Tag Archives: WannaCry

Summer Part 2: August Agony!!! Looking Back: August 3: WannaCry Savior Arrested; Ulbricht Hunters More Guilty Than First Admitted

Marcus Hutchins, the man who reportedly brilliantly slowed the WannaCry cyber attack on the U.K.’s National Health Service (and hundreds of thousands of computers around the world) was picked up by the FBI in Las Vegas on August 2. He was apparently leaving the Def Con hacking “conference.”

marcus-hutchins.jpg

Hutchins (above), 22, is a British national who uses the alias MalwareTech on social media.

Related:

Summer Part 2: August Agony!!! Looking Back: May 12: NSA, “Exploits,” WannaCry and Whistleblowers

According to the U.K.’s Telegraph, the hero-turned-U.S. enemy of the state is out on $30,000 bail:

Hutchins, of Ilfracombe, Devon, is due to appear in court in Milwaukee on August 14, charged with six counts of creating and selling a malware known as Kronos.

While sprung from prison, he was made to wear a GPS monitor and forbidden from using the internet.

The Independent reports this is the culmination of a two-year investigation into Hutchins, whose “Trojan” software (the Kronos) infects computers and then steals banking passwords.

There is an as yet unnamed co-defendant in the case.

Hutchins faced a six-count indictment, which carries a possible 40 years in prison, on August 14 in the Eastern District of Wisconsin court. He pleaded not guilty and was given internet access. The trial is set for October 23.

International Business Times suggested the Feds may go easy on Hutchins given his recent usefulness to society.

Hutchins’ discovery of the “killswitch” for WannaCry, which slowed the spread of the ransom-demanding virus, apparently led to reporters camping out around his house back in May.

*

In other “citizens that actually know how to use computers are a threat to national security” big government crackdown news, one of the corrupt Federal agents that shamelessly choreographed a double life sentence for Silk Road creator Ross Ulbricht (who was quietly moved to a maximum security prison in Colorado this summer, because nonviolent crime) pleaded guilty to money laundering. Again.

Shaun Bridges, formerly of the Secret Service, worked with former DEA thug Carl Mark Force on the Baltimore task force that took money and Bitcoins from the Silk Road investigation, likely framed Ulbricht for ordering assassinations…all the things good Federal agents add to society.

Rogue Silk Road Agent Admits to Stealing Bitcoins Seized by U.S. Marshals

Bridges, 35, moved 1600 Bitcoins (worth $6.6 million) out of a Federal account. This is even more reprehensible because Bridges had already been sentenced in 2015 to 71 months in prison for money laundering and obstruction of justice.

Washington Times reported the taxpayer-funded thief had not even begun the initial sentence, and could get up to another 10 years in prison at his November sentencing.

Force was also arrested in 2015 and pleaded guilty to money laundering, obstruction of justice, and “extortion under color of official right.” He was sentenced to 6.5 years.

Ulbricht, who lost the May appeal of his convictions of money laundering, conspiracy to traffic and distribute narcotics, computer hacking and identity fraud, arguing that his investigators were using the case to commit their own crimes, will die in prison.

Thanks to our sources:

http://www.telegraph.co.uk/technology/2017/08/08/wannacry-hero-marcus-hutchins-freed-us-jail-ahead-court-appearance/

https://www.independent.co.uk/news/uk/home-news/marcus-hutchins-arrested-latest-us-authorities-wannacry-cyberattack-nhs-las-cegas-mccaran-a7875761.html

http://www.telegraph.co.uk/technology/2017/08/03/fbi-arrests-wannacry-hero-marcus-hutchins-las-vegas-reports/

Security researcher Marcus Hutchins pleads not guilty, returns to Twitter

FBI Agent Admits to Stealing Silk Road Bitcoins Seized by U.S. Marshals

http://www.washingtontimes.com/news/2017/aug/16/shaun-bridges-disgraced-secret-service-agent-plead/

https://motherboard.vice.com/en_us/article/8q845p/dea-agent-who-faked-a-murder-and-took-bitcoins-from-silk-road-explains-himself

https://www.wired.com/2017/05/silk-road-creator-ross-ulbricht-loses-life-sentence-appeal/

https://www.docketalarm.com/cases/New_York_Southern_District_Court/1–14-cr-00068/USA_v._Ulbricht/183/

Summer Part 2: August Agony!!! Looking Back: May 12: NSA, “Exploits,” WannaCry and Whistleblowers

We got an update on the technological “exploits” that were lifted from the NSA, the Federal Government spy agency that tracks your online behavior and phone records.

Brad Smith, President of Microsoft, warned governments like the United State’s federal behemoth are exposing their citizens by “stockpiling vulnerabilities”, hindering technology companies’ responses to cyberattacks because, well, the Federal agencies that suck up personal information on their subjects citizens are usually terrible at securing that data. This necessitated the additional 560-million dollar data collection facility in Fort Meade, MD to complement the NSA’s initial $2 billion Utah warehouse for tracking the little people.

[As a reminder, when confronted with the 2013 Edward Snowden leaks of NSA’s seizure of citizen phone records under Section 215 of the Patriot Act--in some cases by warrant, such as when telecommunications giant Verizon refused to bend over for the Feds–Obama’s Director of National Intelligence James Clapper lied under oath to the Senate Intelligence Committee about the existence of the privacy-eroding program.

Mr. Clapper later alternately claimed that he forgot” about the blatantly unconstitutional program; that he confused it with another data collection programSection 702 of the Foreign Intelligence Surveillance Act; and (according to his taxpayer-funded lawyer, Robert Litt) that Clapper was unprepared for the query, despite receiving the Senate panel’s planned questions 24 hours in advance. Although we are paying it, we are unable to find Mr. Clapper’s salary amount online.]

James R. Clapper official portrait.jpg

Clapper.

On May 12, the WannaCry attack software held data of British National Health Service and other Windows users’ data hostage for a Bitcoin ransom, reportedly with a screen like the following:

Ransomware warning from WannaCry

Smith, labeling the attack as “WannaCrypt” [sic?], reported the vulnerabilities that enabled it were stolen from NSA in April (at least, that’s when the Feds reportedly admitted the theft). Although Microsoft had released a security patch to Windows Defender one month previously to counter just such a threat, about 300,000 consumers were still reportedly affected. Microsoft did what the Federal Government would never consider, and took personal responsibility for the disruption–even though it was the sloppy Feds who were actually plundered, and Federal Government hubris that concealed the potential weaknesses from citizens.

The most consequential part of Smith’s post:

Finally, this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. [T]his most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.

[our emphasis]

[It is unclear if “nation-state action” here refers to well-meaning but incompetent central government vulnerability to having…the vulnerabilities they refuse to share with technology companies stolen; or malicious governments acting as the organized criminals, such as when Russia single-handedly elected President Trump.]

*

The security community claims to be making strides towards transparency. They are cracking down on whistleblowers and systematically ignoring Congressional restrictions on civilian spying. Wait…

Photo of George Ellard

George Ellard (above) was removed in December 2016 from his powerful perch as [“what the fuck” alert:] Inspector General of the NSA when he was found guilty of whistle blower retaliation.

Recall the IG is the watchdog for a Federal Government agency who polices the government “workers” and reports their transgressions to taxpayers. Or in this case, quashes dissent. It’s like internal affairs covering for a dirty cop!

Ellard was not only NSA’s Inspector General, but an outspoken critic of Edward Snowden, the former contract employee who leaked hundreds of thousands of classified emails to publicly expose the agency’s domestic surveillance program. Snowden claimed, among other things, that his concerns about NSA’s domestic eavesdropping were ignored by the agency, and that he feared retaliation. Ellard publicly argued in 2014 that Snowden could have safely reported the allegations of NSA’s domestic surveillance directly to him.

[A] high-level Intelligence Community panel found that Ellard himself had previously retaliated against an NSA whistleblower, sources tell the Project On Government Oversight. Informed of that finding, NSA’s Director, Admiral Michael Rogers, promptly issued  Ellard a notice of proposed termination, although Ellard apparently remains an agency employee while on administrative leave, pending a possible response to his appeal from Secretary of Defense Ash Carter.

Obama reportedly tried to strengthen whistleblower protections in the wake of Snowden’s revelations with Presidential Policy Directive 19. (Mr. Obama had referred to Snowden as a “29-year-old hacker” and–like Ellard–chastised the Federal contractor for not pursuing existing whistleblowing channels to expose the U.S.’s highly controversial metadata collection programs. Which Snowden had, only to find that such protections did not apply to contractors.)

The PPD-19 established an External Review Panel, comprising IGs for Justice, Treasury and CIA. ERP disagreed with the Defense Department IG, and found Ellard indeed had retaliated against an NSA whistleblower.

Disturbingly,

“Snowden could have come to me,” Ellard declared [in 2014], arguing that the leaker, now a fugitive in Russia, would have received the same protections as other NSA employees, who file some one thousand reports annually to the agency’s hotline. “We have surprising success in resolving the complaints that are brought to us,” Ellard said, adding, “Perhaps it’s the case that we could have shown, we could have explained to Mr. Snowden his misperceptions, his lack of understanding of what we do.”

[…]

Snowden’s related contention is that in his own case,  he did, in fact, report his concerns in emails to NSA superiors at the time, a contention which NBC has said  it verified.

[our emphasis]

Government Executive had more on Ellard:

Ellard himself became the subject of a complaint from an NSA employee who had contacted the Defense Department IG’s hotline with allegations of NSA overspending at a conference in Nashville, Tennessee. In 2013, the whistleblower’s identity was shared with Ellard, who then, according to the charges, denied the employee an assignment at the NSA IG’s Office of Investigations.

[…]

The Intelligence Community IG provided a sketch of how the PPD-19 external review process works in procedures issued in July 2013. If an aspiring whistleblower exhausts the agency review process without success, he or she can contact the IC watchdog’s office. The office has 45 days to complete a memo to the IG, who then has the authority to appoint an external panel. It collects evidence and has 180 days to make a decision. If the panel recommends action, the agency has another 90 days to respond. If no action is taken by then, the issue goes to the White House and, most likely, Congress.

Former assistant DOD IG John Crane told Government Executive he did the initial intake for the NSA whistleblower complaint about overspending at the conference. He said officials in the Pentagon IG office then revealed the whistleblower’s identity to Ellard, which he characterized as a violation of the Inspector General Act. Crane spent 25 years in government before he was fired in 2013 after accusing the Pentagon watchdog office of whistleblower retaliation.

[our emphasis]

*

It is unclear whether Ellard remains on paid leave, as he was placed last December while appealing his removal, or if the termination has been finalized. Cato Institute had a lengthy update last week.

*

The Federal argument justification unconstitutional practice assumed without debate or public knowledge for data-mining civilians is ridiculous, not least of all because all this super-secure data keeps getting leaked by their own employees.

Reality Leigh Winner (yes that is her actual name) was arrested in June for violating the Espionage Act.

Reality Leigh Winner, 25, of Augusta, Ga., was arrested over the weekend on charges of turning over a secret document to a news organization. (Inform)

Winner Winner Chicken Dinner.

Ms. Winner apparently leaked a classified document on Russian interference with the November 2016 elections to The Intercept.

And back in August, Harold Martin was nabbed for Espionage Act charges after allegedly swiping 50 terabytes of data from NSA. Martin’s defense attorney felt compelled to tell the press Martin is “no Edward Snowden.” Both men worked for Federal defense contractor Booz Allen Hamilton, an outfit especially proficient at vetting employees. Martin has reportedly held a security clearance since he joined the Navy. Thirty years ago.

*

Don’t hold your breath for restoration of your Constitutionally-demanded freedoms anytime soon. On May 2, Reuters reported that the NSA collected more than 151 million records of Americans’ phone calls last year, even after Congress limited its ability to collect bulk phone records, according to an annual report issued on Tuesday by the top U.S. intelligence officer.

[…]

Officials on Tuesday argued that the 151 million records collected last year were tiny compared with the number collected under procedures that were stopped after former NSA contractor Edward Snowden revealed the surveillance program in 2013.

[our emphasis]

See, that makes it ok!

Because the 151 million would include multiple calls made to or from the same phone numbers, the number of people whose records were collected also would be much smaller, the officials said. They said they had no breakdown of how many individuals’ phone records were among those collected.

*

There are a few bright spots in security news.

A hot topic this summer was Susan Rice and her demands of potentially illegal (certainly outside protocol of her office) “unmasking” of Trump associates who were transitioning to the new presidential administration. 

Summer Part 1: Stories We Shelved!!! April 3–Susan Rice Returns

The rate of “unmasking” average citizens (presumably to the chagrin of the filthy government thugs who spy on their citizens–and employers–because terrorism) marginally declined last year:

In all, according to the report, U.S. officials unmasked the names of fewer Americans in NSA eavesdropping reports in 2016 than they did the previous year, the top U.S. intelligence officer reported on Tuesday.

The report said the names of 1,934 “U.S. persons” were “unmasked” last year in response to specific requests, compared with 2,232 in 2015, but it did not identify who requested the names or on what grounds.

[our emphasis]

And back on April 28:

The National Security Agency said it will now limit [signals intelligence] collection to internet communications sent directly to or from a foreign target. It won’t permit intelligence officials to collect emails, texts and other communications between two people who mention a target by name, but are not themselves targets of surveillance.

The changes, first reported by The New York Times, are designed to reduce the chances of sweeping up communications of U.S. citizens or others in a way that some critics charged was overly broad.

*

On May 31, Shadow Brokers, the apparent perpetrators of the WannaCry attack, announced they would sell the stolen code for interested hackers at $22,000 per copy.  By late June, they had raised the price, up to $131,000 for “VIP access,” in which a customer reportedly receives access to particular vulnerabilities.

*

Back in January, NSA Director Mike Rogers (below), encouraged by Clapper, introduced a measure to offer current NSA operatives raises to stop them from fleeing Big Brother for the private sector.

Image result for mike rogers nsa

Interestingly, in November of last year, Clapper and then-Defense Secretary Ash Carter reportedly recommended outgoing President Obama remove Rogers as head of NSA.

Thanks to our sources:

blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/#dMb37xIKkLh3BVme.99

http://thehill.com/policy/technology/241508-spy-head-had-absolutely-forgotten-about-nsa-program

http://www.pogo.org/blog/2016/12/intelligence-community-landmark.html

http://www.govexec.com/defense/2016/12/why-nsa-inspector-general-lost-his-job-and-wants-it-back/133992/?oref=ge-android-article-share

http://www.reuters.com/article/us-usa-security-surveillance-idUSKBN17Y2LS?utm_campaign=trueAnthem:+Trending+Content&utm_content=59095df804d30158154f2aa9&utm_medium=trueAnthem&utm_source=twitter

https://www.yahoo.com/news/nsa-stop-collecting-internet-communications-194955852–politics.html

https://tribune.com.pk/story/1423609/shadow-brokers-threaten-release-windows-10-hacking-tools/