Year 2014 will be a year of cybersecurity after the NSA revelations made in 2013: The headline news is that the NSA has surreptitiously “burrowed its way into nearly all the security architecture” sold by the world’s largest computer networking companies. A lot of people were shocked how NSA monitored and hacked almost everything in Internet. There will still be NSA aftershocks after new material comes out and different parties react to them (and news sources write about them). U.S. cloud services have been put into question for good reason. There will be a lot of NSA spying litigation. Those spying issues will also fuel some haktivism (it has already started to happen).
Security Professionals: Top Cyber Threat Predictions for 2014 article lists the following predictions that seem to pretty propable: Cybersecurity Regulatory Efforts Will Spark Greater Need for Harmonization, Service-Impacting Interruptions for Online Services Will Persist, We Will See an Increase in Cybercrime Activity Related to the World Cup, Rise of Regional Cloud Services, Dev-Ops Security Integration Fast Becoming Critical, Cybercrime that Leverages Unsupported Software will Increase, Increase in Social Engineering and Ransomware will Impact More People.
Ubiquitous mobile computing is all around us, which will lead to increased risks and concerns about social network privacy. Social networks have quickly become the key organizing principle of Internet communication and collaboration. Android anti-virus apps CAN’T kill nasties on sight like normal AV.
2013 was a very hacked year when there was many cases where information on millions or tens of millions of users were stolen from companies. It’s likely that we will see much more of the same in 2014, the way people use passwords and how the on-line services are built have not changed much in one year.
Gartner predicts that through 2014, improved JavaScript performance will begin to push HTML5 and the browser as a mainstream enterprise application development environment. I expect that HTML5 related security issues are increased due the fact that the technology being used more in 2014.
Over 50% of net traffic to web sited made by bots! More Than Half of Internet Traffic Is Just Bots article says that security and cloud service provider Incapsula analyzed and found out that more than 60 percent of internet traffic is computer generated, compared to less than 40 percent of traffic that is driven by human clicks. 31% of Bots Are Still Malicious. SEO link building has always a major motivation for automated link spamming, but it is decreasing due the fact that Google was able to discourage it. There are more advanced hacking and automatic vulnerability searching.
DDoS attacks are evolving from volumetric Layer 3-4 attacks to much more sophisticated and dangerous Layer 7 multi-vector threats.
There will be still many SCADA security issues in 2014. Even though traditional SCADA vulnerabilities have become easier to find, the increased connectivity brought with IoT will cause new issues. And there will still be very many controls systems openly accessible from the Internet for practically everybody who knows how to do that. There was a large number of SCADA systems found open in Internet in the beginning of 2013, and the numbers have not considerably dropped during the year. I expect that very many of those systems are still too open in the end of 2014.
The Internet is expanding into enterprise assets and consumer items such as cars and televisions. The Internet of Things (IoT) will evolve into the Web of Things, increasing the coordination between things in the real world and their counterparts on the Web. There will be many security issues to solve and as the system become more widely used more security issues on them will be found in them.
Cloud security will be talked about. Hopefully there will be some clear-up on the terminology on that area, because cloud security can mean a lot of things like the term cloud computing. Cloud security could mean how secure your cloud provider is, a service that runs on cloud filtering what comes through it (for example e-mails, web traffic), it could mean to product protecting some service running on cloud, or it could be a traditional anti-virus service that connects to cloud to advance it’s operation (for example update in real-time, verify unknown programs based on data on cloud). Research firm Gartner forecasts that cloud security sales will increase dramatically in the next few years. Cloud Security sales have increased over the past year by 2.1 billion to $ 3.1 billion in 2015.
Marketers try to put “cloud” term to security product brochures as much as they can. Cloud made from the traditional information security sound old-fashioned because companies are under pressure to move services to the cloud. Also, mobile devices and information security dispersed users to set new standards. OpenDNS ‘s CTO Dan Hubbard says that “Because of the data and equipment run in the cloud users with the cloud is the best way to protect them.” The Snowden Effect will also bring this year of PRIVATE cloud talk on table for security reasons because U.S. cloud services have been put into question for good reason.
In Finland a new Cyber Security Center started in the beginning of 2014. Security articles and warnings from it will be published at kyberturvallisuuskeskus.fi.
Late addition: Crypto-currencies like Bitcoin and similar are on the rise. Early adopters already use them already actively. Those crypto-currencies have many security related issues related to them. The values of the crypto-currencies vary quite much, and easily the value drops considerably when they get so used that different governments try to limit using them. Bitcoin is increasingly used as ramsonware payment method. Bitcoins have been stolen lately quite much (and I expect that to increase when usage increases), and those are stolen from users, on-line wallets and from exchanges. When more money is involved, more bad guys try to get into to get some of it. Sometimes bad guys do not try to steal your money, bit use resources you pay (your own PC, your server capacity, etc.) to generate money for them without you knowing about it. If you plan to use those crypto-currencies be careful to understand what you are doing with them, there is a real possibility that you can loose your money and there is no way that lost money can be recovered.
3,382 Comments
Tomi Engdahl says:
UPS Denies Helping the NSA ‘Interdict’ Packages
http://tech.slashdot.org/story/14/05/30/1226202/ups-denies-helping-the-nsa-interdict-packages
When Glenn Greenwald’s book came out recently, one of the most startling revelations was that the NSA has been intercepting shipments of networking gear to add spyware.
UPS spokeswoman Kara Ross wrote in an e-mail to TheBlot Magazine. “UPS is not aware of any court orders from the NSA seeking to inspect technology-related shipments.”
Exclusive: Courier Services Deny Participation in NSA Interception Program
http://theblot.com/exclusive-courier-services-deny-participation-nsa-interception-program-7719950
The delivery company Cisco uses to ship hardware around the world has denied participation in a program run by the National Security Agency in which agents intercept packages as they are en route to customers for the purpose of installing bugs and spy software.
One way the TAO agents would install the spy equipment is by intercepting packages as they are en route to customers overseas, a process known as “interdiction.”
“Shipments of computer network devices (servers, routers, etc.) being delivered to our targets around the world are intercepted,” a classified NSA document explaining the program said. “Next they are redirected to a secret location where [TAO] employees, with the support of the Remote Operations Center…enable the installation of beacon implants directly into our targets’ electronic devices. These devices are then re-packaged and placed back into transit to their original destination.”
The document suggests the packages are intercepted after they’ve been shipped by Cisco, meaning they would be in the custody of a courier service when NSA obtains them.
In a blog post published last week, Cisco executive Mark Chandler said the company regularly complies with government regulations regarding the export of its computer equipment to customers overseas, but denounced the claim that the government “took steps to compromise IT products enroute [sic] to customers.”
Tomi Engdahl says:
Unknown Vulnerability Management
http://www.codenomicon.com/solutions/unknown-vulnerability-management/
In all forms of cyber attacks, the access into the system or device is enabled by a vulnerability in the code. Thus, the number one security priority should be finding and fixing vulnerabilities in both in-house and third-party developed code. Vulnerability management is often understood as scanning for known vulnerabilities, but finding the unknown vulnerabilities is equally important.
There are two types of vulnerabilities: known and unknown. Known vulnerabilities have already been found and reported. The best way to keep up with known vulnerabilities is to subscribe to regular security updates from comprehensive vulnerability databases. These databases contain all reported vulnerabilities, leaving you to simply determine, which security issues are applicable to you. Unknown vulnerabilities are vulnerabilities that have not yet been found. Especially new technologies and proprietary code extensions are frequently infested with unknown vulnerabilities. However, unknown vulnerabilities also cause problems in other technologies too.
The best way to discover unknown vulnerabilities is Fuzzing, a form of attack simulation, in which vulnerabilities are triggered by abnormal inputs.
Tomi Engdahl says:
The BUZZ on FUZZING
http://www.codenomicon.com/products/buzz-on-fuzzing.shtml
Fuzzing or fuzz testing is a negative software testing method that feeds a program, device or system with malformed and unexpected input data in order to find defects.
Tomi Engdahl says:
Hackers pose as hacks: Iranian crew uses Facebook to spy on US defence bods – report
Three-year-old campaign also targets UK, Saudi Arabia, Iraq
http://www.theregister.co.uk/2014/05/30/fake_journos_iranian_spy_caper/
An Iran-based hacking network used fake Facebook and other social media profiles to “befriend” and spy on US lawmakers and defence contractors in the US and Israel, among other targets, according to a new report.
According to the study, the hackers attempted to get “friendly” with US lawmakers, defence contractors and “at least one four-star general” using fake personas on social networking sites (Facebook, Twitter, LinkedIn, Google+, YouTube, Blogger).
The social network engineering was used in a co-ordinated effort ultimately aimed at obtaining the log-in credentials to the email systems of their victims.
“The proliferation of news organizations and sites worldwide lulled officials into a false sense of security that they were dealing with legitimate media,”
The Iranian authorities, along with those in North Korea, are active in using social media for propaganda purposes while cracking down hard on its use by the general population
Tomi Engdahl says:
Half of American adults hacked this year
http://money.cnn.com/2014/05/28/technology/security/hack-data-breach/
2014 is quickly becoming the year of the hack. Get used to it. Massive data breaches are becoming a monthly occurrence.
Hackers have exposed the personal information of 110 million Americans — roughly half of the nation’s adults — in the last 12 months alone.
The damage is real. Each record typically includes personal information, such as your name, debit or credit card, email, phone number, birthday, password, security questions and physical address.
Cyberattacks are growing so numerous that we’re becoming numb to them. Researchers at IT company Unisys (UIS) say we’re now experiencing “data-breach fatigue.” Even the most recent numbers make for a dizzying list:
70 million Target customers’ personal information, plus 40 million credit and debit cards
33 million Adobe user credentials, plus 3.2 million stolen credit and debit cards
4.6 million Snapchat users’ account data
3 million payment cards used at Michaels
1.1 million cards from Neiman Marcus
“A significant number” of AOL’s 120 million account holders
Potentially all of eBay’s 148 million customers’ credentials
Why does this keep happening?
First, we’re increasingly moving our lives online.
Second, hacks are getting more sophisticated. Offensive hacking weapons are numerous and cheap. And hackers have learned to quietly roam inside corporate networks for years before setting off any alarms.
“Now attackers are very focused,”
Tomi Engdahl says:
Ponemon Institute Releases 2014 Cost of Data Breach: Global Analysis
http://www.ponemon.org/blog/ponemon-institute-releases-2014-cost-of-data-breach-global-analysis
Throughout the world, companies are finding that data breaches have become as common as a cold but far more expensive to treat. With the exception of Germany, companies had to spend more on their investigations, notification and response when their sensitive and confidential information was lost or stolen. As revealed in the 2014 Cost of Data Breach Study: Global Analysis, sponsored by IBM, the average cost to a company was $3.5 million in US dollars and 15 percent more than what it cost last year.
Critical to controlling costs is keeping customers from leaving.
As a preventive measure, companies should consider having an incident response and crisis management plan in place.
An interesting finding is the important role cyber insurance can play in not only managing the risk of a data breach but in improving the security posture of the company.
Tomi Engdahl says:
As Mining Demand Grows, Data Center Firms Begin Accepting Bitcoin
http://www.datacenterknowledge.com/archives/2014/05/30/mining-demand-grows-data-center-firms-begin-accepting-bitcoin/
Cryptocurrency businesses can now use Bitcoin to purchase large chunks of data center space for their mining operations. Wholesale data center developer Server Farm Realty and colocation specialist C7 Data Centers each announced this week that they will accept customer payments in Bitcoin, the digital currency seeking to move from novelty status to payment platform.
Tomi Engdahl says:
Why Gadgets in the Internet of Things Must Be Programmed to Die
http://www.wired.com/2014/05/iot-death/
Everyone’s talking about the internet of things. They talk about smart lightbulbs programmed to glow purple when it rains, and smoke detectors that do email alerts, and routers that network our houses. But there’s one thing they’re not talking about, and that could be a problem. No one is asking whether these devices should also be programmed to die when they get old.
It’s a question posed by Dan Geer, a well-respected security researcher who also serves as chief security officer at the Central Intelligence Agency’s venture firm, In-Q-Tel. Geer sees an emerging danger in the growing number of internet-connected devices whose software hasn’t been updated in a while, making them vulnerable to hackers. “They have sentient opponents,” he says. “Given that, an internet of things that is immortal will eventually be taken over.”
This problem will only get worse as the internet of things grows. So many devices that were once unremarkable will morph into mini-computers that hackers will view as targets, things that can be misused for evil purposes.
The world got a taste of this problem earlier this year when malicious software called the Moon Worm started infecting Linksys routers around the world. Linksys issued patches for the moon worm, but vendors don’t support their products forever.
Researchers have studied the way that security vulnerabilities are discovered, and what they’ve found is that security bugs will keep cropping up, long after most software is released.
Geer believes that when a product hits its end-of-life, the company that made it should release it as open-source software, so that there’s at least a chance that it can be patched and updated.
Tomi Engdahl says:
N.S.A. Collecting Millions of Faces From Web Images
http://www.nytimes.com/2014/06/01/us/nsa-collecting-millions-of-faces-from-web-images.html?_r=0
The National Security Agency is harvesting huge numbers of images of people from communications that it intercepts through its global surveillance operations for use in sophisticated facial recognition programs, according to top-secret documents.
The agency intercepts “millions of images per day” — including about 55,000 “facial recognition quality images”
Tomi Engdahl says:
Exclusive: Inside the FBI’s Fight Against Chinese Cyber-Espionage
http://www.foreignpolicy.com/articles/2014/05/27/exclusive_inside_the_fbi_s_fight_against_chinese_cyber_espionage
An American solar panel company wondered why Chinese firms kept undercutting their prices. Then the FBI knocked on their door.
SolarWorld was fighting a losing battle. The U.S. subsidiary of the German solar panel manufacturer knew that its Chinese competitors, backed by generous government subsidies, were flooding the American market with steeply discounted solar panels and equipment, making it practically impossible for U.S. firms to compete. What SolarWorld didn’t know, however, was that at the same time it was pleading its case with U.S. trade officials, Chinese military hackers were breaking into the company’s computers and stealing private information that would give Chinese solar firms an even bigger unfair advantage, including the company’s pricing and marketing strategies.
SolarWorld learned about the hacking not from some sophisticated security software or an outside consultant, but from FBI agents. In early July 2012, they called the company and alerted executives to a “persistent threat, some kind of attack,”
That federal investigators already knew SolarWorld had been hacked reveals the extensiveness of the Obama administration’s campaign, mounted almost entirely in secret, to turn the tables on Chinese spies, who U.S. officials say are responsible for nearly $300 billion a year in stolen intellectual property and lost business to American companies, and who have cost Americans jobs.
Tomi Engdahl says:
Iran Is Using a Neocon to Hack Its Foes
http://www.thedailybeast.com/articles/2014/05/29/iran-is-using-a-neocon-to-hack-its-foes.html
In Iran’s intelligence war against America, the regime has a new weapon: “John R. Bolton.”
No, Iran has not turned President Bush’s former ambassador to the United Nations into a sleeper agent. Instead, hackers believed to be connected to the Tehran government are posing as Bolton on social media platforms in a scheme to get human rights activists and national security wonks to hand over their passwords and user names.
The fake Bolton LinkedIn account provides a window into how Iran’s hackers are trying to penetrate the policy networks of their government’s adversaries.
In his research, Hultquist also saw from the time stamps that most of the activity on these fake profiles was conducted during business hours in Iran.
Tomi Engdahl says:
Your devices Heartbleeding – again
Access points, Android devices fall to Cupid’s arrow
http://www.theregister.co.uk/2014/06/02/your_devices_heartbleeding_again/
Heartbleed is still offering rich pickings for security researchers, and presumably hackers, with Luis Grangeia of Sysvalue demonstrating attacks against wireless (and some wired) networking infrastructure using libraries linked to vulnerable OpenSSL versions.
The Lisbon-based researcher has demonstrated that this affects wireless infrastructure, some Android devices, Radius servers, and possibly reaching as far as iOS, OS X, and VoIP phones.
The basis of the “Cupid” attack tool demonstrated by Grangeia in this slideshow is that the popular EAP-PEAP, EAP-TTLS and EAP-TLS authentication protocols might (depending on the underlying implementation) use the vulnerable version of OpenSSL.
As Grangeia notes: “All these use a TLS tunnel over EAP to secure some part of the authentication process”.
Tomi Engdahl says:
The Sudden Policy Change In Truecrypt Explained?
TrueCrypt warrant canary confirmed?
http://meta.ath0.com/2014/05/30/truecrypt-warrant-canary-confirmed/
Looking at the sudden new content on the TrueCrypt site, the most plausible explanation for me was that it was an attempt to tip people off that they had been tracked down and sent a National Security Letter, without actually breaking the law.
Bruce Schneier doesn’t know what’s going on either, and there are some interesting comments on his posting.
https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html
Tomi Engdahl says:
FORGET OUR PAST, 12,000 Europeans implore Google
Digital Foreign Legion recruiting rapidly
http://www.theregister.co.uk/2014/06/02/12000_europeans_ask_google_to_forget_them/
A widely distributed report by Agence-France Presse quotes a Google official as saying 12,000 Europeans have asked the ad-slinging giant to omit some search results linked to their name.
If the AFP report is correct, Europe clearly houses a decent number of folks who want Google to just forget they ever existed, at least partially. And that’s just the day one total
Tomi Engdahl says:
Flaws open gates to WordPress en-masse SEO beat-down
Call for patching bound to fall on deaf ears.
http://www.theregister.co.uk/2014/06/02/flaws_open_gates_to_wordpress_enmasse_seo_beatdown/
WordPress sites running the popular All in One SEO Pack plugin could have search rankings beaten down by readers and malicious code injected into pages due to dangerous vulnerabilities patched yesterday.
The flaws allowed hackers to launch privilege escalation and cross site scripting attacks against vulnerable sites running old versions below 2.1.6. The plugin has been downloaded nearly 19 million times.
The plugin was used to easily configure WordPress sites for search engine optimisation including link and meta tag generation.
Tomi Engdahl says:
Meet the Man Hired to Make Sure the Snowden Docs Aren’t Hacked
http://mashable.com/2014/05/27/micah-lee-greenwald-snowden/
In early January, Micah Lee worried journalist Glenn Greenwald’s computer would get hacked, perhaps by the NSA, perhaps by foreign spies.
Greenwald was a target, and he was vulnerable. He was among the first to receive tens of thousands of top secret NSA documents from former contractor Edward Snowden, a scoop that eventually helped win the most recent Pulitzer prize.
Though Greenwald took precautions to handle the NSA documents securely, his computer could still be hacked.
Lee, 28, is the technologist hired in November to make sure Greenwald and fellow First Look Media employees use state-of-the-art security measures when handling the NSA documents, or when exchanging emails and online chats with sensitive information.
Lee’s position is rare in the media world. But in the age of secret-spilling and the government clampdown on reporters’ sources, news organizations are aiming to strengthen their digital savvy with hires like him.
Since the beginning, Greenwald had stored the files in a computer completely disconnected from the Internet, also known as “air-gapped” in hacker lingo.
During his two days in Rio, Lee wore two hats: the digital bodyguard who secures computers against hackers and spies, and the technologist who helps reporters
“Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.”
“It’s vital that [other] news organizations hire technical experts and security experts to help to protect their reporters.”
At The Intercept, Lee is working to make sure nobody leaves any traces.
To prevent hackers from compromising these air-gapped computers, Lee really doesn’t want to leave any stone unturned. That’s why First Look has started removing wireless and audio cards from air-gapped computers and laptops, to protect against malware that can theoretically travel through airwaves. Security researchers have recently suggested it might be possible to develop malware that, instead of spreading through the Internet or via thumb drives, could travel between two nearby computers over airwaves, effectively making air-gapped computers vulnerable to hackers.
“The threat model is paranoid,” Lee tells Mashable, only half-joking. But it’s not just the NSA they’re worried about. (After all, the spy agency already has the documents.) Other spies, however, would love to get their hands on the intel.
He hired Lee for First Look with a strategic goal in mind: Establish unprecedented security practices that make the young news organization attractive for the next secret-spiller, the next Snowden, whoever he or she may be.
Tomi Engdahl says:
Self-Driving Cars Will Turn Surveillance Woes Into a Mainstream Worry
http://www.wired.com/2014/05/self-driving-cars-will-turn-surveillance-woes-into-a-mainstream-issue/
In the aftermath of the NSA spying revelations, our society is struggling to equip itself with the laws and public understanding necessary to deal with the spread of technology into every corner of our lives.
Self-driving cars are one place we can start to get it right. They provide yet another example of the challenges to autonomy and freedom brought by technology, and have the potential to bring the debate home for people who don’t feel as concerned by privacy issues related to email and laptops.
because people have a long history of projecting personal freedom and autonomy onto automobiles, they will have an innate understanding of the stakes.
It’s quite clear: for most people, the link between government surveillance and freedom is more plainly understood by cars, rather than personal computers. As more and more objects become connected to the Internet these questions will grow in importance.And cars in particular might become
We need to ask: what happens when cars become increasingly like computers? With self-driving cars, are we getting the best of the computer industry and the car industry, or the worst of both worlds?
Self-driving cars are coming–slowly and progressively
They also embody our debate on freedom, autonomy, and privacy when it comes to computing systems–revealing just how intrusive remote access to computing systems by the government or individuals can become.
Tomi Engdahl says:
Your secrets aren’t safe
Data thieves are after your most private info—when you use Wi-Fi and shop online, and even when you store files in the cloud
http://www.consumerreports.org/cro/magazine/2014/07/your-secrets-aren-t-safe/index.htm
62 percent of respondents in a recent national Consumer Reports survey of 3,110 online consumers said they have done nothing to protect their privacy on the Internet.
Which is not to say that people don’t care. A recent Associated Press poll found that 58 percent of people have “deep worries” when spending online, and 58 percent of respondents to our survey said they were worried about government spying by the National Security Agency. For most people, the problem is simply not knowing how to attack a problem that seems so wildly out of their control.
Your info: At risk everywhere
In the world of technology, the vulnerability of a computer system is known as its “attack surface”—all of the points at which an attacker can gain entry and make off with valuable data. These days, as the threat of malicious software and sophisticated cybercriminals reaches every corner of modern life, each consumer has vulnerabilities, too. They extend from the laptop in your home to the doctor’s office where you get your yearly checkup. And the first step in protecting yourself is to know where you are exposed.
Tomi Engdahl says:
Seedy hacker steals 1300 Monsanto client and staff records
Ag giant says crims weren’t after personal information
http://www.theregister.co.uk/2014/06/02/seedy_hacker_steals_1300_monsanto_client_and_staff_records/
Tomi Engdahl says:
Swiping your card at local greengrocers? Miscreants will swipe YOU in a minute
Keylogging botnet Nemanja is coming to a small biz near you
http://www.theregister.co.uk/2014/05/27/keylogging_botnet_menaces_retailers/
More than a thousand point-of-sale, grocery management and accounting systems worldwide have been compromised by a new strain of malware, results of a March 2014 probe have revealed.
During a survey of compromised POS terminals, accounting systems and grocery management platforms, the Nemanja botnet was fingered as one of the biggest of the lot.
After infiltrating various small businesses and grocery stores, the botnet then sets up a means to lift credit card and other sensitive data from compromised systems.
Cyber-intelligence firm IntelCrawler said it had detected 1,478 hosts infected by Nemanja
“The ‘Nemanja’ case has shown that cybercriminals have started to join POS malware with keyloggers in order to intercept credentials of various back-office systems and databases in order to gain an access to payment or personal identifiable data,” IntelCrawler said in an advisory.
Tomi Engdahl says:
You’ve got two weeks to beat off Cryptolocker, GameoverZeus nasties
So say UK cops after control servers for malware battered
http://www.theregister.co.uk/2014/06/02/nca_gameoverzeus_cryptolocker_warning/
The UK’s National Crime Agency has warned people have just two weeks to protect themselves against the Cryptolocker ransomware and a strain of the ZeuS password-slurping malware – before both return from the dead.
The NCA worked with the FBI, Europol and other agencies to knackered the command and control (C&C) servers that were managing a major network distributing the GameoverZeuS Trojan and the infamous Cryptolocker ransomware.
People are being advised to install or update security software and to check that operating systems and applications are up to date.
More than 15,000 computers in Blighty alone have been hit by the ZeuS malware, which figure includes those hit by the GameoverZeuS and P2PZeuS strains. According to the NCA, ZeuS is responsible for nicking hundreds of millions of pounds globally.
Tomi Engdahl says:
The Coming IT Nightmare of Unpatchable Systems
http://it.slashdot.org/story/14/06/02/1843253/the-coming-it-nightmare-of-unpatchable-systems
“Routers, smart refrigerators, in-pavement traffic-monitoring systems, or crop-monitoring drones — ‘the trend toward systems and devices that, once deployed, stubbornly “keep on ticking” regardless of the wishes of those who deploy them is fast becoming an IT security nightmare made real, affecting everything from mom-and-pop shops to power stations.”
Tomi Engdahl says:
Beware the next circle of hell: Unpatchable systems
Insecure by design and trusted by default, embedded systems present security concerns that could prove crippling
http://www.infoworld.com/d/security/beware-the-next-circle-of-hell-unpatchable-systems-243397
Microsoft’s decision to end support for Windows XP in April was met with a collective gulp by the IT community.
But Windows XP is just the tip of an ever-widening iceberg: software and hardware that is unpatchable and unsupportable — by policy or design. In fact, the trend toward systems and devices that, once deployed, stubbornly “keep on ticking” regardless of the wishes of those who deploy them is fast becoming an IT security nightmare made real, affecting everything from mom-and-pop shops to power stations.
This unpatchable hell is a problem with many fathers, from recalcitrant vendors to customers wary of — or hostile to — change. But with the number and diversity of connected endpoints expected to skyrocket in the next decade, radical measures are fast becoming necessary to ensure that today’s “smart” devices and embedded systems don’t haunt us for years down the line.
The problem of unsupported or undersupported devices hits close to home for millions of broadband users in the United States and Europe. Broadband routers humming away peacefully in attics and home offices have become the latest targets of sophisticated cyber criminal groups.
“As embedded systems begin to proliferate in both corporate and consumer networks, greater attention needs to be given to what vulnerabilities these devices introduce,”
Beyond traditional IT, the problems are even worse. Embedded systems are proliferating in nearly every corner of daily life.
Worse, these customers often defer to the hardware vendors on matters relating to security or conclude (wrongly) that embedded systems are too obscure to warrant protection, Cerrudo says.
For industrial control systems, customer trust in unsupported and unsupportable embedded devices is a disaster in waiting.
“Vendors will try to sell you on it being easy to use and low maintenance,” Cerrudo says. “The problem is that when the system has a security issue, you don’t have the proper mechanism to update them.”
Industrial control systems too are being targeted by attacks, thanks to security problems stemming from embedded devices and other legacy hardware.
Many industrial control systems and protocols are “insecure by design.”
“An attacker with ICS knowledge would use the features rather than an unpatched [vulnerability] to compromise the system,” Peterson says.
Critical infrastructure vendors and operators often rely on cellular networks and wireless technology to remotely manage their infrastructure.
This presents a tremendous convenience, but customers and vendors often fail to comprehend the risks that go along with that convenience.
If security issues around unmanageable devices look bad now, the near future is even worse.
thanks to growing adoption of portable, sensor-rich, Internet-connected devices — the so-called Internet of things.
may be of negligible importance individually, but already pose a serious threat “at scale,”
“That combination — long lived and not reachable — is the trend that must be dealt with, possibly even reversed,”
Tomi Engdahl says:
These Guys Are Creating A Whole New Internet Using Bitcoin And They Are Having Surprising Success
http://www.businessinsider.com/these-guys-are-creating-a-new-internet-2014-5
The founders of a Scottish company called MaidSafe had a wild idea.
What if you were to give the internet a makeover, changing it so that it’s absolutely safe from hackers and government snooping, but is still good for app developers and for sharing information?
And the MaidSafe SAFE network was born
The plan is to use the existing internet but not store your data on servers in data centers such as done by Google, Yahoo, Facebook, and every other big internet company today.
Instead, everyone who joins this network would turn their PC into part of the network, allowing bits and pieces of encrypted data to be stored on all PCs.
They funded their new network by selling their software, something called safecoins.
The servers and data centers are replaced by users’ computers, which are contributing their unused resources to make up this new decentralized internet.
Tomi Engdahl says:
Spam Campaign Spreading Malware Disguised as HeartBleed Bug Virus Removal Tool
http://www.symantec.com/connect/blogs/spam-campaign-spreading-malware-disguised-heartbleed-bug-virus-removal-tool
As with any major news, it is only a matter of time before cybercriminals take advantage of the public’s interest in the story.
This type of social engineering targets users who may not have enough technical knowledge to know that the Heartbleed bug is not malware and that there is no possibility of it infecting computers. The email uses social and scare tactics to lure users into opening the attached file.
Heartbleed removal scam spies on everything you do
http://www.expertreviews.co.uk/general/1308862/heartbleed-removal-scam-spies-on-everything-you-do
A new scam claiming to be a “removal tool” for the Heartbleed web security vulnerability is targeting unwitting computer users and could steal passwords and online banking details.
The spam email campaign is the latest in a long line attempting to take advantage of major news events, although it is unlikely to fool all but the most gullible of computer users.
The email warns that while users may have changed their passwords in the wake of Heartbleed their computer could still be “infected” with the a bug.
The bogus claim then explains that a Heartbleed bug removal tool, attached to the email, can “clean” the infection from the computer.
According to security firm Symantec the email has the subject line “Looking for Investment Opportunities in Syria”, although the content of the email is about the Heartbleed vulnerability.
Tomi Engdahl says:
Always-on Analytics Beyond NSA’s Dreams
http://www.eetimes.com/document.asp?doc_id=1322578&
Some of you may be familiar with Apple’s Siri voice commands that let you operate an iPhone or an iPad and search online, organizing your life through natural speech rather than through touch interfaces.
Together with its fairly basic built-in touchpad, the Google Glass user interface partly relies on voice commands to operate, including when users perform Internet searches.
Recently e-commerce giant Amazon unveiled a microphone-enabled barcode reader, the Amazon Dash
More broadly, the data you generate as you speak into these voice-activated devices will be scrutinized beyond their superficial user-interface functionality. Most of the data will transit from the application to the cloud where more powerful data analytics can be performed
So by virtue of progress, it looks as if always-on analytics (voice, gesture, biometric) will pair, more often than not, with always-on connectivity and augmented reality, beyond the NSA’s wildest dreams.
Tomi Engdahl says:
Reddit, Imgur and Boing Boing launch anti-NSA-surveillance campaign
http://www.theguardian.com/technology/2014/jun/02/reddit-imgur-boing-boing-reset-the-net-campaign-nsa-surveillance-privacy
The Reset the Net campaign aims to encourage direct action, urging visitors to install privacy and encryption tools
Other sites have committed to improving their own privacy as part of the campaign, by enabling standards such as HTTPS, which prevents attackers from eavesdropping on visitors. Such security standards are common in the world of ecommerce, but rarer for sites which don’t think of themselves as holding sensitive information.
“We can take back control of our personal and private data one website, one device, one internet user at a time,” said Reddit’s General Manager Erik Martin.
Tomi Engdahl says:
Edward Snowden NSA whistleblowing story to be filmed by Oliver Stone
http://www.theguardian.com/film/2014/jun/02/edward-snowden-nsa-film-oliver-stone
Director of Platoon and JFK will direct a big budget adaptation of Guardian journalist Luke Harding’s book about Snowden’s role in exposing the NSA’s surveillance culture
Tomi Engdahl says:
How Bitcoin could become a super-sized Wayback Machine
Why mine maths when you can ARCHIVE STORAGE!
http://www.theregister.co.uk/2014/06/03/redmonds_plan_to_turn_bitcoin_into_a_p2p_waybackmachine/
Researchers have proposed a system which could see Bitcoin users earning their trendy tender by replicating vital data sources rather than crunching pointless algorithms.
The new system, dubbed Permacoin by a team of University of Maryland and Microsoft researchers, would substitute the current requirement to obtain Bitcoins through crunching mathematical algorithms with a system where punters replicated important datasets.
It would function as a “free” guard against wholesale data losses from cloud providers, and could see valuable sources such as the 200Tb US Library of Congress backed-up if it were applied to the current Bitcoin network
Tomi Engdahl says:
Global mobile roaming network a HOTBED of vulnerabilities
KPN researchers find more than 5k vulnerable hosts
http://www.theregister.co.uk/2014/06/03/global_mobile_roaming_network_a_hotbed_of_vulnerabilities/
Security experts for Dutch telco KPN have swung the baseball bat at telcos, with research suggesting mobile roaming networks are so insecure you’d hardly need the NSA to break in and start capturing user traffic.
They find the GRX – GPRS Roaming Exchange – network, which links the roaming traffic of 25 carriers worldwide, has more than 5,000 vulnerable hosts visible to the Internet.
That roaming network is the same as the UK’s GCHQ targeted, via Belgacom engineers, to capture traffic.
They found that of the 25 operators, 15 have machines visible to the Internet, with many misconfigurations and unnecessary services, and a lack of ingress filtering to protect the hosts.
In the case of GRX, the issue is that roaming is a concept that existed long before carriers started offering mobile Internet services.
What the research found was that out of 42,000 GRX hosts, around 5,500 are visible from the Internet, and many of these are running services with known vulnerabilities, including various old Sendmail versions with known root exploits, and vulnerable ftpd daemons in OpenBSD, VxWorks, and other FTP implementations.
Tomi Engdahl says:
The Latest Wave of Cyberattacks On the West Is Coming From the Middle East
http://it.slashdot.org/story/14/06/03/0041202/the-latest-wave-of-cyberattacks-on-the-west-is-coming-from-the-middle-east
“A hacker group from the Middle East known as Molerats attacked a wide range of major public sector organizations over April and May, including the BBC and a smattering of European governments, researchers revealed today.”
Tomi Engdahl says:
The Latest Wave of Cyberattacks on the West Is Coming from the Middle East
Written by
Thomas Brewster
June 2, 2014 // 12:15 PM EST
http://motherboard.vice.com/read/middle-east-hacker-crew-hits-bbc-and-european-governments
A hacker group from the Middle East known as Molerats attacked a wide range of major public sector organisations over April and May, including the BBC and a smattering of European governments, researchers revealed today.
The Molerats’ actions have added weight to concerns around growing cyber capability stemming from the Middle East.
“I think it’s likely to be criminally led as they don’t seem to care which side of the political argument targets lie,”
“There appears to have been an increase in activity from the Middle East over the past 24 months,
Tomi Engdahl says:
Hey, does your Smart TV have a mic? Enjoy your surveillance, bro
Little reminder: Your shiny new telly is a computer, it can run malware
http://www.theregister.co.uk/2014/05/10/smarttv_bugging/
NSA whistleblower Edward Snowden told lawyers he met during his sojourn in Hong Kong to put their cell phones in his fridge to thwart any eavesdroppers.
But new research suggests he should have been worried about nearby TVs, too.
Smart tellies with built-in microphones and storage can be turned into bugging devices by malware
Tomi Engdahl says:
Still using e-mail? Marketers say you’re part of DARK SOCIAL
You can’t make this stuff up
http://www.theregister.co.uk/2014/05/28/still_using_email_youre_part_of_dark_social/
E-mail and SMS hold-outs are a danger to the Internet because they foul up media giants’ tracking, according to analysts with an interest in flogging social tracking services to media giants.
If you’re old enough, you’ll remember that if you wanted to tell a friend – or a group of friends – about an interesting link, you’d e-mail them either the whole text or a link to it. Congratulations: courtesy of the reptiles of marketing, you’re now lumped into a nasty bunch of users called “dark social”.
As the article puts it, attributed to Chartbeat and RadiumOne: “Up to 80 per cent of all ‘sharing’ of publisher and brand content is being distributed through email and text messaging to smaller, ‘off-the-grid’ user networks”.
The answer? Of course, it’s to invent ways to track these evil users who don’t play by the rules.
Tomi Engdahl says:
Google announces End-to-End Chrome extension alpha for sending secure emails with OpenPGP:
Making end-to-end encryption easier to use
Tuesday, June 3, 2014 12:56 PM
posted by Stephan Somogyi, Product Manager, Security and Privacy
http://googleonlinesecurity.blogspot.fi/2014/06/making-end-to-end-encryption-easier-to.html
Your security online has always been a top priority for us, and we’re constantly working to make sure your data is safe. For example, Gmail supported HTTPS when it first launched and now always uses an encrypted connection when you check or send email in your browser. We warn people in Gmail and Chrome when we have reason to believe they’re being targeted by bad actors. We also alert you to malware and phishing when we find it.
Today, we’re adding to that list the alpha version of a new tool. It’s called End-to-End and it’s a Chrome extension intended for users who need additional security beyond what we already provide.
“End-to-end” encryption means data leaving your browser will be encrypted until the message’s intended recipient decrypts it, and that similarly encrypted messages sent to you will remain that way until you decrypt them in your browser.
uses OpenPGP, an open standard supported by many existing encryption tools.
Tomi Engdahl says:
Google warns that 40-50% of messages sent between Gmail and other services are unencrypted
Transparency Report: Protecting emails as they travel across the web
http://googleblog.blogspot.fi/2014/06/transparency-report-protecting-emails.html
Our data show that approximately 40 to 50 percent of emails sent between Gmail and other email providers aren’t encrypted. Many providers have turned on encryption, and others have said they’re going to, which is great news. As they do, more and more emails will be shielded from snooping.
Tomi Engdahl says:
Intel Bets On Surface Pro 3-Like “2-In-1″ Devices
http://www.coindesk.com/sec-eric-voorhees-deal-unauthorized-securities-sales/
The US Securities and Exchange Commission (SEC) has formally charged and settled with serial bitcoin entrepreneur Eric Voorhees for the public offering of securities without registering with the federal government.
“All issuers selling securities to the public must comply with the registration provisions of the securities laws, including issuers who seek to raise funds using bitcoin.”
Tomi Engdahl says:
Egypt’s police seek ability to monitor social media for signs of dissent
http://www.theguardian.com/world/2014/jun/02/egypt-police-monitor-social-media-dissent-facebook-twitter-protest
IT companies asked to provide system which scans Facebook and Twitter for profanity, insults and incitements to protest
Tomi Engdahl says:
Protecting Our Brains From Datamining
http://tech.slashdot.org/story/14/06/03/2250216/protecting-our-brains-from-datamining
‘Brainwave-tracking is becoming increasingly common in the consumer market, with the gaming industry at the forefront of the trend.’
“EEG data is “high-dimensional,” meaning a single signal can reveal a lot of information about you: if you have a mental illness, are prone to addiction, your emotions, mood, and taste.”
” That’s led some to develop privacy systems that protect your thoughts from hackers.”
Our Brains Will Be Hacked, Tracked and Data-Mined
http://motherboard.vice.com/read/our-brains-will-be-hacked-tracked-and-data-mined
In the near future, companies, hell even the NSA could be mining our brainwaves for data. It’s bad enough that private details about our lives revealed in hoovered up in emails and phone calls; imagine if Big Brother was literally reading our minds? That’s some dystopian shit.
We’re heading in that direction. Brainwave-tracking is becoming increasingly common in the consumer market, with the gaming industry at the forefront of the trend. “Neurogames” use brain-computer interfaces and electroencephalographic (EEG) gadgets like the Emotiv headset to read brain signals and map them to in-game actions, basically giving the player virtual psychic superpowers.
Now there’s a fear that we’re not doing enough to protect our raw thoughts from being hacked with “brain spyware” or tracked and gathered like the rest of our personal data. The concern was raised last month at the 2014 Neurogaming Conference in San Francisco, NPR reported.
“We may wake up in a few years and say, ‘Oh, we should have done something. We should have thought about the privacy of this data,’” Arek Stopczynski, a neuroinformatics researcher at MIT told me in an interview.
Privacy for Personal Neuroinformatics
http://papers.ssrn.com/sol3/Papers.cfm?abstract_id=2427564
Human brain activity collected in the form of Electroencephalography (EEG), even with low number of sensors, is an extremely rich signal raising legal and policy issues. Traces collected from multiple channels and with high sampling rates capture many important aspects of participants’ brain activity and can be used as a unique personal identifier. The motivation for sharing EEG signals is significant, as a mean to understand the relation between brain activity and well-being, or for communication with medical services.
As the equipment for such data collection becomes more available and widely used, the opportunities for using the data are growing; at the same time however inherent privacy risks are mounting. The same raw EEG signal can be used for example to diagnose mental diseases, find traces of epilepsy, and decode personality traits.
We show how raw high-dimensionality data can be collected on a mobile device, uploaded to a server, and subsequently operated on and accessed by applications or researchers
Tomi Engdahl says:
GnuTLS Flaw Leaves Many Linux Users Open To Attacks
http://linux.slashdot.org/story/14/06/03/1829251/gnutls-flaw-leaves-many-linux-users-open-to-attacks
A new flaw has been discovered in the GnuTLS cryptographic library that ships with several popular Linux distributions and hundreds of software implementations. According to the bug report, “A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code.”
Critical new bug in crypto library leaves Linux, apps open to drive-by attacks
Vulnerability in GnuTLS allows malicious sites to execute malicious code.
http://arstechnica.com/security/2014/06/critical-new-bug-in-crypto-library-leaves-linux-apps-open-to-drive-by-attacks/
A recently discovered bug in the GnuTLS cryptographic code library puts users of Linux and hundreds of other open source packages at risk of surreptitious malware attacks until they incorporate a fix developers quietly pushed out late last week.
Maliciously configured servers can exploit the bug by sending malformed data to devices as they establish encrypted HTTPS connections. Devices that rely on an unpatched version of GnuTLS can then be remotely hijacked by malicious code of the attacker’s choosing, security researchers who examined the fix warned. The bug wasn’t patched until Friday, with the release of GnuTLS versions 3.1.25, 3.2.15, and 3.3.4. While the patch has been available for three days, it will protect people only when the GnuTLS-dependent software they use has incorporated it.
“A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake,”
Technical Analysis Of The GnuTLS Hello Vulnerability
2014-06-01
http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/
Tomi Engdahl says:
Google-released Chrome extension allows easy in-browser Webmail encryption
End-to-End alpha could bring robust and easy-to-use OpenPGP crypto to Webmail.
http://arstechnica.com/security/2014/06/google-released-chrome-extension-allows-easy-in-browser-webmail-encryption/
Tomi Engdahl says:
Local Police Increasingly Rely On Secret Surveillance
http://yro.slashdot.org/story/14/06/03/1955226/local-police-increasingly-rely-on-secret-surveillance
‘The Wall Street Journal reports on how local law enforcement is increasingly requesting (and receiving) sealed wiretap requests and surveillance that doesn’t require a warrant for cellular data, a move that is making some courts uneasy — but not uneasy enough to stop the practice.”
Sealed Court Files Obscure Rise in Electronic Surveillance
Law-Enforcement Requests to Monitor Cellphones Are Routinely Sealed—And Stay That Way
http://online.wsj.com/news/article_email/sealed-court-files-obscure-rise-in-electronic-surveillance-1401761770-lMyQjAxMTA0MDAwMzEwNDMyWj
Across the U.S., thousands of similar law-enforcement requests for electronic monitoring are likewise locked away from public view, even after the investigations that spawned them have ended. In most cases, they stay sealed indefinitely—unlike nearly all other aspects of American judicial proceedings. Courts long have presumed that search warrants, for example, eventually should be made public.
Tomi Engdahl says:
The Finnish Defence Forces exercise cyber war – including 1,300 people from government IT office
Management system of the Finnish Defence Forces Central next week in a five-day national cyber war exercise. This is the second time that the armed forces to organize a similar exercise. Exercise is held in Jyväskylä University of Applied Sciences facilities and systems. Things and include the detection of cyber threats and security operations center operation.
Source: http://www.tietoviikko.fi/kaikki_uutiset/puolustusvoimat+kybersotaharjoittelee++mukana+myos+1300+hengen+itvirasto/a991646
Tomi Engdahl says:
Secret Service Software Will ‘Detect Sarcasm’ in Social Media Users
http://www.nextgov.com/defense/2014/06/secret-service-software-will-detect-sarcasm-social-media-users/85633/
The Secret Service is purchasing software to watch users of social networks in real time, according to contract documents.
In a work order posted on Monday, the agency details information the tool will collect — ranging from emotions of Internet users to old Twitter messages.
Its capabilities will include “sentiment analysis,” “influencer identification,” “access to historical Twitter data,” “ability to detect sarcasm,” and “heat maps” or graphics showing user trends by color intensity, agency officials said.
The automated technology will “synthesize large sets of social media data” and “identify statistical pattern analysis” among other objectives, officials said.
The tool also will have the “functionality to send notifications to users,” they said.
Tomi Engdahl says:
Patent application:
User-browser interaction-based fraud detection system
http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=8,650,080.PN.&OS=PN/8,650,080&RS=PN/8,650,080
Systems, methods and media for detecting fraudulent behavior during an Internet commerce session are disclosed. Embodiments of a method may include establishing an e-commerce session with a user and requesting fraud detection analysis of user-browser interaction during the e-commerce session.
Tomi Engdahl says:
The Cybercrime Economy
Half of American adults hacked this year
http://money.cnn.com/2014/05/28/technology/security/hack-data-breach/
Hackers have exposed the personal information of 110 million Americans — roughly half of the nation’s adults — in the last 12 months alone.
That massive number, tallied for CNNMoney by Ponemon Institute researchers, is made even more mind-boggling by the amount of hacked accounts: up to 432 million.
The exact number of exposed accounts is hard to pin down, because some companies — such as AOL (AOL) and eBay (EBAY) — aren’t fully transparent about the details of their cyber breaches.
The damage is real. Each record typically includes personal information, such as your name, debit or credit card, email, phone number, birthday, password, security questions and physical address.
Cyberattacks are growing so numerous that we’re becoming numb to them.
“Now attackers are very focused,” said Brendan Hannigan, who leads the security systems division at IBM (IBM). “There are teams of them, and they create malware to attack specific organizations.”
It doesn’t help that the security of the entire Internet relies on a few underfunded volunteers. Or that so many people use outdated software, such as Windows XP, which no longer receives security updates. That leads to pervasive problems like the Heartbleed bug or the recent Internet Explorer flaw that allowed attackers to take over your computer.
“It’s becoming more acute,” said Larry Ponemon, head of the Ponemon Institute. “If you’re not a data breach victim, you’re not paying attention.”
Tomi Engdahl says:
Test if your site is blocked in China
http://www.blockedinchina.net/
Tomi Engdahl says:
REVEALED: GCHQ’s BEYOND TOP SECRET Middle Eastern INTERNET SPY BASE
Snowden leaks that UK.gov suppressed
http://www.theregister.co.uk/2014/06/03/revealed_beyond_top_secret_british_intelligence_middleeast_internet_spy_base/
Above-top-secret details of Britain’s covert surveillance programme – including the location of a clandestine British base tapping undersea cables in the Middle East – have so far remained secret, despite being leaked by fugitive NSA sysadmin Edward Snowden. Government pressure has meant that some media organisations, despite being in possession of these facts, have declined to reveal them. Today, however, the Register publishes them in full.
The secret British spy base is part of a programme codenamed “CIRCUIT” and also referred to as Overseas Processing Centre 1 (OPC-1). It is located at Seeb, on the northern coast of Oman, where it taps in to various undersea cables passing through the Strait of Hormuz into the Persian/Arabian Gulf.
The actual locations of such codenamed “access points” into the worldwide cable backbone are classified 3 levels above Top Secret and labelled “Strap 3”. The true identities of the companies hidden behind codenames such as “REMEDY”, “GERONTIC”, “STREETCAR” or “PINNAGE” are classified one level below this, at “Strap 2”.
According to documents revealed by Edward Snowden to journalists including Glenn Greenwald among others, the intelligence agency annually pays selected companies tens of millions of pounds to run secret teams which install hidden connections which copy customers’ data and messages to the spooks’ processing centres. The GCHQ-contracted companies also install optical fibre taps or “probes” into equipment belonging to other companies without their knowledge or consent. Within GCHQ, each company has a special section called a “Sensitive Relationship Team” or SRT.
Tomi Engdahl says:
Turkey Unblocks YouTube After 2 Months
http://mashable.com/2014/06/03/turkey-unblocks-youtube/
The Turkey’s telecommunications authority (TIB) lifted the ban on Tuesday, removing YouTube from the “blocked sites” listed on its website. The move came four days after the country’s Constitutional Court ruled that the ban violated Turks’ free speech rights and ordered the ban be lifted.
The unblocking of YouTube closes a cycle of almost two months of social media censorship in Turkey.
Tomi Engdahl says:
No worries: NSA chief says facial recognition program is totally legal
“We do not do this in some unilateral basis against US citizens,” NSA chief says.
http://arstechnica.com/tech-policy/2014/06/no-worries-nsa-chief-says-facial-recognition-program-is-totally-legal/
The new head of the National Security Agency said Tuesday that the agency’s newly revealed facial recognition program is legal.
“We do not do this in some unilateral basis against US citizens,” Admiral Michael S. Rogers said at the Bloomberg Government cybersecurity conference in Washington, DC. “We have very specific restrictions when it comes to US persons.”