The FBI secretly arrested a National Security Agency contractor suspected of stealing and leaking highly classified material that is used for hacking foreign governments’ networks. The suspect, Harold Thomas Martin, has been in custody since August and worked for the same firm as famous whistleblower Edward Snowden, Booz Allen Hamilton. This firm is responsible for some of the most secretive and sensitive operations of the NSA.

Maryland Man Charged With Removal of Classified Materials and Theft of Government Property https://t.co/fHMngJZQ6x

— Justice Department (@TheJusticeDept) October 5, 2016

Martin is suspected of stealing a “source code” that the NSA uses to break into the computer systems of hostile foreign countries like China, North Korea, and Russia. It is unclear if he has shared the code with anyone yet. If leaked, the documents could “cause exceptionally grave damage to the national security of the U.S.,” according to a statement from the U.S. Justice Department.

Here’s how the criminal complaint describes the NSA contractor’s response. pic.twitter.com/TCExbnoDPl

— Eric Geller (@ericgeller) October 5, 2016

The 52-year-old Maryland man now faces one year in prison if found guilty of removing the materials, and ten more for the theft. The FBI searched his home and car, where it found several documents and digital information marked as “top secret.” They also found unspecified “government material” up to a value of $1,000.

The formal charges are theft of government property and unauthorized removal and retention of classified materials by a government employee or contractor. This case is different from Snowden’s because of the material stolen and the purpose of it. Snowden was a whistleblower who acquired classified documents and leaked them for the public benefit. Martin stole the actual code software that is used in NSA operations and that can be sold and used for cyber warfare.

Edward Snowden, currently exiled in Russia, tweeted about the news.

This is huge. Did the FBI secretly arrest the person behind the reports NSA sat on huge flaws in US products? https://t.co/otgOwB5efm

— Edward Snowden (@Snowden) October 5, 2016

According to the Independent, the material in this case could be connected to the recent theft of secret material by the hacker group Shadow Brokers, which also included a source code that was traced to the NSA. The hackers also left a cryptic message in broken English, saying, “We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control.”

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post NSA Contractor Arrested For Stealing and Leaking Classified Codes appeared first on Law Street.

On Thursday, Apple released a new security update for iPhone users worldwide after the discovery of an attempted hack that was trying to take advantage of three huge vulnerabilities in the iOS operating system. Using these three factors, now called the “Trident” flaw, hackers could take complete control over someone’s phone remotely, without the owner knowing about it.

The group that is believed to be behind the hack is an American-owned, Israeli-based company called NSO. It was founded in late 2009 by two Israeli mass-entrepreneurs with ties to the Israeli government and defense forces. In 2014 a San Francisco-based equity firm bought a majority stake in the company for $120 million.

NSO says it specializes in tools fighting against crime and terrorism. Its LinkedIn page describes the company as in “the field of Internet security software solutions and security research.” But many security firms call the group a “cyber arms dealer.” An online document from NSO says it is “a leader in the field of cyber warfare” that utilizes its proprietary monitoring tool it calls “Pegasus,” which can monitor and extract all data from a target “via untraceable commands” which allow “remote and stealth.”

Human rights activist Ahmed Mansoor from the United Arab Emirates was the first one to report the suspected hack, after receiving a text message to his iPhone with a link promising to reveal details about torture in his country’s prisons. Instead of clicking the link he contacted the Toronto-based internet watchdog Citizen Lab.

Incredible: #UAE tries to hack democracy activist @Ahmed_Mansoor w/ Israeli-made… https://t.co/u9WQZFM2OQ by @salamah via @c0nvey

— Azza Youssri (@AzzaYoussri) August 26, 2016

Reports issued on Thursday by Citizen Lab and San Francisco mobile security company Lookout revealed how they discovered an advanced spyware that could take over the whole phone at the tap of a finger. If you click the link in a fake message like the one Mansoor received, it would activate spying software called “Pegasus” and hackers could listen in on your calls, collect text messages and personal information, and control your camera.

This advanced technique is so highly desirable in the cyber world that one spyware broker said in November that it had paid $1 million to programmers who said they had found a way to do it, according to the Telegraph.

On Thursday an Apple spokesperson said:

We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5. We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits.

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post Who are the Hackers Behind the Apple Spyware Problem? appeared first on Law Street.

Last Thursday, United States officials revealed that they believe Chinese hackers were responsible for the May cyber attacks on U.S. federal agencies. The attacks compromised the personal information of more than four million current and former government workers. China responded by dismissing such accusations as “groundless” and “irresponsible,” stopping just short of ensuring that China does not condone cyber attacks. “We are very firm on this,” said China’s Foreign Ministry Spokesman Hong Lei. This is just the latest incident in a back-and-forth saga between the U.S. and China when it comes to cyber crimes.

Lei’s statement may not have been completely truthful. In May 2014, Lei released a similar response to the Justice Department’s indictment of five Chinese hackers for cyber crimes against five U.S. companies and a labor union in the steel, solar, and nuclear-power industries. According to the Guardian, “China’s foreign ministry called the allegations preposterous and accused the U.S. of double standards.” But the accused in the 2014 case were members of China’s People’s Liberation Army. In other words, their attacks do represent China engaging the United States. It is evident that the U.S. must take a firm stand against China’s aggression. Nevertheless, there are numerous challenges and implications to consider on that front.

For one, China’s assertion that the U.S. resentment of Chinese attacks represents a double standard is justified. Edward Snowden’s release of NSA files unveiled a surveillance program that spanned numerous countries, including China. In March of last year, Snowden leaked another document exposing the NSA’s penetration into the networks of Chinese telecommunications giant Huawei Technologies in search of evidence that the company was involved in espionage operations for Beijing. This complicates how far the U.S. can go to condemn China’s actions in the cyber sphere.

The potential costs of engaging China in cyber warfare are massive. Cyber attacks can threaten the control systems of dams, water-treatment plants, and power grids, compromise sensitive information stored on government networks, and access video surveillance cameras. Electronic door locks, elevators, and even life-sustaining medical devices are vulnerable to cyber attacks. While the U.S. rarely has to worry about war in its territory, in the cyber realm, physical boundaries are irrelevant. The statistics regarding the cost of cyber crimes are staggering. The Center for Strategic and International Studies estimates the annual cost of cybercrime and economic espionage to the world economy at $375-575 billion. Telecommunications giant IBM claims that there were 1.5 million monitored cyber attacks in the United States in 2013 alone. In a “60 Minutes” interview, FBI Director James Comey said, “There are two kinds of big companies in the United States. There are those who’ve been hacked by the Chinese, and those who don’t know they’ve been hacked by the Chinese.”

Political action is fraught with challenges, too. China, with its massive population and rapidly developing economy, lends itself to lucrative opportunities for American corporations. Consequently, the Chinese and U.S. economies are closely intertwined. According to the CIA World Factbook, China ships 17 percent of its exports to the U.S. and is the largest foreign holder of U.S. Treasury bills, bonds, and notes. So, the government response to Chinese cyber attacks cannot deter China from doing business with American corporations. Germany’s cancellation of its longstanding contract with Verizon following Snowden’s NSA leaks serves as a cautionary tale, and the fact that most major Chinese corporations are government owned only further complicates the issue.

So, the U.S. government is left with few options. One thing it can do is encourage the development of cyber technology. The government should support programs such as the DARPA Cyber Grand Challenge, a competition aimed towards creating an automated cyber defense system, and incentivize the best cyber experts to work with the government by providing resources and appropriate compensation.

More importantly, the government needs to send the message that attacks on American networks will not be tolerated. This could mean under-the-table threats of retaliation to avoid negative media attention. Fear of retaliation should deter Chinese attacks, and if attacks persist, the government can deny visas to Chinese citizens, limit military ties, or implement economic sanctions. It is important to keep the campaign low-key and ensure that economic sanctions do not incite an aggressive Chinese response.

Examples of the United States asserting itself following a breach of security are littered throughout history; the U.S. defeat of Japan following Pearl Harbor and the assassination of Osama bin Laden following 9/11 demonstrated that we are not afraid to track down and engage our enemies. It is time to assert our status as the world’s leading superpower once again.

Hyunjae Ham

Hyunjae Ham is a member of the University of Maryland Class of 2015 and a Law Street Media Fellow for the Summer of 2015. Contact Hyunjae at staff@LawStreetMedia.com.

The post The U.S. Needs to Take a Firm Stand Against China on Cyber Attacks appeared first on Law Street.

United States Central Command (CentCom) reported today that its social media accounts had been hacked by people claiming to be from ISIS. CentCom, part of the Department of Defense, has played a main role in recent conflicts in Iraq, Afghanistan, and others. Based in Tampa, Florida, it’s responsible for American security interests in more than 20 different nations. Here’s what the account looked like before it was suspended:

DEVELOPING: CENTCOM’S Twitter account appears hacked http://t.co/TYVHIsjUN1 (Twitter screenshot) pic.twitter.com/FS8AFYRGjO

— USA TODAY (@USATODAY) January 12, 2015

Whoever hacked the account posted threatening messages to American troops such as “AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK. ISIS.” There was also a tweet that linked to a longer statement that included:

In the name of Allah, the Most Gracious, the Most Merciful, the CyberCaliphate under the auspices of ISIS continues its CyberJihad. While the US and its satellites kill our brothers in Syria, Iraq and Afghanistan we broke into your networks and personal devices and know everything about you.

You’ll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base. With Allah’s permission we are in CENTCOM now. We won’t stop! We know everything about you, your wives and children. U.S. soldiers! We’re watching you!

ISIS propaganda photos were also posted on CentCom’s YouTube page. Its Facebook page, however, appears to be untouched. Central Command has confirmed that its accounts have been compromised.

The hacking occurred while President Barack Obama was delivering a speech to the Federal Trade Commission (FTC) about cyber security. As of now, however, the only thing that the White House has said is that they’re “obviously looking into” the breach.

Most concerning of all, whoever hacked the accounts claimed that they had also gotten access to confidential information from CentCom, although that’s yet to be confirmed, and Defense officials have said that they don’t believe any information was taken. Some of the posts linked to documents, but those documents could have been found on Pentagon websites, among other places. They’re surely a far cry from damaging confidential information.

This comes less than a day after “hactivist” group Anonymous declared war on the organization.

Cyberwar has become a real issue, and it appears that no one is completely safe.

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post ISIS Supporters Hack US Central Command Online Accounts appeared first on Law Street.

Following the recent fiasco at Sony, hacking has been catapulted squarely into the spotlight. But hackers are doing more than just delaying movie premieres–they are causing serious damage and have the capability to cause much more. Before we get too scared of these anonymous boogeymen, however, it is important to understand what hacking is and who the hackers are.

What are hackers and what do they do?

So, first of all, what is a hacker? While the answer to that question is very complicated, for clarity’s sake a succinct and clear explanation of a computer hacker and computer hacking is this:

Computer hackers are unauthorized users who break into computer systems in order to steal, change or destroy information, often by installing dangerous malware without your knowledge or consent.

This definition is of course limited, as hacking is not relegated solely to computers and is not always a negative thing. Below is a video that offers a fuller picture.

While not all hacking is negative, much of it is, and it is important to understand specifically what the intentions of many hackers are and how they operate. Hackers often lure their unsuspecting victims with bogus scams sent through emails or websites. Some hackers also prefer the approach of directly attacking a computer if it does not have the requisite protection in place, such as a firewall; however, while hacking may appear as simple as pressing a button in a movie, it is more complicated than that. More specifically, what a hacker does is infect another person’s computer with malicious software or malware. Once the unsuspecting user has activated the malware, either by clicking on a link or opening an email, his computer can then become infected with a virus. If a computer does become infected the hacker essentially has unlimited access to the operating system. This then enables him to have virtual control over the user’s computer and internet activity. Normally the hacker will try to maintain a low enough profile so the user is not alerted; in the meantime he will attempt to obtain sensitive information. Whatever way hackers choose to attack, they often try to steal things like passwords, account numbers, and means of identification such as a social security number.

The purpose behind all of this is nefarious; stealing an individual’s money, abusing their credit, or even turning a profit by selling the acquired information to a third party is often the end goal. Two prime examples of this are the major hack of Target’s credit card system in 2013 and the similar hack of EBay this year. Nonetheless, while hackers seem to have similar motives, the group is in fact quite heterogeneous and can vary from countries to individuals.

State Actors

The first type includes hackers utilized by a country’s government or military. In this way, hackers are used like other weapons such as tanks or missiles. In this regard, perhaps no country employs hackers and hacking more than China. According to a 2013 article from Bloomberg, China accounted for 41 percent of hacking assaults in 2012–four times that of the second place country on the list. While there’s no way to say definitively whether those hacks came from the Chinese government, the idea comes as no surprise to those familiar with the United States’ claims that China has long hacked American corporations in order to steal trade secrets and then passed them along to Chinese companies. For example, there were hacking accusations against China earlier this year by American corporate icons such as U.S. Steel and Alcoa.

However, the United States is far from an unwitting victim of these attacks. In fact the number two country from the same list of top hacking nations was the United States. In 2012, for example, ten percent of hacking attacks originated from within the United States. In addition, the United States military has increased the portion of its budget focused on cyber warfare. In 2015, the U.S. Cyber Command plans to spend $5.1 billion on cyber combat. The video below explains the threat of cyber warfare.

There is already evidence of suspected U.S. cyber warfare at work. Aside from unpublicized U.S. attacks against the Taliban in Afghanistan, there’s the more notable example of the Stuxnet virus that infected the Iranian nuclear infrastructure and severely damaged its nuclear program. There is also the recent shutdown of North Korean internet access that many suspect was American retaliation for the suspected North Korean hack of Sony.

Along with the United States and China, other countries where hacking is a major weapon include Taiwan, Turkey, and Russia.

Non-State Actors

Indeed non-state actor hackers may pose an even bigger threat to global systems than government operations. One reason why is while government operations are generally strictly military or defensive in nature, non-state operations run the gamut.

Patriotic Hacking

One example is something known as patriotic hacking. In essence, these groups are self-appointed to represent a particular country and will respond in kind to any perceived slight against the nation they represent. One such group formed in China in response to the accidental bombing of a Chinese embassy in Belgrade by the United States during the war in Kosovo. Similar groups have also formed in many countries such as Israel, India, Pakistan, and the United States.

An example of a patriotic hacker–or “red hacker” as they are known in China–is Wan Tao. Wan Tao hacked everything from the U.S. government to Japanese political email accounts. While it is believed they he was never explicitly ordered to do so, the hacker’s targeted attacks fell in line with Chinese Governmental actions. As if to emphasize the underlying nationalism in his attacks, Wan Tao even had a name for his group, the China Eagles.

Hacktivists

Another type of non-state hacking group is known as hacktivists, which are people who use both legal and illegal means to achieve some political goal. Perhaps the best example is the group known collectively as Anonymous. Known for dawning the Guy Fawkes mask, Anonymous has been involved in hacking cases related to social issues ranging from the Occupy Wall Street movement to the shooting death of Michael Brown that set off the protests in Ferguson, Missouri. A more expansive definition of hacktivism is provided in the video below.

Other Non-State Actors

There are countless other non-state hacking groups at play today. One example is the massive hack of JP Morgan Chase in October 2014. In this case, the personal information of 83 million bank customers was stolen.  While Chase was quick to deny any information such as account numbers was taken, experts in the field remain more skeptical.  Regardless of what exactly was stolen, the culprits were again believed to be Russian hackers who stole personal information with the intent to sell it or profit off of it through other means such as fraud. There is also the persistent fear of terrorist hackers, although little has yet to come of this.

Putting Up a Firewall

While governments and individuals swarm to the attack there are also efforts to fight back against hackers, and like hackers and hacking these efforts take many forms. At the highest level are government efforts like those of the United States government. Specifically, as touched upon earlier, the United States has created a cyber command capable of launching retaliatory strikes against its enemies through cyber space if the U.S. were attacked. In essence then the United States is creating a deterrent through cyber space much like it already has through both conventional and nuclear means.

There are also altruistic attempts such as the ones being undertaken by organizations like I Am the Cavalry, which allows researchers to share their findings and help improve the security of four major sectors: medical devices, automobiles, home services, and public infrastructure.

In addition, there are more classical capitalist efforts employed by corporations. Several major corporations such as Apple, Facebook, Google, and Microsoft are actively courting hackers, often holding competitions with prizes like lucrative job offers. The goal of this approach is to pick up where traditional IT efforts leave off. Traditional efforts are geared at creating defensive measures so hackers cannot break into a system; however, this new approach utilizes hackers themselves specifically because they have the opposite mindset and are looking for the vulnerabilities to attack. By harnessing hackers’ aggressive skill sets and playing off their competitive mentalities these companies and many more are, in essence, using hackers to prevent hacking.

Conclusion

As the world becomes more digital and connected the threat of hacking will increase. In the future everything from cars to even toasters can and will be vulnerable to hacking and misuse. Furthermore, this threat will not necessarily come from other countries, but also non-state actors and even individuals. The motivations and allegiances of these people and groups vary widely and make the problem infinitely more complex.

Nonetheless, while efforts to prevent hacking can seem hopeless, like trying to keep a ship with a million leaks afloat, all is not lost. Indeed there are already efforts underway to fight back, which vary as much as those of the hackers themselves. As history has shown, no ship is unsinkable. Thus hacking is always likely to be a problem and an increasingly dangerous one; however, it can also offer an avenue for improvement and a channel to voice social concerns. While hacking may be the next great threat, like previous scourges it may also present unique opportunities for change and improvement for society as a whole.

Resources

Primary

Center for A New American Security: Non-State Actors and Cyber Conflict

Additional

Bloomberg: Top Ten Hacking Countries

CNN World: North Korea Denies Sony hack

Forbes: The Top 5 Most Brutal Cyber Attacks of 2014

Time: Here’s What Chinese Hackers Actually Stole From U.S. Companies

Time: China’s Red Hackers

WebRoot: Computer Hackers and Predators

Bloomberg Business Week: Target Missed Alarms

Washington Times: Cyber Command Investment Ensures Hackers Targeting US Face Retribution

The New York Times: North Korea Loses its LInk to the Internet

New York Post : Hackers Steal 83 Million Chase Customers’ Info

Mashable: Hacktivism

International Business Times: What is Anonymous?

CDR Global Inc: Hacking for Good

Guardian: There are real and present dangers around the internet of things

I Am the Cavalry: Homepage

Michael Sliwinski

Michael Sliwinski (@MoneyMike4289) is a 2011 graduate of Ohio University in Athens with a Bachelor’s in History, as well as a 2014 graduate of the University of Georgia with a Master’s in International Policy. In his free time he enjoys writing, reading, and outdoor activites, particularly basketball. Contact Michael at staff@LawStreetMedia.com.

The post Hacking: The New Kind of Warfare appeared first on Law Street.