L’Agence nationale de sécurité américaine (NSA) tente de tracer la carte du trafic des communications de plusieurs entreprises mondiales, dont le géant des télécommunications canadien Rogers et la Banque Royale du Canada (RBC), selon un document secret, a rapporté le Globe and Mail mardi.
…
«C’est une préparation du champ de bataille, afin de pouvoir l’investir plus tard, croit Christopher Parsons, un chercheur de l’université de Toronto interrogé par le quotidien. Il s’agit d’observer l’entrée et la sortie des communications d’un réseau et de dire “Okay, voici les endroits où nous devons entrer.”»
Rogers et RBC disent n’avoir aucune raison de croire que leurs systèmes informatiques ou données de clients ont été compromises. «Si une telle surveillance a réellement lieu, nous trouverions cela très troublant», a néamoins affirmé Patricia Trott, porte-parole pour Rogers.
La NSA espionnerait les communications de Rogers et RBC
Tag: SIGINT
NSA trying to map Rogers, RBC communications traffic, leak shows :
The U.S. National Security Agency has been trying to map the communications traffic of corporations around the world, and a classified document reveals that at least two of Canada’s largest companies are included.
…
Christopher Parsons, a researcher at the University of Toronto’s Citizen Lab, who reviewed the leaked document with The Globe, said the activity described could help determine useful access points in the future: “This is preparing the battlefield so it could later be used.
“This is … watching communications come in and out of a network and saying, ‘Okay, these are the places we need to go in.’”
CSE monitors your emails to the government: What you need to know:
CSE declined to give CBC more specific information about the amount of email and metadata collected and when it is deleted. The agency told CBC such information “could assist those who want to conduct malicious cyberactivity against government networks.”
“The key issue is understanding how CSE retains data. Is it the case that when I email my MP they store it for one to four months? Or if it passes the buffer it’s deleted in days,” Chris Parsons, a cyber security expert at Citizen Lab who viewed the document for CBC, told Global News.
Another concern Parsons raised is what happens to law abiding citizens who happen to have malware on their computers. If they email their MP – with no malicious intent – and unintentionally pass along a virus, what happens to their information?
“How is that information treated? Are you treated like someone with a random virus, or are you classified as something?” Parsons asked.
Le Canada scrute environ 400 000 courriels des Canadiens chaque jour:
Chris Parsons, un expert de la sécurité sur Internet basé à Toronto affirme qu’il y a des raisons légitimes pour l’Agence de surveiller les communications des Canadiens avec leur gouvernement.
« Mais vous devriez être en mesure de communiquer avec votre gouvernement sans la crainte que ce que vous dites… pourrait revenir vous hanter de manière inattendue », dit Parsons.
« Lorsque nous recueillons des volumes énormes d’information, ce n’est pas seulement utilisé pour suivre les méchants. Cela se retrouve dans des banques de données pendant des années ou des mois à la fois et cela peut être utilisé à n’importe quel moment dans l’avenir « .
Canadian Spies Collect Domestic Emails in Secret Security Sweep:
Chris Parsons, an internet security expert with the Toronto-based internet think tank Citizen Lab, told CBC News that “you should be able to communicate with your government without the fear that what you say … could come back to haunt you in unexpected ways.”
Parsons said that there are legitimate cybersecurity purposes for the agency to keep tabs on communications with the government, but he added: “When we collect huge volumes, it’s not just used to track bad guys. It goes into data stores for years or months at a time and then it can be used at any point in the future.”
In a top-secret CSE document on the security operation, dated from 2010, the agency says it “processes 400,000 emails per day” and admits that it is suffering from “information overload” because it is scooping up “too much data.”
First time (I think…) that I’ve been quoted in The Intercept.
CSE monitors millions of Canadian emails to government:
The program to protect government servers from hackers, criminals and enemy states is raising questions about the breadth of the collection, the length of retention and how the information could be shared with police and spy partners in other countries.
Chris Parsons, an internet security expert who viewed the document, said there are legitimate purposes for the agency to monitor your communications with the government.
“But you should be able to communicate with your government without the fear that what you say … could come back to haunt you in unexpected ways,” says Parsons, a postdoctoral fellow at Citizen Lab, a unit at the University of Toronto’s Munk School of Global Affairs.
“When we collect huge volumes, it’s not just used to track bad guys. It goes into data stores for years or months at a time and then it can be used at any point in the future.”
‘Breakthrough’ NSA spyware shows deep grasp of makers’ hard drives:
The espionage program appears to be fairly targeted, said Chris Parsons, an expert on state surveillance tools with the University of Toronto’s Citizen Lab.“This is what we can count,” a Kaserpsky spokesperson said. “Because of [the] self-destroying function of the malware, the number [of victims] could be much higher.”
“Realistically, that’s a comparatively small number when you look at the global population of computers that are sold,” Parsons said.
Canada was not identified as one of the nations that has been targeted by the tampered hard drives.
What is firmware?
Firmware is software that enables a computer to perform its basic functions, Parsons explained.
“It’s essentially the operating code that runs the devices in your computer,” he said. “Think of it as the base code that’s used to run the hardware. Once the firmware is running … all the pieces of your computer get activated and are able to function.”
…
Kaspersky’s analysis suggests the spyware could work on popular hard drives manufactured by Western Digital, Seagate Technology, Toshiba, IBM, Micron Technology and Samsung.
“The value of getting in before everything else loads is you can influence what loads, how it loads, when it loads, and the value is much higher than if you waited until the operating system booted up,” Parsons said.
That’s because most anti-virus programs tend to be designed to take action following the loading of firmware. This particular program, however, would be “masked” in the firmware.
Which users might be affected by this?
Parsons points out that so far all the malware collected has been designed to work with Microsoft Windows.
One of the characteristics of this malware was to modify the sensor instructions to make the changes to the firmware “almost impossible to detect,” Parsons explained.
“So by the time you go to boot into Windows, it’s already compromised, and this has been hidden for at least eight to 14 years,” he said.
…
Parsons anticipates hackers will be emboldened by the report’s findings.
“By now knowing the kinds of attacks possible, you can be certain that other actors will now try to emulate and copy what we’ve seen here,” he said. “The risk of copycats is now much more likely.”
How Canadian Spies Infiltrated the Internet’s Core to Watch What You Do Online:
While the locations of EONBLUE sites are not disclosed in the documents, one slide makes reference to the internet’s “core” and describes EONBLUE’s ability to “scale to backbone internet speeds”—implying possible access to telecom operators, data centers, undersea cables and other infrastructure providers worldwide.
Such access would mean that much, if not all of the data, travelling through a location tapped by CSE could be subject to surveillance. Though the agency maintains it cannot legally track Canadians at home or abroad it is hard to fathom how such data could be exempt.
As of November 2010, when the document was dated, EONBLUE had already been under development for ove> r eight years. However, it isn’t clear from the slides for how long EONBLUE has been used, or whether it is still in use today.
“We haven’t seen very much to date that hasn’t been suspected or known about, but it’s the scale and breadth of this activity that is so staggering on a daily basis,” said Christopher Parsons, a postdoctoral fellow at the Citizen Lab, an interdisciplinary research group that studies global surveillance issues at the University of Toronto’s Munk School of Global Affairs.
“It’s designed for mass tracking, mass surveillance, on a global level,” Parsons said.
Canadian military wants to be ‘main player’ in global intelligence, document shows:
In a written statement, Sullivan said CJOC Intelligence can contribute to domestic operations when a formal request is made through the Department of National Defence.
CJOC was involved in the security operations during the G8 and G20 meeting of world leaders in Huntsville and Toronto in 2010, during the Vancouver Olympics, as well as natural disaster assistance, Sullivan said.
Christopher Parsons, an intelligence and security researcher with Citizen Lab in Toronto, said the planned structure seemed similar to the integrated intelligence operations in Afghanistan. Under the plan, CJOC could function as a “clearing house” for defence intelligence, Parsons said.
“(The plan looked) to be building the infrastructure so it can be used in peace time and in active combat environments, and everything in between,” Parsons said in an interview.
Snowden documents reveal that CSE has been surveilling global filesharing: Canada included. Christopher Parsons analyzed the leaks for the CBC, and he joins Jesse to explain what “Project LEVITATION” means.
Excited Pixels 