What's New The secret court set up to oversee the National Security Agency's snooping program has given the green light for the agency to continue its information dragnet. The Office of the Director of National Intelligence confirmed on Friday that the Foreign Intelligence Surveillance Court had renewed the NSA's authority to collect "certain telephony metadata under the business records provision of the Foreign Intelligence Surveillance Act," authority, which expired on July 19, 2013. "The DNI has decided to declassify and disclose publicly that the Government filed an application with the Foreign Intelligence Surveillance Court seeking renewal of the authority to collect telephony metadata in bulk, and that the Court renewed that authority," ODNI said in a release. "The Administration is undertaking a careful and thorough review of whether and to what extent additional information or documents pertaining to this program may be declassified, consistent with the protection of national security," the release added. The existence of the surveillance program, known as PRISM, was first disclosed by former U.S. intelligence contractor Edward Snowden, who gave a copy of a FISC order to The Guardian newspaper in June. The secret order authorized the NSA to collect on a daily basis "all call detail records or 'telephony metadata' created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local calls." The order identified telephony metadata as "comprehensive communications routing information," such as session identifying information, trunk identifiers, telephone calling card numbers, and time and duration of calls. In June, Director of National Intelligence James Clapper confirmed the existence of the intelligence collection program. "Section 702 is a provision of FISA that is designed to facilitate the acquisition of foreign intelligence information concerning non-U.S. persons located outside the United States. It cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States," he said in a statement. Clapper also stressed that the "unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans," suggesting that the documents Snowden leaked were authentic. The FISC order published by The Guardian would seem to contradict Clapper's assertion about the targets of the U.S. government surveillance, as it directs Verizon to supply telephony metadata for calls within the United States, including local calls. In fact, the order explicitly states that it "does not require Verizon to produce telephony metadata for communications wholly originating and terminating in foreign countries." So the notion that the NSA surveillance only involves foreigners located outside the United States" is contradicted by the order leaked by Snowden. The renewal of NSA's authority under this program will no doubt fuel calls by civil liberties groups and others concerned about the privacy implications of the program to halt it or at least provide greater transparency about its operations. For more: - see the ODNI release - read the leaked FISC order - check out Clapper's statement Related Articles: US, China kick off cybersecurity talks amid more Snowden leaks Spying could undermine European trust in U.S. cloud firms, warns EU official Malware, and Breaches, and Snowden--Oh my! Read more about: DNI, Telephony Metadata back to top This week's sponsor is HP. | | Know the Top 3 Mobile Application Threats According to Morgan Stanley Research, the smart phone will become the dominant computing platform by the end of 2013, with more units being sold than desktop and laptop computers combined. It's been a remarkable and rapid transformation, and ease of use and flexibility have outpaced security. This paper will tell you how to prevent sensitive data leakage over insecure channels or stolen devices. | IT behemoth Cisco (NASDAQ: CSCO) announced Tuesday that it will pay $76 per share, for a total of $2.7 billion, to acquire network security firm Sourcefire. The acquisition news fueled a 28 percent increase in Sourcefire's share price in morning trading on Tuesday, bringing the share price up close to the $76 per share Cisco agreed to pay. The acquisition appears to fit in with Cisco's broader competitive philosophy: If you can't beat them, acquire them. Cisco has been losing market share in the network security market to the likes of Check Point Software Technologies, Fortinet, and Palo Alto Networks. According to figures from research firm IDC, Cisco saw its revenue in the security appliance market shrink by 5.9 percent year-over-year in the fourth quarter of 2012, while Check Point and Fortinet posted revenue increases that quarter.Other vendors that had strong quarters included Sourcefire, Blue Coat, Palo Alto Networks, Barracuda, and Dell SonicWall. In the highly competitive and fluid security market, Intel's (NASDAQ: INTC) McAfee also recently made a major acquisition move, buying up Stonesoft, a Finnish next-generation firewall firm, for $389 million in cash. Cisco has been on a buying spree this year. Recent Cisco acquisitions include data virtualization firm Composition Software; software firm JouleX; mobility firm Ubiquisys; cloud services firm SolveDirect; network security firm Cognitive Security; and networking firm Intucell. For more: - see Cisco's release - check out IDC's figures Related Articles: Intel's McAfee ponies up $389M in cash for next-generation firewall firm Enterprises turn to DDoS prevention appliances to fend off increasing number of attacks McAfee completes acquisition of Finnish firewall firm Stonesoft Read more about: Sourcefire back to top An "intruder" may have broken into Apple's developer website and stolen the names, business mailing addresses, and email addresses of registered developers, according to an email sent by the company to developers on Sunday, July 21. The incident prompted Apple to take down the site to investigate, and put in place additional security measures, the email, obtained by MacWorld, explained. Apple stressed that personal information was encrypted and could not be accessed. "In order to prevent a security threat like this from happening again, we're completely overhauling our developer systems, updating our server software, and rebuilding our entire database," an Apple spokesperson wrote. No customer information was compromised, Apple told MacWorld. Security researcher Ibrahim Balic said in a comment to a TechCrunch story about the breach that he was the one responsible for hacking into the developer site. He said he did not do it to cause "harm or damage," but "to report bugs" and collect data to demonstrate the security vulnerability to Apple. Balic said he was able to obtain details on more than 100,000 users of the developers' site by exploiting the security holes he discovered. Lysa Myers of Mac Security Blog blamed Apple for taking too long to disclose the "breach," and then using inflammatory language in its email to developers, such as "intruder." At the same time, Balic disclosed information on some of the Apple developers in a video describing his security testing. "This story is full of missteps on both sides: Apple did take their site down within a few hours of the report of the breach, but they waited several days to announce it to developers. Balic may have quietly, responsibly, disclosed the vulnerabilities to Apple, but then he effectively doxed the developers whose information he stumbled upon," Myers wrote. This could end up being a tempest in a teapot. Perhaps if Apple had responded to Balic's bug reports more quickly and had disclosed the issue to developers when it happened, all of this could have been avoided. For more: - see Macworld story with Apple letter - check out Balic's comment to the TechCrunch report - read the Mac Security Blog story Related Articles: Spotlight: New Mac spyware uses old disguise 'Dramatic increase' in Apple phishing emails, warns Kaspersky Lab Hackers could exploit security bugs in QuickTime, Apple warns Read more about: Ibrahim Balic, personal information breach back to top Attackers could gain access to millions of mobile phones through a security flaw in their SIM cards and steal payment credentials, warned Karsten Nohl, a security researcher at Security Research Labs. If hackers could commandeer the SIM cards, they could impersonate the mobile phone users and use the payment credentials to make purchases, Nohl wrote. He added that hackers could gain access to the SIM cards through over-the-air updates that are deployed via encrypted SMS messages to the SIM cards, many of which rely on a 1970s-era DES cipher for their encryption. "DES keys were shown to be crackable within days using FPGA clusters, but they can also be recovered much faster by leveraging rainbow tables similar to those that made GSM's A5/1 cipher breakable by anyone," Nohl related. To get the DES key, an attacker could send a binary SMS to a target SIM card. In many cases, the SIM responds to the binary SMS with an error code, carrying the encryption signature. A rainbow table, which is a precomputed table used for cracking password hashes, takes two minutes on a standard computer to obtain the key from the signature, Nohl explained. Once the key is obtained, the hacker sends a properly signed binary SMS, which downloads Java applets onto the SIM card. "Applets are allowed to send SMS, change voicemail numbers, and query the phone location, among many other predefined functions. These capabilities alone provide plenty of potential for abuse," he wrote. Nohl told the New York Times that he tested around 1,000 SIM cards on mobile phones in Europe and North America over a two-year period. About one-quarter of those SIM cards with the older encryption were vulnerable. He estimated that around 750 million cell phones could be at risk to hacking through this method. Before going public, Nohl provided his research to the GSMA mobile phone trade association. "We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted," Claire Cranton, a spokeswoman for the association, told the newspaper. She added that it was likely only a minority of phones using the older standard "could be vulnerable." For more: - see Nohl's blog - read the New York Times article Related Articles: Cheaper prices, improved efficiency fueling enterprise M2M adoption Spotlight: Embedded SIM technology to spur mobile vehicle connectivity Current Analysis: M2M security worries mount as enterprise usage grows Read more about: encryption back to top Under pressure from Parliament, the U.K. government has launched a probe into a center set up by Chinese telecom gear maker Huawei in southern England to test the security of its telecom gear before it is deployed into the U.K. critical national infrastructure. The parliamentary intelligence and security committee (ISC) raised a red flag in June about Huawei's relationship with the national carrier BT and role Huawei plays in supplying equipment to key telecom infrastructure projects. Huawei's commercial relationship with BT dates back to 2003. Concern has been expressed in the United States and Australia that Huawei, which was set up by a former People's Liberation Army officer, has retained its ties with the Chinese government and agreed to provide backdoors into its equipment to enable the government to conduct cyberespionage. The company and Chinese government have consistently denied these accusations. The committee expressed concern that the center, which is intended to examine Huawei equipment to ensure it does not contain any security holes, was set up and is run by Huawei. In addition, use of the center by U.K. firms that purchase Huawei gear is voluntary. In response, the U.K. government said the country's national security advisor would conduct a review of the center's operations and report to the prime minister later this year. At the same time, the government said that the current process for reviewing Huawei's telecom equipment is inadequate. "Our work with Huawei and their UK customers gives us confidence that the networks in the UK that use Huawei equipment are operated to a high standard of security and integrity," the government's response stressed. In a statement quoted by The Guardian newspaper, Huawei said that it "shares the same goal as the UK government and the ISC in raising the standards of cyber security in the UK and ensuring that network technology benefits UK consumers." For more: - see the parliamentary committee's report - check out the U.K. government's response - read The Guardian article Related Articles: US, China kick off cybersecurity talks amid more Snowden leaks DoJ clears Softbank's acquisition of Sprint Senators ask US agencies to consider security risk of Softbank purchase of Sprint Read more about: Chinese cyberespionage, UK government back to top |
No comments:
Post a Comment
Keep a civil tongue.