Tech & Science Elite Hackers: Stealing NSA Secrets Is ‘Child’s Play’

19:08  11 october  2017
19:08  11 october  2017 Source:   The Daily Beast

US pressured North Korea by overwhelming hackers with data traffic

  US pressured North Korea by overwhelming hackers with data traffic The US is no stranger to hacking North Korea, but it's usually in a bid to directly thwart the country's military ambitionsReportedly, the initiative was designed to be temporary and only lasted for half a year -- Trump signed the order in March, and it ended on September 30th. It wasn't destructive, either. According to the Post's sources, however, North Korean hackers were complaining about the ability to do their jobs during that period.

exclusive. Get Out. Elite Hackers : Stealing NSA Secrets Is ‘ Child ’ s Play ’. Like Snowden, Martin was a contractor and not an employee of the NSA , as was Reality Winner, who allegedly leaked a top- secret report about Russian interference in the U.S. election to news site The Intercept.

In context: Reports: Russian hackers stole NSA ' s cyber secrets . The NSA contractor worked at the agency ' s Tailored Access Operations unit for elite hackers before being fired in 2015, the Washington Post later reported. India-Australia 2nd T20- Who could be in the playing XI?

  Elite Hackers: Stealing NSA Secrets Is ‘Child’s Play’ © Photo Illustration by The Daily Beast The NSA’s hackers have a problem.

Last week, multiple outlets reported that the NSA’s elite Tailored Access Operations unit—tasked with breaking into foreign networks—suffered another serious data breach. The theft of computer code and other material by an employee in 2015 allowed the Russian government to more easily detect U.S. cyber operations, according to the Washington Post. It’s potentially the fourth large scale incident at the NSA to be revealed in the last five years.

Now, multiple sources with direct knowledge of TAO’s security procedures in the recent past tell The Daily Beast just how porous some of the defenses were to keep workers from stealing sensitive information—either digitally or by simply walking out of the front door with it.

Fitness model Zoë Daly sues dating agency Elite Introductions after bad date

  Fitness model Zoë Daly sues dating agency Elite Introductions after bad date A Sydney fitness model has won a legal battle with an elite dating agency after she demanded a refund following an unsuccessful meeting with a potential suitor.A Sydney fitness model has won a legal battle with an elite dating agency after a tribunal found she was pressured into handing over almost $5000 with the promise of meeting "amazing men" who "can't wait until the New Year".

How Russian Hackers Stole NSA Secret Info With The Help Of Kaspersky Antivirus. Hacking Gmail – Hackers Elite Ebook PDF. Kulshreshtha Verma - August 13, 2017.

Russian hackers supposedly used popular antivirus software to steal NSA secrets . Although what role Kaspersky played in the breach is not entirely clear, US officials believe antivirus scan performed by Kaspersky Lab’ s security software on the contractor' s computer helped Russian hackers in

One source described removing data from a TAO facility as “child’s play.” The Daily Beast granted the sources anonymity to talk candidly about the NSA’s security practices.

TAO is not your average band of hackers. Its operations have included digging into China’s networks, developing the tools British spies used to break into Belgium’s largest telecom, and hacking sections of the Mexican government. While other parts of the NSA may focus on tapping undersea cables or prying data from Silicon Valley giants, TAO is the tip of the NSA’s offensive hacking spear, and could have access to much more sensitive information ripped from adversaries’ closed networks. The unit deploys and creates sophisticated exploits that rely on vulnerabilities in routers, operating systems, and computer hardware the general population uses—the sort of tools that could wreak havoc if they fell into the wrong hands.

Walker hopes to inspire Australians to NHL

  Walker hopes to inspire Australians to NHL Nathan Walker's parents have backed his NHL dream since he was an 11-year-old in Sydney and allowed him to move to Europe by himself aged 13.Walker became the first Australian to play in the elite North American ice hockey league and made more history when he capped it off with a goal in his team's 6-1 win over the Montreal Canadiens in Washington DC on Saturday.

Russian government-backed hackers stole highly classified US cyber secrets from the National Security Agency in 2015 after a contractor In a later story, The Washington Post said the employee had worked at the NSA ’ s Tailored Access Operations unit for elite hackers before he was fired in 2015.

blog 'chrishunt.blogdetik.com' is not exists.

That doesn’t mean those tools are locked down, though. “TAO specifically had a huge amount of latitude to move data between networks,” the first source, who worked at the unit after Edward Snowden’s mega-leak, said. The former employee said TAO limited the number of USB drives—which could be used to steal data—after that 2013 breach, but he still had used several while working at TAO.

“Most operators knew how they could get anything they wanted out of the classified nets and onto the internet if they wanted to, even without the USB drives,” the former TAO employee said.

Transgender player awaits AFLW draft call

  Transgender player awaits AFLW draft call Transgender footballer Hannah Mouncey is awaiting a ruling on her eligibility to play in the AFL Women's competition.Former national men's handball player Hannah Mouncey has nominated for Wednesday's draft and is waiting to find out whether she will be eligible to be recruited.

The website you were trying to reach is temporarily unavailable. If you are the owner of this website, please contact Technical Support as soon as possible.

WASHINGTON: Russian government-backed hackers stole highly classified US cyber secrets in 2015 from the National Security Agency after a In a later story, The Washington Post said the employee had worked at the NSA ' s Tailored Access Operations unit for elite hackers before he was fired in 2015.

A second source, who also worked at TAO, told The Daily Beast, “most of the security was your co-workers checking to see that you had your badge on you at all times.”

The NSA—and recently TAO in particular—have suffered a series of catastrophic data breaches. On top of the Snowden incident and this newly-scrutinized 2015 breach, NSA contractor Hal Martin allegedly hoarded a trove of computer code and documents from the NSA and other agencies in the U.S. Intelligence Community. Martin worked with TAO, and he ended up storing the material in his car and residence, according to prosecutors. Like Snowden, Martin was a contractor and not an employee of the NSA, as was Reality Winner, who allegedly leaked a top-secret report about Russian interference in the U.S. election to news site The Intercept.

Then there’s the incident now in the news. Israeli operatives broke into the systems of the Russian cybersecurity firm Kaspersky Lab, officials told The Washington Post. On those systems were samples of sophisticated NSA hacking tools; a TAO employee had brought them home and placed them on his home computer. That machine was running Kasperky software, which allegedly sent the NSA tools back to Moscow.

Phoenix coach detects Sydney FC weaknesses

  Phoenix coach detects Sydney FC weaknesses Darije Kalezic's Phoenix have offered up a blueprint for playing Sydney FC, twice coming back from behind and pushing Graham Arnold's men until the last minute.The Phoenix offered up a blueprint for playing the reigning champions on Sunday, twice coming back from behind and pushing Graham Arnold's men until the final whistle at their Allianz Stadium fortress.

Home » Cyber News » Russian hackers stole U. S . cyber secrets from NSA . In a later story, The Washington Post said the employee had worked at the NSA ’ s Tailored Access Operations unit for elite hackers before he was fired in 2015.

The attack, which was carried out in 2015 but discovered only last year, has been considered by experts as "one of the most significant security breaches in recent years." Russian Hackers Stole NSA Secrets : Here' s How It Happened.

It’s not totally clear how the breach overlaps with any others, but in 2016, a group called The Shadow Brokers started publishing full NSA exploit and tool code. Various hackers went on to incorporate a number of the dumped exploits in their own campaigns, including some designed to break into computers and mine digital currency, as well as the WannaCry ransomware, which crippled tens of thousands of computers around the world. (A handful of other, smaller NSA-related disclosures, including a catalogue of TAO hacking gear from 2007 and 2008, as well as intelligence intercepts, were not attributed to the Snowden documents, and the public details around where that information came from are muddy.)

Although not a data breach per se, in 2015 Kaspersky publicly revealed details on the history and tools of the so-called Equation Group, which is widely believed to be part of the NSA. A third source, who worked directly with TAO, said the fallout from that exposure meant the hacking unit entered a “significant shutdown,” and “ran on minimum ops for months.”

Nevertheless, a report by the Defense Department’s inspector general completed in 2016 found that the NSA’s “Secure the Net” project—which aimed to restrict access to its most sensitive data after the Snowden breach—fell short of its stated aims. The NSA did introduce some improvements, but it didn’t effectively reduce the number of user accounts with ‘privileged’ access, which provide more avenues into sensitive data than normal users, nor fully implement technology to oversee these accounts’ activities, the report reads.

The World Once Laughed at North Korean Cyberpower. No More.

  The World Once Laughed at North Korean Cyberpower. No More. While the world is fixated on its nuclear missiles, North Korea has also developed a cyberattack program that is stealing millions and unleashing havoc.When North Korean hackers tried to steal $1 billion from the New York Federal Reserve last year, only a spelling error stopped them. They were digitally looting an account of the Bangladesh Central Bank, when bankers grew suspicious about a withdrawal request that had misspelled “foundation” as “fandation.

blog 'andrewlowry.blogdetik.com' is not exists.

blog 'markgrant.blogdetik.com' is not exists.

Physical security wasn’t much better, at least at one TAO operator’s facility. He told The Daily Beast that there were “no bag checks or anything” as employees and contractors left work for the day—meaning, it was easy smuggle things home. Metal detectors were present, including before Snowden, but “nobody cared what came out,” the second source added. The third source, who visited TAO facilities, said bag checks were random and weak.

“If you have a thumb drive in your pocket, it’s going to get out,” they said.

Unsurprisingly, workers need to swipe keycards to access certain rooms. But, “in most cases, it’s pretty easy to get into those rooms without swipe access if you just knock and say who you’re trying to see,” the third source added.

To be clear, The Daily Beast’s sources described the state of security up to 2015—not today. Things may have improved since then. And, of course, the NSA and TAO do of course have an array of security protections in place. TAO operators are screened and people on campus are already going to have a high level clearance, some of the sources stressed. The part of the NSA network that TAO uses, and which contains the unit’s tools, can only be accessed by those with a designated account, according to the source who worked with TAO. Two of the sources believed in the NSA’s ability to track down where a file came from after a breach.

Indeed, the system TAO members use to download their hacking tools for operations has become more heavily audited over the years too, although the network did have a known security issue, in which users could make their own account and automatically gain access to additional information, the source who worked with TAO said.

“The NSA operates in one of the most complicated IT environments in the world,” an NSA spokesperson told The Daily Beast in a statement. “Over the past several years, we have continued to build on internal security improvements while carrying out the mission to defend the nation and our allies.”

“We do not rely on only one initiative. Instead, we have undertaken a comprehensive and layered set of defensive measures to further safeguard operations and advance best practices,” the spokesperson added.

The problem of securing this data from the inside is not an easy one to solve. If the NSA was to lock down TAO systems more ferociously, that could hamper TAO’s ability to effectively build tools and capabilities in the first place, and two of the sources emphasised that excessive searches would likely create a recruiting problem for the agency. “It’s not prison,” one of the former TAO employees said.

“The security is all predicated on you having a clearance and being trusted,” the source who has worked with TAO said.

“The system is just not setup to protect against someone with a clearance who is determined to go rogue,” they added.

Google will pay hackers who find flaws in top Android apps .
Google is probably hoping to raise the quality of apps in the Play store by launching a new bug bounty program that's completely separate from its existing one. Google promises $1,000 for every issue that meets its criteria, but bounty hunters can't simply choose a spammy app (of which there are plenty on the Play Store) to cash in. For now, they can only get a grand if they can find an eligible flaw in Dropbox, Duolingo, Line, Snapchat, Tinder, Alibaba, Mail.ru and Headspace. Google plans to invite more app developers in the future, but they have to be willing to patch any vulnerabilities found...

—   Share news in the SOC. Networks

Topical videos:

This is interesting!