prevention by means of Internet monitoring, emulating what is known about signals intelligence agencies’ methods of electronic mass surveillance. The technologies featured and assessed are: the use of a cable splitter off a fiber optic backbone; the use of ‘Phantom Viewer’ software; the use of social networking analysis and the use of ‘Finspy’ equipment installed on targeted computers.
    [Show full text]