Shhhcretly Exclusive: Edward Snowden’s Warning Cry

Shhhcretly is pleased to have the exclusive rights to release the English version of this coverage on Edward Snowden.

This original article was first published 1 December 2018 in German in the Austrian newspaper Der Standard, which reserves the publishing rights.

Shhhcretly would like to thank Der Standard and Steffen Arora for their kind permission to share the translated piece exclusively on this blog.

(Above) Photo credit: Lindsay Mills 2018.

 

Edward Snowden’s warning cry
By Steffen Arora
Der Standard, 1st December 2018

Former CIA contractor Edward Snowden’s revelations shone a light on the western world’s surveillance practices. But he, and those who helped him, are paying a high price. He talks to Der Standard about the need to fight on.

“This is retaliation.” In an interview with Der Standard, Edward Snowden spoke in no uncertain terms about the authorities’ treatment of the people who saved his life. In June 2013, the former US intelligence services contractor became a hounded whistleblower after he exposed the extent to which the US and its allies carry out global surveillance of the internet and digital communications, regardless of suspicious activity. He made these revelations from Hong Kong, never expecting that the moment they were published, he would become the world’s most wanted man.

It was the same moment that Robert Tibbo’s telephone rang. The Canadian had made a name for himself in the city as a dedicated human rights lawyer. He fought for the rights of asylum seekers living a pariah existence in Hong Kong – with next to no chance of their status being recognized and leading a decent life there. Tibbo saw Snowden as another refugee who needed help. To hide him from his pursuers, Tibbo found shelter for Snowden with some of his other clients; asylum seekers from Sri Lanka and the Philippines.

“They were warm, welcoming and kind. When I had fallen to the bottom of the world, they helped me up without giving a damn about who I was,” Snowden says. In the current political climate, loaded with the fear of outsiders, Snowden holds the refugees’ actions in even higher regard. “Their example, their humanity, it gave me a reason to keep fighting.”

Refugees and their lawyer under pressure

Not only Snowden, but also those who helped him, are now paying a high price for their actions. The US continues to accuse Snowden of spying and demand his extradition – and President Donald Trump would like to see him executed. Meanwhile, the seven refugees and their lawyer Mr. Tibbo are under pressure from the Hong Kong authorities.

In 2018, it is no longer an exception that human rights lawyers like Tibbo become the object of persecution themselves, says Manfred Nowak, Austrian human rights lawyer and former United Nations Special Rapporteur on Torture. Not only lawyers, but also journalists and activists from NGOs are being increasingly targeted, he says, even murdered, as records such as Russia’s show. “Human rights have not been in a crisis like this since the end of the Second World War,” Nowak says.

For Snowden’s helpers, the situation has deteriorated to the extent that this week, Tibbo turned for help to a selection of media outlets including the New York Times, Paris Match and Der Standard. He himself was forced to leave Hong Kong under diplomatic protection. He had to leave the seven refugees behind.

Effectively in exile, he continues working for his clients, who are living in constant fear of deportation. No country wants to take them in. Even Canada, which showed willingness to do so back in 2016, appears to have retreated in the face of pressure from abroad.

“Death by delay” is how lawyers such as Pascal Paradis from the NGO Lawyers Without Borders, which has been working on the case, describes this process. Snowden himself, fleeing US authorities, was left stranded in Moscow. Since then he has faced accusations that he is a Russian spy.

In fact he was aiming for Latin America, he says. “The Department of State failed to cancel my passport in time to keep me from leaving Hong Kong. But once they realized I was in the air en route to Latin America, they made public announcements to put every government around the world on notice that they intended to block my freedom of movement.”

No asylum in Austria

When he landed in Moscow for a stopover, he was stuck and could not travel further. All of his asylum applications in Europe were rejected, including by Austria. “This more than anything else is what prevents me from leaving Russia,” Snowden says in response to his critics. “If major powers of Europe can be induced by this or that secret promise to be violators of the asylum right rather than its guarantor, you can’t help but question the whole system. If you can’t count on a right now, can you count on a law?”

Manfred Nowak also sees this danger. “Democracy as a form of government is increasingly coming under pressure, as we can see in the US, Great Britain, Hungary, Poland or Italy. These countries are governed by populists, who came to power through democratic channels, but are now attacking democracy.” Nowak sees Brazil’s new president, Jair Bolsonaro, as a particularly stark example of a fascist being voted in to lead a democracy.

Nowak stresses the importance of learning from history: Free elections have destroyed democracies time and time again. “Strident democracies” urgently need to defend themselves against “pseudo- democracies,” he says, pointing to leaders such as Trump, Viktor Orban and Bolsonaro.

The western world is currently experiencing a backlash, meaning human rights defenders must go on the offensive, Nowak says. “Everyone must do their bit,” he warns emphatically. “Otherwise it could be too late.”

Nowak sees this backlash in Austria too, where the center-right and far-right are governing in coalition. “Measures are being taken which are being seen, and therefore criticized, as restrictions on the constitutional state, democracy and human rights.”

“There’s a machine behind it”

Snowden sees the refugees’ treatment and his own as telling. “You can’t look at something like this without getting a sense that the mask has dropped, and behind all the pretense of civility and process we like to believe governs our little day to day, there’s a machine behind it that would burn everything we love to the ground without a tear if it meant making a problem go away.”

Snowden is convinced it’s no coincidence that those who helped him are now being targeted. “They’re worried about the example of these families, the symbol their moral choice represents. Anybody can look at this situation and see at a glance who is right and who is wrong.”

But if the “big governments” manage to rewrite this story with an unhappy ending for those involved, they will also succeed in changing the positive message of his work with a single blow, Snowden warns. He says he does not know how far state institutions would go to achieve this, “but they’ve already gone too far.”

Human rights lawyer Nowak has first-hand experience of the conditions in Hong Kong, where the seven migrants are currently stuck. He trained lawyers there; Tibbo was one of his students.

Nowak says he knew the Hong Kong Bar Association, which is putting the Canadian lawyer under pressure and sabotaging his mandate for the refugees, as an “independent institution.” He can only assume the bar’s current treatment of Tibbo is a result of “enormous pressure from outside.”

Snowden has called on his supporters not to give up on the fight for a free world. And above all the fight for those who helped him. “Take a look at the world. Before long, we’ll all feel like refugees.”

NOTE: Documents evidencing the Hong Kong Bar Association egregious treatment of Mr Tibbo can be found in the Der Standard article as embedded PDFs: https://www.derstandard.at/story/2000092725390/pressure-mounts-on-edward-snowdens-lawyer-robert-tibbo?ref=article

Shhh… Hackers Target Database of Chinese with Ties to US Government

Check out the NYT article below.

Hackers May Have Obtained Names of Chinese With Ties to U.S. Government

By DAVID E. SANGER and JULIE HIRSCHFELD DAVISJUNE 10, 2015

WASHINGTON — Investigators say that the Chinese hackers who attacked the databases of the Office of Personnel Management may have obtained the names of Chinese relatives, friends and frequent associates of American diplomats and other government officials, information that Beijing could use for blackmail or retaliation.

Federal employees who handle national security information are required to list some or all of their foreign contacts, depending on the agency, to receive high-level clearances. Investigators say that the hackers obtained many of the lists, and they are trying to determine how many of those thousands of names were compromised.

In classified briefings to members of Congress in recent days, intelligence officials have described what appears to be a systematic Chinese effort to build databases that explain the inner workings of the United States government. The information includes friends and relatives, around the world, of diplomats, of White House officials and of officials from government agencies, like nuclear experts and trade negotiators.

“They are pumping this through their databases just as the N.S.A. pumps telephone data through their databases,” said James Lewis, a cyberexpert at the Center for Strategic and International Studies. “It gives the Chinese the ability to exploit who is listed as a foreign contact. And if you are a Chinese person who didn’t report your contacts or relationships with an American, you may have a problem.”

Officials have conceded in the briefings that most of the compromised data was not encrypted, though they have argued that the attacks were so sophisticated and well hidden that encryption might have done little good.

The first attack, which began at the end of 2013 and was disclosed in the middle of last year, was aimed at the databases used by investigators who conduct security reviews. The investigators worked for a contracting firm on behalf of the Office of Personnel Management, and the firm was fired in August.

The broader attack on the personnel office’s main databases followed in December. That attack, announced last week, involved the records of more than four million current and former federal employees, most of whom have no security clearances.

White House and personnel office officials have provided few details about the latest breach. But the Department of Homeland Security has been telling outside experts and members of Congress that it regards the detection of the attack as a success, because it made use of new “signatures” of foreign hackers, based on characteristics of computer code, to find the attack.

In a statement, the personnel office said Wednesday that “it was because of these new enhancements to our IT systems that O.P.M. was able to identify these intrusions.” But the detection happened in April, five months after the attack began.

The list of relatives and “close or continuous contacts” is a standard part of the forms and interviews required of American officials every five years for top-secret and other high-level clearances, and government officials consider the lists to be especially delicate.

In 2010, when The New York Times was preparing to publish articles based on 250,000 secret State Department cables obtained by WikiLeaks, the newspaper complied with a request by the department to redact the names of any Chinese citizens who were described in the cables as providing information to American Embassy officials. Officials cited fear of retaliation by the Chinese authorities.

Officials say they do not know how much of the compromised data was exposed to the Chinese hackers. While State Department employees, especially new ones, are required to list all their foreign friends, diplomats have so many foreign contacts that they are not expected to list them all.

But other government officials are frequently asked to do so, especially in interviews with investigators. The notes from those interviews, conducted by a spinoff of the personnel office called the United States Investigative Service, were obtained by hackers in the earlier episode last year.

Intelligence agencies use a different system, so the contacts of operatives like those in the C.I.A. were not in the databases.

But the standard form that anyone with a national security job fills out includes information about spouses, divorces and even distant foreign relatives, as well as the names of current or past foreign girlfriends and boyfriends, bankruptcies, debts and other financial information. And it appears that the hackers reached, and presumably downloaded, images of those forms.

“I can’t say whether this was more damaging than WikiLeaks; it’s different in nature,” said Representative Adam B. Schiff, a California Democrat who is a member of the House Intelligence Committee, which was briefed by intelligence officials, the Department of Homeland Security and the personnel office on Tuesday. Mr. Schiff, who declined to speak about the specifics of the briefing, added, “But it is certainly one of the most damaging losses I can think of.”

Investigators were surprised to find that the personnel office, which had already been so heavily criticized for lax security that its inspector general wanted parts of the system shut down, did not encrypt any of the most sensitive data.

The damage was not limited to information about China, though that presumably would have been of most interest to the hackers. They are likely to be particularly interested in the contacts of Energy Department officials who work on nuclear weapons or nuclear intelligence, Commerce Department or trade officials working on delicate issues like the negotiations over the Trans-Pacific Partnership, and, of course, White House officials.

In a conference call with reporters on Wednesday, Senator Angus King, an independent from Maine on both the Intelligence Committee and the Armed Services Committee, called for the United States to retaliate for these kinds of losses. “Nation-states need to know that if they attack us this way, something bad is going to happen to their cyberinfrastructure,” he said.

But Mr. King said he could not say if the attacks on the personnel office were state-sponsored, adding, “I have to be careful; I can’t confirm the identity of the entity behind the attack.” The Obama administration has not formally named China, but there has been no effort to hide the attribution in the classified hearings.

The scope of the breach is remarkable, experts say, because the personnel office apparently learned little from earlier government data breaches like the WikiLeaks case and the surveillance revelations by Edward J. Snowden, both of which involved unencrypted data.

President Obama has said he regards the threat of cyberintrusions as a persistent challenge in a world in which both state and nonstate actors “are sending everything they’ve got at trying to breach these systems.”

The problem “is going to accelerate, and that means that we have to be as nimble, as aggressive and as well resourced as those who are trying to break into these systems,” he said at a news conference this week.

The White House has stopped short of blaming Katherine Archuleta, the director of the personnel office, for the breach, emphasizing that securing government computer systems is a challenging task.

Correction: June 10, 2015

An earlier version of a photo caption with this article misstated the name of the federal office building where employees handle national security information are required to list their foreign contacts. It is the Office of Personnel Management building, not Office of Personal Management.

Matt Apuzzo contributed reporting.

Shhh… Jack Barsky – The Spy Among US

(Above) Photo credit: CBS 60 Minutes

http://www.cbsnews.com/common/video/cbsnews_video.swf

http://www.cbsnews.com/common/video/cbsnews_video.swf

http://www.cbsnews.com/common/video/cbsnews_video.swf

http://www.cbsnews.com/common/video/cbsnews_video.swf

Shhh… NSA Too Late With "Snowden-Proof" Cloud Storage

Or better late than never? Check out the article below:

Too little too late? NSA starting to implement ‘Snowden-proof’ cloud storage

Published time: April 14, 2015 10:28
Edited time: April 14, 2015 18:04

The NSA is implementing a huge migration to custom-designed cloud architecture it says will revolutionize internal security and protect against further leaks by data analysts with unfettered access to classified information.

Put simply, the NSA hopes to keep future Edward Snowdens out by employing a cloud file storage system it built from scratch. A major part of the system is that all the data an analyst will have access to will be tagged with new bits of information, including that relating to who can see it. Data won’t even show up on an analyst’s screen if they aren’t authorized to access it, NSA Chief Information Officer Lonny Anderson told NextGov.

The process has been slowly taking place over the last two years following the Snowden leaks. This means any information stored after the fact now comes meta-tagged with the new security privileges, among other things.

The agency has Snowden to thank for expediting a process that was actually started in the aftermath of the September 11 attacks in 2001. The idea for storing all information on cloud servers had been in the making, but hadn’t come to fruition until it was too late.

Now it’s moving at an expanded pace to implement something called GovCloud, which is a scaled version of the NSA’s entire universe of mined data. It is set to become pre-installed on the computers of all 16 US intelligence agencies, a move that started with the NSA.

At first glance, the idea appears counter-intuitive. Edward Snowden pretty much used the fact that all the information was in one place to find what he needed and access it.

However, as Anderson explains, “While putting data to the cloud environment potentially gives insiders the opportunity to steal more, by focusing on securing data down at cell level and tagging all the data and the individual, we can actually see what data an individual accesses, what they do with it, and we can see that in real time.”

The agency’s cloud strategist Dave Hurry explained the strategy further: “We don’t let people just see everything; they’re only seeing the data they are authorized to see.”

And if a situation arises where an employee needs access to information that’s off-limits, the program tells them who to ask to get it sorted out.

A further advantage to this is accelerating the analysis of the log data generated when an analyst wants to access particular information. Edward Snowden’s computer history, for some reason, did not set off any alarms until it was too late. That’s because the security logs had to be manually reviewed at a later time, NSA officials told NextGov.

They say this could have been averted with GovCloud, which would immediately raise a red flag if an analyst attempted to “exceed limits of authority.” The agency would have the former analyst in handcuffs before he managed to pack his bags for the airport.

GovCloud isn’t marketing itself as just a security feature that rescues the intelligence agencies from outdated practices and hardware. It is also touted as the answer to privacy advocates, who had a field day with the NSA when it turned out it was indiscriminately mining citizens’ communications.

“We think from a compliance standpoint, moving from a whole mess of stovepipes into a central cloud that has a lot more functionality gives us more capability,” Tom Ardisana, technology directorate compliance officer at NSA, said.

It’s not clear whether the general public will know if the NSA is ‘complying’, but its officials claim that GovCloud is a step in the right direction. Outdated hardware and an over-reliance on data centers built before the shifts in privacy and security policies meant the process of compliance had to be manual and tedious.

“Whenever you bolt on compliance to address a particular issue, there is always a second- and third-order effect for doing that,” Anderson continued. “It’s an extremely manual process. There is risk built in all over that we try to address. The cloud architecture allows us to build those issues in right from the start and in automated fashion address them,” he explained.

In broader terms, the new trend toward automation will also ensure analysts can drastically cut the time they spend on doing a whole plethora of tasks like cross-checking information between databases manually.

“It’s a huge step forward,” Anderson believes, adding how entire agencies – starting with the NSA and the Defense Department – were being transitioned into the new operating environment starting three weeks ago, meaning all their work tools and applications will now also have to be accessed from there.

Other agencies will follow, but for now it’s all about trial periods and seeing how smoothly the system works.

The agency hopes the move toward cloud computing will herald the end of data centers, although whether the system is hacker-proof remains to be seen.

Shhh… Turning the White House into a Russian House?

Photo (above) credit: http://www.freakingnews.com

Here’s a breaking news (below) from the CNN:

WhiteHouse-Russian

How the U.S. thinks Russians hacked the White House

By Evan Perez and Shimon Prokupecz, CNN
Updated 0037 GMT (0737 HKT) April 8, 2015

Washington (CNN)Russian hackers behind the damaging cyber intrusion of the State Department in recent months used that perch to penetrate sensitive parts of the White House computer system, according to U.S. officials briefed on the investigation.

While the White House has said the breach only affected an unclassified system, that description belies the seriousness of the intrusion. The hackers had access to sensitive information such as real-time non-public details of the president’s schedule. While such information is not classified, it is still highly sensitive and prized by foreign intelligence agencies, U.S. officials say.

The White House in October said it noticed suspicious activity in the unclassified network that serves the executive office of the president. The system has been shut down periodically to allow for security upgrades.

The FBI, Secret Service and U.S. intelligence agencies are all involved in investigating the breach, which they consider among the most sophisticated attacks ever launched against U.S. government systems. ​The intrusion was routed through computers around the world, as hackers often do to hide their tracks, but investigators found tell-tale codes and other markers that they believe point to hackers working for the Russian government.

National Security Council spokesman Mark Stroh didn’t confirm the Russian hack, but he did say that “any such activity is something we take very seriously.”

“In this case, as we made clear at the time, we took immediate measures to evaluate and mitigate the activity,” he said. “As has been our position, we are not going to comment on [this] article’s attribution to specific actors.”

Neither the U.S. State Department nor the Russian Embassy immediately responded to a request for comment.

Ben Rhodes, President Barack Obama’s deputy national security adviser, said the White House’s use of a separate system for classified information protected sensitive national security-related items from being obtained by hackers.

“We do not believe that our classified systems were compromised,” Rhodes told CNN’s Wolf Blitzer on Tuesday.

“We’re constantly updating our security measures on our unclassified system, but we’re frankly told to act as if we need not put information that’s sensitive on that system,” he said. “In other words, if you’re going to do something classified, you have to do it on one email system, one phone system. Frankly, you have to act as if information could be compromised if it’s not on the classified system.”

To get to the White House, the hackers first broke into the State Department, investigators believe.

The State Department computer system has been bedeviled by signs that despite efforts to lock them out, the Russian hackers have been able to reenter the system. One official says the Russian hackers have “owned” the State Department system for months and it is not clear the hackers have been fully eradicated from the system.

As in many hacks, investigators believe the White House intrusion began with a phishing email that was launched using a State Department email account that the hackers had taken over, according to the U.S. officials.

Director of National Intelligence James Clapper, in a speech at an FBI cyberconference in January, warned government officials and private businesses to teach employees what “spear phishing” looks like.

“So many times, the Chinese and others get access to our systems just by pretending to be someone else and then asking for access, and someone gives it to them,” Clapper said.

The ferocity of the Russian intrusions in recent months caught U.S. officials by surprise, leading to a reassessment of the cybersecurity threat as the U.S. and Russia increasingly confront each other over issues ranging from the Russian aggression in Ukraine to the U.S. military operations in Syria.

The attacks on the State and White House systems is one reason why Clapper told a Senate hearing in February that the “Russian cyberthreat is more severe than we have previously assessed.”

The revelations about the State Department hacks also come amid controversy over former Secretary of State Hillary Clinton’s use of a private email server to conduct government business during her time in office. Critics say her private server likely was even less safe than the State system. The Russian breach is believed to have come after Clinton departed State.

But hackers have long made Clinton and her associates targets.

The website The Smoking Gun first reported in 2013 that a hacker known as Guccifer had broken into the AOL email of Sidney Blumenthal, a friend and advisor to the Clintons, and published emails Blumenthal sent to Hillary Clinton’s private account. The emails included sensitive memos on foreign policy issues and were the first public revelation of the existence of Hillary Clinton’s private email address​ now at the center of controversy: hdr22@clintonemail.com. The address is no longer in use.

Wesley Bruer contributed to this report

How to Cope With File-Encrypting Ransomware Risks (After US Offer $3mn Award for GameOver Zeus creator Evgeniy Bogachev)?

It could be game over for Russian hacker Evgeniy Bogachev as the US State Department and FBI have issued a “Wanted” poster with a US$3 million reward for information leading to his arrest, the highest price the US authorities had ever placed on a head in a cyber case.

Wanted-Evgeniy Bogachev2

Bogachev, apparently still in Russia, was charged by the US for running a computer attack called GameOver Zeus that has allegedly amassed in excess of US$100 million from online bank accounts of businesses and consumers in the US and around the world.

However, despite the taking down of the GameOver botnet and the demise of CryptoLocker, it’s not all over as new variants of file-encrypting ransomware still exist. The following screen is what you don’t want to see on your computer monitor.

CryptoDefense

Check out this nice article about how to protect yourself from ransomware with the Sophos Virus Removal Tool.

I have an easier, effective and unorthodox solution, which I have mentioned in public lectures and previous columns.: changing your cyber lifestyle by having “naked” computers, i.e. not storing a single file in the computer hard disks, apart from the operating system and software program files.

In essence, I store all my files on an external encrypted hard disk and use either the 1 laptop or 2 laptops approach – with the former you alternate between online and offline depending on when you connect the external disk to the laptop and with the latter, you attach the external disk to a laptop that is offline (you can go one step further with the Snowden approach by using an “air gapped” computer, as he has recommended to Glenn Greenwald) and work online only with the other computer. The latter would come handy when on the road (even with the extra weight) as there are always risks with public (which one should always avoid) and hotel internet connections, spying walls, etc.