Tag Archive for 'espionage'
Above: AM Radio made from everyday materials that requires no power supply. The radio is powered from the energy in the radio waves themselves and utilises public spaces by latching onto the nearest pole, tree or lamppost, in order to give it structure and a place to be listened to. (How this actually works I am not sure, but if we cannot take an artists’ word for it, then where would be?) [link]
For other DIY projects, consider the following:
A vague subterranean world reveals itself, little by little, and there the pale, grave, immobile figures that dwell in limbo loosen themselves from shadow and darkness. And thus, the tableau shapes itself, a new clarity illuminating and setting into play these bizarre apparitions; the world of spirits opens itself to us.
Tools required:
1 comfortable chair, preferably of the cushy recliner variety
1 metal spoon
1 metal bowl or large ceramic plate
notepad and pencil
time – about half an hour depending on current state of alertness
[link]
The US Office of the National Counterintelligence Executive recently published a four-part reader as an accompaniment to the lectures they conduct:
Our reader’s three volumes cover counterintelligence’s past and present. Nevertheless they form a whole: the first volume provides material elucidating counter- intelligence’s antecedents from the American Revolution to World War II. Volume two focuses on World War II while volume three begins with the Atom Bomb spies and concludes with the latest espionage cases. History is more than background; it is the framework of the present.
We have taken material from official government documents, indictments from several espionage cases, and articles written by professors, scholars and counterintelligence officers. We have abridged some selections while trying not to change the sense of the original but we have not altered the original usage of the English language.
Each chapter in the three volumes has an introduction, which sketches out the main trends and characteristics of the period in question. There is a chronology with each chapter for volumes one and three, but volume two only has one chronology to cover the entire period. At the end of each chapter is a selected bibliography. We hope this will help you get a sense of the period as a whole. The reader is not all-inclusive and people may disagree with our selections, but at least we hope to have provided sufficient material to entice our colleagues to do further research.
Counterintelligence is a fascinating and challenging discipline. Our response to these challenges is determined, not by the requisites of the immediate situation but by our historical legacy. Thus we urge that the materials presented in the three volumes be read, not as background to the present, but as part of the present itself.
A fourth volume covers recent spying successes, failures, programs and reports.
An analyst at Websense Security Labs did a study of the “wolfteeth bot catcher”, a tool coming out of China that allows a user to specify a particular range of IP addresses and then search for and exploit the MS08-067 bug in Windows, installing any malicious code they may choose. Careful though! It seems the authors of this program included a backdoor so that installing it also pulls you into their botnet. Here is the link for the disection, an interesting bit of thick texture even if the details are lost on you.
IEEE Spectrum published an article this past May about the growing concern within defense circles about the loss of oversight along the military hardware supply chain. With many of the semiconductor components manufactured in the People’s Republic of China, rumors and fears of maliciously implanted “backdoors” abound:
According to a U.S. defense contractor who spoke on condition of anonymity, a “European chip maker” recently built into its microprocessors a kill switch that could be accessed remotely. French defense contractors have used the chips in military equipment, the contractor told IEEE Spectrum. If in the future the equipment fell into hostile hands, “the French wanted a way to disable that circuit,” he said. Spectrum could not confirm this account independently, but spirited discussion about it among researchers and another defense contractor last summer at a military research conference reveals a lot about the fever dreams plaguing the U.S. Department of Defense (DOD)…
Vetting a chip with a hidden agenda can’t be all that tough, right? Wrong. Although commercial chip makers routinely and exhaustively test chips with hundreds of millions of logic gates, they can’t afford to inspect everything. So instead they focus on how well the chip performs specific functions. For a microprocessor destined for use in a cellphone, for instance, the chip maker will check to see whether all the phone’s various functions work. Any extraneous circuitry that doesn’t interfere with the chip’s normal functions won’t show up in these tests…
Nor can chip makers afford to test every chip. From a batch of thousands, technicians select a single chip for physical inspection, assuming that the manufacturing process has yielded essentially identical devices. They then laboriously grind away a thin layer of the chip, put the chip into a scanning electron microscope, and then take a picture of it, repeating the process until every layer of the chip has been imaged. Even here, spotting a tiny discrepancy amid a chip’s many layers and millions or billions of transistors is a fantastically difficult task, and the chip is destroyed in the process…
The Pentagon is now caught in a bind. It likes the cheap, cutting-edge devices emerging from commercial foundries and the regular leaps in IC performance the commercial sector is known for. But with those improvements comes the potential for sabotage. “The economy is globalized, but defense is not globalized,” says Coleman. “How do you reconcile the two?” [link]
With respect to recent news pertaining to electronic security and surveillance see also:
- Team demonstrates ability to capture a wired keyboards keystrokes from upto 20m [video]
- New strategies to utilize the parallel computing of graphics processors further errodes wireless security
- Security experts say they have discovered a flaw in a core internet protocol that can be exploited to disrupt just about any device with a broadband connection
Accompanying the recent military action on the ground in Georgia was a cyber campaign that took down many government sites and generally impeded the dissemenation of information throughout the country. Shortly after things cooled down in Georgia, a collection of security researchers in and around the intelligence community got together under the banner of “Project Grey Goose” in an attempt to see if open source information, particularly through semantic analysis of Russian hacker forums, could be used to unmask those responsible. The team drew widely from the community:
- Lewis Shepherd – former CTO, Defense Intelligence Agency; CTO, Microsoft Institute for Advanced Technology in Governments
- Bob Gourley – former CTO, Defense Intelligence Agency; founder, Crucial Point LLC, a technology research and advisory firm
- Matt Devost - former Senior INFOSEC Engineer at SAIC; Security Consultant to foreign governments and corporations; President, Total Intelligence Solutions
- Preston Werntz – Project Manager, Newbrook Solutions, currently engaged at DHS Office of Intelligence and Analysis
- Derek Plansky – former Director, Lexis-Nexis Risk and Information Analytics Group; President, Informatic Ideas Consulting
- Andrew Conway – former analyst performing classified work for a three letter agency analyzing leadership emergence in covert networks; currently a Ph.D candidate in Politics, NYU
- Jeremy Baldwin – Analytic Tradecraft Developer, The Analysis Corporation [source]
Following 56 days of investigation the group has published its findings [pdf] [intelfusion blog]. The conclusions?
- We assess with high confidence that the Russian government will likely continue its practice of distancing itself from the Russian nationalistic hacker community thus gaining deniability while passively supporting and enjoying the strategic benefits of their actions.
- We assess with high confidence that nationalistic Russian hackers are likely adaptive adversaries engaged in aggressively finding more efficient ways to disable networks.
- We judge with moderate confidence that a journeyman-apprentice relationship will continue to be the training model used by nationalistic Russian hackers.
- We estimate with moderate confidence that hacker forums engaged in training Russian cyber warriors will continue to evolve their feedback loop which effectively becomes their Cyber Kill Chain.
- After analyzing over 200 posts in the Xakep.ru and StopGeorgia.ru forums, as well as Georgian network server data, Grey Goose analysts were able to discern a cyber kill chain which is comprised of the following steps:
- 1) Encourage novices through patriotic imagery and rhetoric to get involved in the cyber war against Georgia
2) Publish a target list of Georgian government Web sites which have been tested for access from Russian and Lithuanian IP addresses.
3) Discuss and select one of several different types of malware to use against the target Web site.
4) Launch the attack
5) Evaluate the results (optional step)
- We assess with high confidence that all visitors to Russian hacker forums which originate from U.S. IP addresses will be monitored.