NSA developing systems to infect millions of computers with malware
← Older revision
Revision as of 17:27, 14 March 2014
(7 intermediate revisions by one user not shown)
Line 5:
Line 5:
== Official Meetings ==
== Official Meetings ==
−
Jim Killock
appeared on Sky News
on
Wednesday 12th March debating Tim Berners-Lee
's
call for
a
digital Magna Carta
+
Jim Killock
met with Shami Chakrabarti from [[Liberty]] to discuss the [https://www.dontspyonus.org.uk/org Don't Spy
on
Us] campaign. On Tuesday he attended [http://www.gartner.com/technology/about.jsp Gartner
's
] conference and spoke about Big Data and privacy. On Friday, he participated in
a
round table discussion hosted by Liberal Democrat MPs to discuss blocking extremist content online.
Javier Ruiz met with the Centre for European Democracy for a brief discussion on ORG's ongoing legal battle [https://www.privacynotprism.org.uk/ Privacy not Prism].
Javier Ruiz met with the Centre for European Democracy for a brief discussion on ORG's ongoing legal battle [https://www.privacynotprism.org.uk/ Privacy not Prism].
Line 14:
Line 14:
===NSA developing systems to infect millions of computers with malware===
===NSA developing systems to infect millions of computers with malware===
−
New documents reveal that the [[NSA]] has been developing strong capabilities to infect people's computers with malware, thus granting them access to the user's computer. The documents also reveal that the agency posed as false [[Facebook]] login
page
to infect users computers.
+
New documents reveal that the [[NSA]] has been developing strong capabilities to infect people's computers with malware, thus granting them access to the user's computer. The documents also reveal that the agency posed as false [[Facebook]] login
pages
to infect users computers.
These are the findings of the latest publication:
These are the findings of the latest publication:
−
*
A presentation dated
from
2009
,
plans are discussed to develop capabilities to such an extent, as to rule out
the
need for human operators to run the systems
.
Documents [https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/ say] "Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture)
.
"
+
*
Before they can extract information
from
implants (malware installed in computers)
,
they must infect
the
target computer or network
.
This is usually done by sending spam emails with infected links
.
−
*
Before they can extract information
from
implants
,
they must infect
the
target computer or network
.
This is usually done by sending spam emails with infected links
.
+
*
In a presentation dated
from
2009
,
plans are discussed to develop capabilities to such an extent, as to rule out
the
need for human operators to run the systems
.
Documents [https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/ say] "Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture)
.
"
−
*The agency began expanding their hacking operations in 2004, where they had 100-150 targets
, it
spread to thousands within the following 6-8 years.
+
*The agency began expanding their hacking operations in 2004, where they had 100-150 targets
. It has since
spread to thousands within the following 6-8 years.
*Technology is used to seek out terror suspects and individuals suspected of extremism
*Technology is used to seek out terror suspects and individuals suspected of extremism
Line 57:
Line 57:
===New Minister for Organised Crime gives speech on combating cyber crime===
===New Minister for Organised Crime gives speech on combating cyber crime===
−
The new Minister for Modern Slavery and Organised Crime, [[Karen Bradley MP]], delivered speech on e-crime and cyber security.
+
The new Minister for Modern Slavery and Organised Crime, [[Karen Bradley MP]], delivered
a
speech on e-crime and cyber security.
−
In her speech she highlighted some of the work being done by the government to combat cyber crime, which is still viewed as a 'tier one' threat to national security. Some interesting points of the speech were:
+
In her speech she highlighted some of the work being done by the government to combat cyber crime, which is still viewed as a 'tier one' threat to national security.
+
+
Some interesting points of the speech were:
*Cyber-enabled card-not-present fraud cost around £140 million in 2012, while cyber-enabled banking fraud was calculated at around £40million.
*Cyber-enabled card-not-present fraud cost around £140 million in 2012, while cyber-enabled banking fraud was calculated at around £40million.
Line 79:
Line 81:
On the 25th anniversary of the World Wide Web, Tim Berner-Lee has made calls for an international charter to protect and enshrine the internet.
On the 25th anniversary of the World Wide Web, Tim Berner-Lee has made calls for an international charter to protect and enshrine the internet.
−
His efforts are combined with a campaign titled, [https://www.privacynotprism.org.uk/| 'The World We Want'], a campaign
aiming to encourage people
to ensure a digital bill of rights in each country.
+
His efforts are combined with a campaign titled, [https://www.privacynotprism.org.uk/| 'The World We Want'], a campaign
which aims
to ensure a digital bill of rights in each country.
−
He [http://www.theguardian.com/technology/2014/mar/12/online-magna-carta-berners-lee-web said] "Unless we have an open, neutral internet we can rely on without worrying about what's happening at the back door, we can't have open government, good democracy, good healthcare, connected communities and diversity of culture (...) Our rights are being infringed more and more on every side, and the danger is that we get used to it"
+
He [http://www.theguardian.com/technology/2014/mar/12/online-magna-carta-berners-lee-web said] "Unless we have an open, neutral internet we can rely on without worrying about what's happening at the back door, we can't have open government, good democracy, good healthcare, connected communities and diversity of culture (...) Our rights are being infringed more and more on every side, and the danger is that we get used to it"
.
== European Union ==
== European Union ==
−
−
===European Parliament condemns US and UK mass surveillance and votes to end data sharing agreement with US===
−
−
During the same time as the data protection vote, the European Parliament also voted on a resolution after the [[Committee on Civil Liberties, Justice and Home Affairs]] completed their [[LIBE inquiry into PRISM and Tempora|inquiry]] into [[PRISM]] and [[Tempora]].
−
−
The resolution [http://www.europarl.europa.eu/news/en/news-room/content/20140307IPR38203/html/US-NSA-stop-mass-surveillance-now-or-face-consequences-MEPs-say stressed]:
−
−
* To withhold from the Transatlantic Trade and Investment Partnership (TTIP) agreement unless it includes provisions that uphold fundamental European rights
−
−
* To immediately suspend the Safe Harbor agreement (protection standards for non EU companies to transfer EU citizen's personal data) and to create a new agreement with adequate solutions.
−
−
* Put the [http://en.wikipedia.org/wiki/Terrorist_Finance_Tracking_Program Terrorist Finance Tracking Programme] on hold until the US can clarify allegations that their authorities have access to European citizen's banking data.
−
−
* The creation of a European whistle-blower protection with an emphasis on the "complexity of whistle blowing in the field of intelligence"
===European vote on draft data protection regulations===
===European vote on draft data protection regulations===
Line 109:
Line 97:
*Fines for not complying with regulations can be up to €100 million or up to 5% of a company's annual turnover.
*Fines for not complying with regulations can be up to €100 million or up to 5% of a company's annual turnover.
−
* The regulation harmonises EU data protection law, meaning that EU citizens can complain about the violation of their privacy to their local data protection regulator, regardless of where in the EU
it is
taking place.
+
* The regulation harmonises EU data protection law, meaning that EU citizens can complain about the violation of their privacy to their local data protection regulator, regardless of where in the EU
the violations are
taking place.
* People have to consent to having their data processed
* People have to consent to having their data processed
Line 115:
Line 103:
* People have the right to get their personal data from whoever is holding it
* People have the right to get their personal data from whoever is holding it
−
* People have the right to have their personal data erased,
this includes
data passed onto third parties
+
* People have the right to have their personal data erased,
including
data passed onto third parties
You can view a report of the Regulation's amendments as voted, on the European Parliament's [http://www.europarl.europa.eu/oeil/popups/summary.do?id=1324830&t=d&l=en website]. Or see [http://gigaom.com/2014/03/12/web-firms-face-a-strict-new-set-of-privacy-rules-in-europe-heres-what-to-expect/ Gigaom] for a summary of the proceedings.
You can view a report of the Regulation's amendments as voted, on the European Parliament's [http://www.europarl.europa.eu/oeil/popups/summary.do?id=1324830&t=d&l=en website]. Or see [http://gigaom.com/2014/03/12/web-firms-face-a-strict-new-set-of-privacy-rules-in-europe-heres-what-to-expect/ Gigaom] for a summary of the proceedings.
+
+
===European Parliament condemns US and UK mass surveillance and votes to end data sharing agreement with US===
+
+
During the same time as the data protection vote, the European Parliament also voted on a final report by the [[Committee on Civil Liberties, Justice and Home Affairs]] completed their [[LIBE inquiry into PRISM and Tempora|inquiry]] into [[PRISM]] and [[Tempora]].
+
+
The resolution [http://www.europarl.europa.eu/news/en/news-room/content/20140307IPR38203/html/US-NSA-stop-mass-surveillance-now-or-face-consequences-MEPs-say stressed]:
+
+
* To withhold from the Transatlantic Trade and Investment Partnership (TTIP) agreement unless it includes provisions that uphold fundamental European rights
+
+
* To immediately suspend the Safe Harbor agreement (protection standards for non EU companies to transfer EU citizen's personal data) and to create a new agreement with adequate solutions.
+
+
* Put the [http://en.wikipedia.org/wiki/Terrorist_Finance_Tracking_Program Terrorist Finance Tracking Programme] on hold until the US can clarify allegations that their authorities have access to European citizen's banking data.
+
+
* The creation of a European whistle-blower protection with an emphasis on the "complexity of whistle blowing in the field of intelligence"
==Commercial Stakeholders==
==Commercial Stakeholders==
−
===British security given ability to monitor YouTube===
+
===British security
officials
given ability to monitor YouTube===
−
[[YouTube]] has granted British security officials special permissions to
make the
content they flag reviewed immediately
by the website's review team
. They will be able to flag videos on a large scale.
+
[[YouTube]] has granted British security officials special permissions to
give priority over
content they flag
to be
reviewed immediately. They will be able to flag videos on a large scale.
The flagging abilities are aimed at 'extremist' content and is the latest measure to battle extremism. The minister for Security, [[James Brokenshire MP]] [http://www.irishtimes.com/business/sectors/technology/youtube-to-be-monitored-by-british-security-1.1722722 said] they need to deal with material "that may not be illegal, but certainly is unsavoury and may not be the sort of material that people would want to see or receive".
The flagging abilities are aimed at 'extremist' content and is the latest measure to battle extremism. The minister for Security, [[James Brokenshire MP]] [http://www.irishtimes.com/business/sectors/technology/youtube-to-be-monitored-by-british-security-1.1722722 said] they need to deal with material "that may not be illegal, but certainly is unsavoury and may not be the sort of material that people would want to see or receive".