Resources

U.S. spy agencies will share more intelligence with U.S. companies, nongovernmental organizations and academia under a new strategy released this week that acknowledges concerns over new threats, such as another pandemic and increasing cyberattacks. The National Intelligence Strategy, which sets broad goals for the sprawling U.S. intelligence community, says that spy agencies must reach beyond the traditional walls of secrecy and partner with outside groups to detect and deter supply-chain disruptions, infectious diseases and other growing transnational threats. The intelligence community “must rethink its approach to exchanging information and insights,” the strategy says.

The U.S. government in recent years has begun sharing vast amounts of cyber-threat intelligence with U.S. companies, utilities and others who are often the main targets of foreign hackers, as well as information on foreign-influence operations with social-media companies… The emphasis on greater intelligence sharing is part of a broader trend toward declassification that the Biden administration has pursued.

Some of the Federal Bureau of Investigation’s electronic surveillance activities violated the constitutional privacy rights of Americans swept up in a controversial foreign intelligence program (Warning: source paywalled; alternative source), a secretive surveillance court has ruled. The ruling deals a rare rebuke to U.S. spying activities that have generally withstood legal challenge or review. The intelligence community disclosed Tuesday that the Foreign Intelligence Surveillance Court last year found that the FBI’s pursuit of data about Americans ensnared in a warrantless internet-surveillance program intended to target foreign suspects may have violated the law authorizing the program, as well as the Constitution’s Fourth Amendment protections against unreasonable searches.

The court concluded that the FBI had been improperly searching a database of raw intelligence for information on Americans — raising concerns about oversight of the program, which as a spy program operates in near total secrecy. The court ruling identifies tens of thousands of improper searches of raw intelligence databases by the bureau in 2017 and 2018 that it deemed improper in part because they involved data related to tens of thousands of emails or telephone numbers — in one case, suggesting that the FBI was using the intelligence information to vet its personnel and cooperating sources. Federal law requires that the database only be searched by the FBI as part of seeking evidence of a crime or for foreign intelligence information. In other cases, the court ruling reveals improper use of the database by individuals. In one case, an FBI contractor ran a query of an intelligence database — searching information on himself, other FBI personnel and his relatives, the court revealed.

“The BBC is to spy on internet users in their homes by deploying a new generation of Wi-Fi detection vans to identify those illicitly watching its programmes online.

The BBC vans will fan out across the country capturing information from private Wi-Fi networks in homes to “sniff out” those who have not paid the licence fee.

The corporation has been given legal dispensation to use the new technology, which is typically only available to crime-fighting agencies, to enforce the new requirement that people watching BBC programmes via the iPlayer must have a TV licence.”

“The nation’s electronic espionage agency, the Australian Signals Directorate, is in a partnership with British, American and Singaporean intelligence agencies to tap undersea fibre optic telecommunications cables that link Asia, the Middle East and Europe and carry much of Australia’s international phone and internet traffic.

Secret information disclosed by United States intelligence whistleblower Edward Snowden has revealed that the British Government Communications Headquarters is collecting all data transmitted to and from the United Kingdom and Northern Europe via the SEA-ME-WE-3 cable that runs from Japan, via Singapore, Djibouti, Suez and the Straits of Gibraltar to Northern Germany.

Australia is connected to SEA-ME-WE-3 by a link from Singapore to Perth, and GCHQ’s bulk interception includes much of Australia’s telecommunications and internet traffic with Europe.

Australian intelligence sources have also told Fairfax Media that Singaporean intelligence co-operates with Australia in accessing and sharing communications carried by the SEA-ME-WE-3 cable which lands at Tuas on the western side of Singapore Island.

Access to this major international telecommunications channel via Singapore’s government-owned operator SingTel and the country’s Defence Ministry has been a key element in an expansion of Australian-Singaporean intelligence and defence ties over the past 15 years.

It also underpinned the former Howard government’s approval of SingTel’s takeover of Australia’s second largest telecommunications company, Optus, in 2001.

Commissioned in 2000, the 39,000 kilometre long SEA-ME-WE-3 cable is owned by an international consortium that includes British Telecom, SingTel Optus, Telstra and other telecommunications companies across Asia, the Middle East and Europe.

Telstra has an 80 per cent stake in the southern segment that covers the 5000 kilometres between Singapore and Western Australia.

The Australian Signals Directorate also accesses the SEA-ME-WE-3 cable traffic from the cable’s landing in Perth.

Australian intelligence expert and Australian National University professor Des Ball said that intelligence collection from fibre optic cables had become “extremely important” since the late 1990s because such communications channels now carry more than 95 per cent of long distance international telecommunications traffic.”

“The Australian government has been building a state-of-the art, secret data storage facility just outside Canberra to enable intelligence agencies to deal with a ‘’data deluge’’ siphoned from the internet and global telecommunications networks.

The high-security facility nearing completion at the HMAS Harman communications base will support the operations of Australia’s signals intelligence agency, the top-secret Defence Signals Directorate.

Privately labelled by one Defence official as ‘’the new black vault’’, the data centre is one of the few visible manifestations of Australia’s deep involvement in mass surveillance and intelligence collection operations such as the US National Security Agency’s PRISM program revealed last week by US intelligence leaker Edward Snowden.

Fairfax Media has confirmed Australian intelligence agencies receive what Defence intelligence officials describe as ‘’huge volumes’’ of ‘’immensely valuable’’ information derived from PRISM and other US signals intelligence collection programs.

Australian agencies assist the US to target foreign nationals and Australian citizens who are of security and intelligence interest to both countries.”

“Australia’s leading telecommunications company, Telstra, has installed highly advanced surveillance systems to “vacuum” the telephone calls, texts, social media messages and internet metadata of millions of Australians so that information can be filtered and given to intelligence and law enforcement agencies.

The Australian government’s electronic espionage agency, the Australian Signals Directorate, is using the same technology to harvest data flows carried by undersea fibre-optic cables in and out of Australia.

Confidential documents obtained by Fairfax Media reveal the secret technology used to trawl Australians’ telecommunications and internet data for analysis by ASIO, the ASD and law enforcement agencies.

All Australian telecommunications and internet service providers by law must maintain interception and data-collection capabilities for government.

The leaked documents reveal that a little-known Melbourne-based company is a key provider of the secret monitoring technology.

Newgen Systems, owned and managed by local telecommunications engineer Robert Perin, is the sole Australian supplier for Gigamon, a large Silicon Valley-based information technology firm that specialises in what it terms “network traffic visibility solutions’’.

Gigamon’s hardware enables telecommunications and IT network administrators to track, inspect and analyse all data flows undetected without affecting the performance of networks.

A key application of the technology is interception of telecommunications and internet data.”

“In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.

When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or “tips” to TURBINE, enabling the initiation of a malware attack.

The NSA identifies surveillance targets based on a series of data “selectors” as they flow across Internet cables. These selectors, according to internal documents, can include email addresses, IP addresses, or the unique “cookies” containing a username or other identifying information that are sent to a user’s computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter.

Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.

What’s more, the TURBINE system operates with the knowledge and support of other governments, some of which have participated in the malware attacks.

Classification markings on the Snowden documents indicate that NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance – the United Kingdom, Canada, New Zealand, and Australia.”