nsa – Page 9 – SSL and internet security news

NSA Insider Security Post-Snowden

June 22, 2017 infossl

edwardsnowden, foia, insiders, leaks, nsa, Security technology

According to a recently declassified report obtained under FOIA, the NSA’s attempts to protect itself against insider attacks aren’t going very well: The N.S.A. failed to consistently lock racks of servers storing highly classified data and to secure data center machine rooms, according to the report, an investigation by the Defense Department’s inspector general completed … Read More “NSA Insider Security Post-Snowden” »

NSA Links WannaCry to North Korea

June 16, 2017 infossl

hacking, northkorea, nsa, ransomware, Security technology

There’s evidence: Though the assessment is not conclusive, the preponderance of the evidence points to Pyongyang. It includes the range of computer Internet protocol addresses in China historically used by the RGB, and the assessment is consistent with intelligence gathered recently by other Western spy agencies. It states that the hackers behind WannaCry are also … Read More “NSA Links WannaCry to North Korea” »

NSA Document Outlining Russian Attempts to Hack Voter Rolls

June 9, 2017 infossl

dhs, essays, fbi, nationalsecuritypolicy, nsa, russia, Security technology, voting

This week brought new public evidence about Russian interference in the 2016 election. On Monday, the Intercept published a top-secret National Security Agency document describing Russian hacking attempts against the US election system. While the attacks seem more exploratory than operational – and there’s no evidence that they had any actual effect – they further … Read More “NSA Document Outlining Russian Attempts to Hack Voter Rolls” »

WannaCry and Vulnerabilities

June 2, 2017 infossl

essays, hacking, microsoft, nsa, patching, ransomware, russia, Security technology, vulnerabilities

There is plenty of blame to go around for the WannaCry ransomware that spread throughout the Internet earlier this month, disrupting work at hospitals, factories, businesses, and universities. First, there are the writers of the malicious software, which blocks victims’ access to their computers until they pay a fee. Then there are the users who … Read More “WannaCry and Vulnerabilities” »

Who Are the Shadow Brokers?

May 30, 2017 infossl

cybersecurity, cyberweapons, hacking, leaks, nsa, Security technology, vulnerabilities, whistleblowers

In 2013, a mysterious group of hackers that calls itself the Shadow Brokers stole a few disks full of NSA secrets. Since last summer, they’ve been dumping these secrets on the Internet. They have publicly embarrassed the NSA and damaged its intelligence-gathering capabilities, while at the same time have put sophisticated cyberweapons in the hands … Read More “Who Are the Shadow Brokers?” »

The Future of Ransomware

May 23, 2017 infossl

backups, extortion, internetofthings, malware, nsa, patching, ransomware, Security technology

Ransomware isn’t new, but it’s increasingly popular and profitable. The concept is simple: Your computer gets infected with a virus that encrypts your files until you pay a ransom. It’s extortion taken to its networked extreme. The criminals provide step-by-step instructions on how to pay, sometimes even offering a help line for victims unsure how … Read More “The Future of Ransomware” »

NSA Abandons “About” Searches

May 19, 2017 infossl

fisa, nationalsecuritypolicy, nsa, patriotact, privacy, searches, Security technology, surveillance

Earlier this month, the NSA said that it would no longer conduct “about” searches of bulk communications data. This was the practice of collecting the communications of Americans based on keywords and phrases in the contents of the messages, not based on who they were from or to. The NSA’s own words: After considerable evaluation … Read More “NSA Abandons “About” Searches” »

Did North Korea Write WannaCry?

May 16, 2017 infossl

malware, northkorea, nsa, ransomware, Security technology

The New York Times is reporting that evidence is pointing to North Korea as the author of the WannaCry ransomware. Note that there is no proof at this time, although it would not surprise me if the NSA knows the origins of this malware attack. Powered by WPeMatico

NSA Brute-Force Keysearch Machine

May 16, 2017 infossl

cryptanalysis, cryptography, encryption, ibm, keys, nsa, Security technology

The Intercept published a story about a dedicated NSA brute-force keysearch machine being built with the help of New York University and IBM. It’s based on a document that was accidentally shared on the Internet by NYU. The article is frustratingly short on details: The WindsorGreen documents are mostly inscrutable to anyone without a Ph.D. … Read More “NSA Brute-Force Keysearch Machine” »

Who is Publishing NSA and CIA Secrets, and Why?

May 1, 2017 infossl

attribution, cia, edwardsnowden, hacking, intelligence, leaks, nsa, Security technology, wikileaks

There’s something going on inside the intelligence communities in at least two countries, and we have no idea what it is. Consider these three data points. One: someone, probably a country’s intelligence organization, is dumping massive amounts of cyberattack tools belonging to the NSA onto the Internet. Two: someone else, or maybe the same someone, … Read More “Who is Publishing NSA and CIA Secrets, and Why?” »