Entries Tagged "press"

Page 1 of 2

ISIS Cyberattacks

Citizen Lab has a new report on a probable ISIS-launched cyberattack:

This report describes a malware attack with circumstantial links to the Islamic State in Iraq and Syria. In the interest of highlighting a developing threat, this post analyzes the attack and provides a list of Indicators of Compromise.

A Syrian citizen media group critical of Islamic State of Iraq and Syria (ISIS) was recently targeted in a customized digital attack designed to unmask their location. The Syrian group, Raqqah is being Slaughtered Silently (RSS), focuses its advocacy on documenting human rights abuses by ISIS elements occupying the city of Ar-Raqah. In response, ISIS forces in the city have reportedly targeted the group with house raids, kidnappings, and an alleged assassination. The group also faces online threats from ISIS and its supporters, including taunts that ISIS is spying on the group.

Though we are unable to conclusively attribute the attack to ISIS or its supporters, a link to ISIS is plausible. The malware used in the attack differs substantially from campaigns linked to the Syrian regime, and the attack is focused against a group that is an active target of ISIS forces.

News article.

Posted on December 18, 2014 at 10:07 AMView Comments

A Template for Reporting Government Surveillance News Stories

This is from 2006—I blogged it here—but it’s even more true today.

Under a top secret program initiated by the Bush Administration after the Sept. 11 attacks, the [name of agency (FBI, CIA, NSA, etc.)] have been gathering a vast database of [type of records] involving United States citizens.

“This program is a vital tool in the fight against terrorism,” [Bush Administration official] said. “Without it, we would be dangerously unsafe, and the terrorists would have probably killed you and every other American citizen.” The Bush Administration stated that the revelation of this program has severely compromised national security.

We’ve changed administrations—we’ve changed political parties—but nothing has changed.

Posted on November 1, 2013 at 2:26 PMView Comments

Nassim Nicholas Taleb on Risk Perception

From his Facebook page:

An illustration of how the news are largely created, bloated and magnified by journalists. I have been in Lebanon for the past 24h, and there were shells falling on a suburb of Beirut. Yet the news did not pass the local *social filter* and did [not] reach me from social sources…. The shelling is the kind of thing that is only discussed in the media because journalists can use it self-servingly to weave a web-worthy attention-grabbing narrative.

It is only through people away from the place discovering it through Google News or something even more stupid, the NYT, that I got the information; these people seemed impelled to inquire about my safety.

What kills people in Lebanon: cigarettes, sugar, coca cola and other chemical monstrosities, iatrogenics, hypochondria, overtreament (Lipitor etc.), refined wheat pita bread, fast cars, lack of exercise, angry husbands (or wives), etc., things that are not interesting enough to make it to Google News.

A Roman citizen 2000 years ago was more calibrated in his risk assessment than an internet user today….

Posted on May 28, 2013 at 12:52 PMView Comments

New York Times Hacked by China

The New York Times hack was big news last week, and I spent a lot of time doing press interviews about it. But while it is an important story—hacking a newspaper for confidential sources is fundamentally different from hacking a random network for financial gain—it’s not much different than GhostNet in 2009, Google’s Chinese hacking stories from 2010 and 2011, or others.

Why all the press, then? Turns out that if you hack a major newspaper, one of the side effects is a 2,400-word newspaper story about the event.

It’s a good story, and I recommend that people read it. The newspaper learned of the attack early on, and had a reporter embedded in the team as they spent months watching the hackers and clearing them out. So there’s a lot more detail than you usually get. But otherwise, this seems like just another of the many cyberattacks from China. (It seems that the Wall Street Journal was also hacked, but they didn’t write about it. This tells me that, with high probability, other high-profile news organizations around the world were hacked as well.)

My favorite bit of the New York Times story is when they ding Symantec for not catching the attacks:

Over the course of three months, attackers installed 45 pieces of custom malware. The Times ­—which uses antivirus products made by Symantec ­—found only one instance in which Symantec identified an attacker’s software as malicious and quarantined it, according to Mandiant.

Symantec, of course, had to respond:

Turning on only the signature-based anti-virus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats. We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security. Anti-virus software alone is not enough.

It’s nice to have them on record as saying that.

EDITED TO ADD (2/6): This blog post on Symantec’s response is really good.

Posted on February 6, 2013 at 6:36 AMView Comments

Opinion Monitoring Software

Interesting research:

A consortium of major universities, using Homeland Security Department money, is developing software that would let the government monitor negative opinions of the United States or its leaders in newspapers and other publications overseas.

Such a “sentiment analysis” is intended to identify potential threats to the nation, security officials said.

This kind of thing could actually be a good idea. For example, it could be used to help the administration understand how we are viewed by people in other countries, and make us more responsible players on the world stage as a result.

On the other hand, this kind of thing could also be used to track critics of the U.S., and to aid in media manipulation. It is not unusual for government leaders to punish reporters who do not provide favorable coverage by excluding them from important events and key briefings, and this could facilitate that. At the very least, it would have a chilling effect on worldwide freedom of the press.

Note also that the project director says that the system would not extend to domestic news sources:

It could take several years for such a monitoring system to be in place, said Joe Kielman, coordinator of the research effort. The monitoring would not extend to United States news, Mr. Kielman said.

But a few paragraphs later:

The articles in the database include work from many American newspapers and news wire services, including The Miami Herald and The New York Times, as well as foreign sources like Agence France-Presse and The Dawn, a newspaper in Pakistan.

I have to admit I find the whole thing a bit too Orwellian for my tastes.

Posted on October 6, 2006 at 11:57 AMView Comments

More on the HP Board Spying Scandal

Two weeks ago I wrote about a spying scandal involving the HP board. There’s more:

A secret investigation of news leaks at Hewlett-Packard was more elaborate than previously reported, and almost from the start involved the illicit gathering of private phone records and direct surveillance of board members and journalists, according to people briefed on the company’s review of the operation.

Given this, I predict a real investigation into the incident:

Those briefed on the company’s review of the operation say detectives tried to plant software on at least one journalist’s computer that would enable messages to be traced, and also followed directors and possibly a journalist in an attempt to identify a leaker on the board.

I’m amazed there isn’t more outcry. Pretexting, planting Trojans…this is the sort of thing that would get a “hacker” immediately arrested. But if the chairman of the HP board does it, suddenly it’s a gray area.

EDITED TO ADD (9/20): More info.

Posted on September 18, 2006 at 2:48 PMView Comments

Press Security Concerns in Lebanon

Problems of reporting from a war zone:

Among broadcasters there is a concern about how our small convoys of cars full of equipment and personnel look from the air. There is a risk Israelis (eyes in the sky: drones, satellites) could mistake them for a Hezbollah convoy headed closer to the border and within striking distance of Israel. So simply being on the road with several vehicles is a risk.

Plus, when we fire up our broadcast signals it is unclear what we look like to Israeli military monitoring stations. If there are a number of broadcasters firing up signals from the same remote place, the hope is that the Israelis would identify it as media signals, and not Hezbollah rocket electronics, and thus avoid being a target.

Posted on July 26, 2006 at 5:56 AM

Writing about IEDs

Really good article by a reporter who has been covering improvised explosive devices in Iraq:

Last summer, a U.S. Colonel in Baghdad told me that I was America’s enemy, or very close to it. For months, I had been covering the U.S. military’s efforts to deal with the threat of IEDs, improvised explosive devices. And my writing, he told me, was going too far—especially this January 2005 Wired News story, in which I described some of the Pentagon’s more exotic attempts to counter these bombs.

None of the material in the story—the stuff about microwave blasters or radio frequency jammers—was classified, he admitted. Most of it had been taken from open source materials. And many of the systems were years and years from being fielded. But by bundling it all together, I was doing a “world class job of doing the enemy’s research for him, for free.” So watch your step, he said, as I went back to my ride-alongs with the Baghdad Bomb Squad—the American soldiers defusing IEDs in the area.

Today, I hear that the President and the Pentagon’s higher-ups are trotting out the same argument. “News coverage of this topic has provided a rich source of information for the enemy, and we inadvertently contribute to our enemies’ collection efforts through our responses to media interest,” states a draft Defense Department memo, obtained by Inside Defense. “Individual pieces of information, though possibly insignificant taken alone, when aggregated provide robust information about our capabilities and weaknesses.”

In other words, Al Qaeda hasn’t discovered how to Google, yet. Don’t help ’em out.

Posted on March 20, 2006 at 11:53 AMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.