NSA Surveillance, National Security and Privacy

Similar documents
Committee on Civil Liberties, Justice and Home Affairs - The Secretariat - Background Note on

Government Surveillance, Hacking, and Network Security: What Can and Should Carriers Do? Kent Bressie PITA AGM, Tonga April 2015

New York State Energy Planning Board. Cyber Security and the Energy Infrastructure

Case 1:13-cv RJL Document Filed 04/15/14 Page 1 of 5 UNITED STATES DISTRICT COURT FOR THE DISTRICT OF COLUMBIA

Confrontation or Collaboration?

An Overview of Large US Military Cybersecurity Organizations

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

Privacy and data protection in a post-snowden world. Carly Nyst Head of International Advocacy

The Comprehensive National Cybersecurity Initiative

Revealed: how US and UK spy agencies defeat internet privacy and security

TOP SECRET//COMINT//NOFORN JOINT STATEMENT FOR THE RECORD BY MICHAEL LEITER DIRECTOR NATIONAL COUNTERTERRORISM CENTER AND

Cyber Security Metrics Dashboards & Analytics

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Microsoft s cybersecurity commitment

Myths and Facts about the Cyber Intelligence Sharing and Protection Act (CISPA)

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

National Security Agency

Cyber Information-Sharing Models: An Overview

WRITTEN TESTIMONY OF

Middle Class Economics: Cybersecurity Updated August 7, 2015

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks

Written Testimony. Dr. Andy Ozment. Assistant Secretary for Cybersecurity and Communications. U.S. Department of Homeland Security.

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.


Statement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives

Cyber Incident Annex. Federal Coordinating Agencies. Coordinating Agencies. ITS-Information Technology Systems

Working with the FBI

GAO CYBERSECURITY HUMAN CAPITAL. Initiatives Need Better Planning and Coordination

Cyber Incident Annex. Cooperating Agencies: Coordinating Agencies:

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

IN THE WAR ON TERRORISM

US Cyber Marathon. David Ambrose, Chief Security Officer and Chief Privacy Officer Bureau of the Fiscal Service U.S. Department of the Treasury

Oil & Gas Cybersecurity

High Level Cyber Security Assessment 2/1/2012. Assessor: J. Doe

AN INSIGHT TO CYBER WORLD WITH PROF. MICHAEL E.SMITH

Appendix A: Gap Analysis Spreadsheet. Competency and Skill List. Critical Thinking

The main object of my research is :

Information Security Policy

Fundamentals of Network Security - Theory and Practice-

Cybersecurity Primer

GAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement

Counterterrorism and Cybersecurity

SCADA Security Training

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals


Espionage and Intelligence. Debra A. Miller, Book Editor

Cyber Threats in Physical Security Understanding and Mitigating the Risk

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Image credits: Front cover: U.S. Army photo by Sgt. Brandon Little, Task Force XII PAO, MND-B Inside back cover: U.S Army photo by Staff Sgt.

Federal Bureau of Investigation. Los Angeles Field Office Computer Crime Squad

UNM Information Assurance Scholarship for Service (SFS) Program

Comparison of Information Sharing, Monitoring and Countermeasures Provisions in the Cybersecurity Bills

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

Machine-to-Machine Exchange of Cyber Threat Information: a Key to Mature Cyber Defense

Network Service, Systems and Data Communications Monitoring Policy

Request for Records Disposition Authority

GAO CRITICAL INFRASTRUCTURE PROTECTION. Significant Challenges in Developing Analysis, Warning, and Response Capabilities.

STATEMENT OF JOSEPH M. DEMAREST, JR. ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION

Bush Lets U.S. Spy on Callers Without Courts

Cybersecurity Enhancement Account. FY 2017 President s Budget

MARYLAND. Cyber Security White Paper. Defining the Role of State Government to Secure Maryland s Cyber Infrastructure.

Report on CAP Cybersecurity November 5, 2015

Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection

Privacy Impact Assessment EINSTEIN Program

THE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY

Actions and Recommendations (A/R) Summary

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Introduction of the GCCD. (Global Cybersecurity Center for Development)

Ovation Security Center Data Sheet

Cyberterror. Cyberspace computer-mediated communication systems has become a battleground between states and terrorists, and among nation states.

Thank You To Our Sponsors

UNCLASSIFIED JOINT UNCLASSIFIED STATEMENT OF ROBERT S. LITT GENERAL COUNSEL OFFICE OF THE DIRECTOR OF NATIONAL INTELLIGENCE

Transcription:

NSA Surveillance, National Security and Privacy Ir Roy Ko Former HKCERT Manager 20 August 2014 HKIE Veneree Club 1

Agenda Background Edward Snowden National Security Agency (NSA) What NSA has done PRISM XKeyScore Tailored Access Operations Other Tools & Activities US National Cybersecurity Strategy State-sponsored Surveillance & Attacks What s Next 2

Background 3

Edward Snowden 4

Edward Snowden Worker of Dell posted to CIA & NSA Worker of Booz Allen Hamilton posted to NSA (in Hawaii) System Administrator, Infrastructure Analyst 5

Timeline 20-May-13 5-June-13 6-June-13 8-June-13 9-June-13 12-June-13 13-June-13 17-June-13 21-June-13 23-June-13 Snowden boraded plane to Hong Kong The Guardian announced massive leak The Washington Post disclosed PRISM program Boundless Informant program & NSA tools The Guardian published interview video with Snowden US defended - "Terrorist events prevented" SCMP published interview with Snowden Microsoft, Apple, Facebook published number of requests from NSA Tempora program - direct tap into cable Snowden flew to Moscow 6

Timeline 31-July-13 1-August-13 2-September-13 25-November-13 18-December-13 10-March-14 April-14 7-August-14 13-August-14 XKeyScore program (email, IP address) One year temporary renewable Asylum NSA build malware, man-in-the-middle attack, break encryption TAO tools Letter from Snowden Snowden's talk Glenn's book - No Place to Hide 3 year residency permit of Russia Interview with WIRED (MonsterMind) 7

Motive For Leaking the Documents "to inform the public as to that which is done in their name and that which is done against them." 8

National Security Agency (NSA) 9

NSA The core missions are to protect U.S. national security systems and to produce foreign signals intelligence information. global monitoring, collection, decoding, translation and analysis of information and data for foreign intelligence and counterintelligence purposes. Surveillance Activities disclosed: Tapping into communications Installing malicious software Acquiring information from other parties 10

US Law Governing Surveillance Foreign Intelligence Surveillance Act (FISA) Allow secret surveillance of foreign entities to protect national security (warrantless surveillance) A Foreign Intelligence Surveillance Court (FISC) to oversee requests for surveillance warrants Amended in 2001 according to the Patriot Act to include terrorist groups not under any foreign government lone wolf Executive Order 12333 target to non-us citizens only 11

The Documents 50,000 to 200,000 documents downloaded (over 1 million documents touched) July 2013 In addition to U.S. federal documents, there were documents from the "Five Eyes" network About 1.7 million U.S. intelligence files At least 58,000 British intelligence files At least 15,000 Australian intelligence files Glenn Greenwald, journalist at The Guardian Laura Poitras, filmmaker Barton Gellman, journalist at The Washington Post 12

Washington Post Analysis of Intercepted Data 13

What NSA has done 14

The NSA Programs PRISM Boundless Informant Xkeyscore Tailored Access Operations Other Tools & Activities 15

PRISM Collects stored Internet communications requested from Internet companies such as Google. Section 702 of the FISA Amendments Act - companies to turn over any data that match the requirements (search criteria) 16

PRISM 17

PRISM 18

PRISM 19

PRISM 20

PRISM Metadata Header, date/time, duration, persons Information collected not just non-us citizens Information shared with Five Eyes passed to other partners 21

Information requested by NSA During Second Half of 2012 Microsoft had been requested for approximately 31,000 customers Facebook received between 9,000 and 10,000 requests covering 19,000 accounts From 1 December 2012 to 31 May 2013 Apple received 4,000 to 5,000 requests, covering 9,000 to 10,000 devices 22

XKEYSCORE A computer system used to search and analyze Internet data it collects worldwide every day. 23

XKeyscore 24

25

26

NSA Data Centre in Utah Completed in late 2013 27

Boundless Informant A data analysis and visualization tool used to summarize the data collected One month from March 8, 2013 (telephone calls & email) 28

29

Tailored Access Operations (TAO) A cyber-warfare intelligence-gathering unit computer network exploitation NSA ANT catalog List of technology available to aid in cyber surveillance 49 items disclosed 30

COTTONMOUTH Modified USB and Ethernet connectors that can be used to install Trojan, providing covert remote access to the target machine. 31

PICASSO Software that can collect mobile phone location date, call metadata, access the phone s microphone to eavesdrop on nearby conversations. 32

RAGEMASTER A device that taps the video signal from a target's computer's VGA signal output so the NSA can see what is on the monitor 33

NIGHTSTAND Portable system that wirelessly installs Microsoft Windows exploits from a distance of up to eight miles. 34

TAO Tools Surveillance passive, data collection Intrusive remote control change of configuration, system behavior remotely install an exploit in one of the core routers at a major Internet service provider in Syria 35

MonsterMind A program that would automate the hunting for the original source of a foreign cyberattack. It could automatically fire back, with no human involvement. How can it be done?! This is what the researchers around the world have tried to achieve for years!! 36

MonsterMind potential problems Handling of Spoofed attacks False positive & auto-fire Collateral damage - disabling critical civilian infrastructure Massive data storage and analysis 37

Dishfire A massive database that collects hundreds of millions of text messages on a daily basis Data received & stored each day: Geolocation data of more than 76,000 text messages and other travel information 110,000+ names from electronic business cards 800,000+ financial transactions from text-to-text payments or credit cards to phone users Details of 1.6 million border crossings based on the interception of network roaming alerts Over 5 million missed call alerts 38 200 million text messages from around the world

Concerns on Privacy Gathering information from Internet providers & backbone Metadata Metadata or More? Use of the information Can create personal vulnerabilities of an individual Legality National Security Vs Privacy 39

Other Agencies conducting surveillance in US Department of Defense (DoD) Federal Bureau of Investigation (FBI) Central Intelligence Agency (CIA) Department of Homeland Security (DHS) 40

US National Cybersecurity Strategy 41

Survey Conducted on Surveillance Very Concerned Somewhat Concerned Not too concerned Not at all concerned No Opinion The government s ability to tap into a suspect s computer and follow their Internet Usage October 2013 35 29 20 15 1 September 2000 47 26 16 11 Software which allows the government to tap into all Internet email, searching for incriminating evidence of any kind October 2013 51 26 14 8 1 September 2000 63 23 9 5 42

Before 911 End of Cold War Development of Internet, Networked Society Morris Worm, Computer Emergency Response Team Kevin Mitnick Open & Free Environment 43

Before 911 1994, 1999 President National Security Strategy Report National Defense Panel, Dec 1997 Presidential Decision Directive 63 (PDD 63), 1998 44

Before 911 Defense Objective Open Communication Information Classification Critical Infrastructure Protection Security Advisory Council National Security Agency Department of Defense 45

After 911 Strengthen Preventive Measures Intelligence Gathering National Security Strategy to protect cyberspace 46

After 911 Patriot Act to collect anti-terrorism infomation Department of Homeland Security Computer Emergency Readiness (Response) Team US-CERT From Open to Control Environment 47

Cyber Security Strategy in United States Leading from the Top Sharing Responsibility for CyberSecurity private sector & government international community Information Sharing and Incident Response incident response framework information sharing & capability improvement improve cybersecurity for all infrastructure Encouraging Innovation Action Plans 48

State-sponsored Cyber Attacks From surveillance to attack Outage of Critical Infrastructure Disruption of Government/Business Examples Stuxnet Worm & its variants Internet Outage of Syria 49

What s Next 50

NSA Reform Bill passed control over bulk data collection More leaked documents More leakers controls in NSA are still weak How About Other Countries Cyberwar Cyber Army 51

Thank You 101royko@gmail.com 52

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information