Mediaboss Marketing

"I would say that it has had a material impact in our ability to generate insights as to what counterterrorism, what terrorist groups around the world are doing," Adm. Michael Rogers told a group gathered in Washington for a cybersecurity summit hosted by the New America think tank.

READ: Jeb Bush defends NSA dragnet

"Do you have new blind spots that you didn't have prior to the revelation," moderator and CNN National Security correspondent Jim Sciutto asked.

"Have I lost capability that we had prior to the revelations? Yes," Rogers responded. "Anyone who thinks this has not had an impact I would say doesn't know what they're talking about."

Snowden himself remains free in Russia. A film about him won an Academy Award on Sunday evening.

Rogers says he knew U.S. infrastructure would likely come under cyber-attack on his watch, but the target of Sony Pictures was a surprise.

"I fully expected, sadly in some ways, that in my time as the commander of United States Cyber Command the Department of Defense would be tasked with attempting to defend the nation against those kind of attacks," he said. "I didn't realize that it would be against a motion picture company, to be honest."

North Korea is widely believed to be behind the hack in response to Sony's production of the film "The Interview," which depicts a comedic plot to kill leader Kim Jong-un

Rogers declined to respond to a question if the United States was behind a retaliatory online attack that took down North Korea's Internet access.

When asked which nations had the ability to strike U.S. cyber interests Rogers declined to provide assessments of most countries.

See the article here:
NSA: Snowden leaks hurt us

The U.S. should be able to craft a legal framework to let government agencies read encrypted data, Rogers says

It probably comes as no surprise that the director of the U.S. National Security Agency wants access to encrypted data on computers and other devices.

The U.S. should be able to craft a policy that allows the NSA and law enforcement agencies to read encrypted data when they need to, NSA director Michael Rogers said during an appearance at a cybersecurity policy event Monday.

Asked if the U.S. government should have backdoors to encrypted devices, Rogers said the U.S. government needs to develop a "framework."

"You don't want the FBI and you don't want the NSA unilaterally deciding, 'So, what are we going to access and what are we not going to access?'" Rogers said during his appearance at the New America Foundation. "That shouldn't be for us. I just believe that this is achievable. We'll have to work our way through it."

Justsecurity.org has a transcript of an exchange between Rogers and Yahoo CISO Alex Stamos at Monday's event.

Rogers isn't the first member of President Barack Obama's administration to call for encryption workarounds in recent months. In September, after Apple and Google announced encryption features on their smartphone OSes, both FBI Director James Comey and Attorney General Eric Holder raised concerns that additional encryption tools would hinder law enforcement investigations.

Stamos questioned whether it is a good idea to build backdoors in encryption. "If we're going to build defects/backdoors or golden master keys for the U.S. government, do you believe we should do so .... for the Chinese government, the Russian government, the Saudi Arabian government, the Israeli government, the French government?" he said, according to the Justsecurity transcript.

Rogers objected to using the word "backdoor". "When I hear the phrase 'backdoor', I think, 'Well, this is kind of shady. Why would you want to go in the backdoor? It would be very public,'" he said. "Again, my view is: We can create a legal framework for how we do this. It isn't something we have to hide, per se."

An NSA spokeswoman wasn't immediately available for further comment.

View original post here:
NSA director wants gov't access to encrypted communications

In one of the most public confrontations of a top U.S. intelligence official by Silicon Valley in recent years, a senior Yahoo Inc. official peppered the National Security Agency director, Adm. Mike Rogers, at a conference on Monday over digital spying.

The exchange came during a question and answer session at a daylong summit on cybersecurity hosted by the think tank New America. Mr. Rogers spent an hour at the conference answering a range of questions about his agencys practices and the global cyber threat.

The tense exchange began when Alex Stamos, Yahoos chief information-security officer, asked Mr. Rogers if Yahoo should acquiesce to requests from Saudi Arabia, China, Russia, France and other countries to build a backdoor in some of their systems that would allow the countries to spy on certain users.

It sounds like you agree with [Federal Bureau of Investigation Director James] Comey that we should be building defects into the encryption in our products so that the US government can decrypt, Mr. Stamos said, according to a transcript of the exchange compiled by the Just Security blog.

That would be your characterization, Mr. Rogers said, cutting the Yahoo executive off.

Mr. Stamos was trying to argue that if Yahoo gave the NSA access to this information, other countries could try and compel the company to provide the same access to data.

Mr. Rogers said he believed that it is achievable to create a legal framework that allows the NSA to access encrypted information without upending corporate security programs.He declined to provide more details.

Well, do you believe we should build backdoors for other countries? Mr. Stamos continued?

My position is hey, look, I think that were lying that this isnt technically feasible, Mr. Rogers replied.

He said the framework would have to be worked out ahead of time by policy makers not the NSA.

See original here:
Yahoo Executive Confronts NSA Director Over Backdoors

NSA hides Spying Software deep within Hard Drives
Feb. 17 -- Bloomberg #39;s Cory Johnson reports on Kaspersky Lab finding concealed software on drives made by Western Digital, Seagate, Toshiba and others. Johns...

By: Matthew Hardy

Follow this link:
NSA hides Spying Software deep within Hard Drives - Video

One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drives firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmwarethe guts of any computersurpasses anything else they had ever seen.

The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. The module, named nls_933w.dll, is the first of its kind found in the wild and is used with both the EquationDrug and GrayFish spy platforms Kaspersky uncovered.

It also has another capability: to create invisible storage space on the hard drive to hide data stolen from the system so the attackers can retrieve it later. This lets spies like the Equation Group bypass disk encryption by secreting documents they want to seize in areas that dont get encrypted.

Kaspersky has so far uncovered 500 victims of the Equation Group, but only five of these had the firmware-flashing module on their systems. The flasher module is likely reserved for significant systems that present special surveillance challenges. Costin Raiu, director of Kasperskys Global Research and Analysis Team, believes these are high-value computers that are not connected to the internet and are protected with disk encryption.

Heres what we know about the firmware-flashing module.

Hard drive disks have a controller, essentially a mini-computer, that includes a memory chip or flash ROM where the firmware code for operating the hard drive resides.

When a machine is infected with EquationDrug or GrayFish, the firmware flasher module gets deposited onto the system and reaches out to a command server to obtain payload code that it then flashes to the firmware, replacing the existing firmware with a malicious one. The researchers uncovered two versions of the flasher module: one that appears to have been compiled in 2010 and is used with EquatinoDrug and one with a 2013 compilation date that is used with GrayFish.

The Trojanized firmware lets attackers stay on the system even through software updates. If a victim, thinking his or her computer is infected, wipes the computers operating system and reinstalls it to eliminate any malicious code, the malicious firmware code remains untouched. It can then reach out to the command server to restore all of the other malicious components that got wiped from the system.

Even if the firmware itself is updated with a new vendor release, the malicious firmware code may still persist because some firmware updates replace only parts of the firmware, meaning the malicious portions may not get overwritten with the update. The only solution for victims is to trash their hard drive and start over with a new one.

The attack works because firmware was never designed with security in mind. Hard disk makers dont cryptographically sign the firmware they install on drives the way software vendors do. Nor do hard drive disk designs have authentication built in to check for signed firmware. This makes it possible for someone to change the firmware. And firmware is the perfect place to conceal malware because antivirus scanners dont examine it. Theres also no easy way for users to read the firmware and manually check if its been altered.

Read this article:
How the NSA's Firmware Hacking Works and Why It's So ...