Tag Archives: Spying

Germany tells Turkey not to spy on Turks living on its soil

Turkish voters living in Germany wait to cast their ballots on the constitutional referendum at the Turkish consulate in Berlin, Germany, March 27, 2017. REUTERS/Fabrizio Bensch

By Madeline Chambers

BERLIN (Reuters) – Germany will not tolerate foreign espionage on its territory, the interior minister said on Tuesday, in a robust response to media reports that Turkish secret services were spying on supporters of the Gulen movement in Germany.

Fethullah Gulen, a U.S-based Muslim cleric with a large following in Turkey, is accused by Ankara of orchestrating a failed military coup last July. Ankara has purged state institutions, schools and universities and the media of tens of thousands of suspected supporters of the cleric.

The media reports of Turkish espionage in Germany have deepened a rift between the NATO allies in the run-up to a referendum next month in Turkey that proposes to significantly expand the powers of President Tayyip Erdogan.

The Sueddeutsche Zeitung newspaper and two broadcasters reported that Turkey’s National Intelligence Agency had given Germany’s foreign intelligence service a list of names of hundreds of supposed Gulen supporters living in Germany.

Interior Minster Thomas de Maiziere, speaking in Passau in southern Germany, said he was not surprised by the report and added that the lists would be looked at individually.

“We have told Turkey several times that such (activity) is not acceptable,” he said. “Regardless of what you think of the Gulen movement, German law applies here and citizens who live here won’t be spied on by foreign states,” he said.

The reports said the list included the names of more than 300 people and more than 200 associations, schools and other institutions and a German investigation indicated some of the photos may have been taken secretly.

WARNING

The northern state of Lower Saxony even said it was warning suspected Gulen movement supporters about possible reprisals if they traveled to their homeland.

“I think that is a justified and necessary measure to be able to warn people,” said state interior minister Boris Pistorius. “The intensity and ruthlessness being (used) on people living on foreign soil is remarkable.”

Concerns about Turkish spying are not confined to Germany.

Swedish public service radio broadcaster SR reported that Turkey’s ruling AK Party was putting pressure, via the Union of European Turkish Democrats, on Swedish Gulen supporters to supply information about fellow Gulen supporters in the country.

Germany is already investigating possible spying by Turkish imams in Germany.. A spokesman for the chief federal prosecutor’s office said that probe continued.

German politicians, including Chancellor Angela Merkel, are angry about Erdogan’s repeated comparisons of their country to Nazi Germany in response to cancellations of planned campaign events targeting the Turkish diaspora in Germany. Germany says the cancellations were prompted by security concerns.

The speaker of the Bundestag lower house of parliament said in a speech late on Monday that Turkey was turning into an authoritarian system and that its president was effectively staging a coup against his own country.

Norbert Lammert, a member of Merkel’s conservatives, said the referendum was about “transforming an undoubtedly fragile but democratic system into an authoritarian system – and this second coup attempt may well be successful”.

(Reporting by Madeline Chambers, Reuters TV, Andrea Shalal, Hans-Edzard Busemann and Daniel Dixon in Stockholm; Writing by Madeline Chambers; Editing by Gareth Jones)

WikiLeaks offers CIA hacking tools to tech companies: Assange

WikiLeaks founder Julian Assange makes a speech from the balcony of the Ecuadorian Embassy, in central London, Britain February 5, 2016. REUTERS/Peter Nicholls/Files

By Dustin Volz and Eric Auchard

WASHINGTON/FRANKFURT (Reuters) – WikiLeaks will provide technology companies with exclusive access to CIA hacking tools that it possesses, to allow them to patch software flaws, founder Julian Assange said on Thursday.

The offer, if legitimate, could put Silicon Valley in the unusual position of deciding whether to cooperate with Assange, a man believed by some U.S. officials and lawmakers to be an untrustworthy pawn of Russian President Vladimir Putin, or a secretive U.S. spy agency.

It was not clear how WikiLeaks intended to cooperate with technology companies, or if they would accept his offer. The anti-secrecy group published documents on Tuesday describing secret Central Intelligence Agency hacking tools and snippets of computer code. It did not publish the full programs that would be needed to actually conduct cyber exploits against phones, computers and Internet-connected televisions.

Representatives of Alphabet Inc’s Google Apple Inc, Microsoft Corp <MSFT.O> and Cisco Systems Inc <CSCO.O>, all of whose wares are subject to attacks described in the documents, did not immediately respond to requests for comment before regular business hours on the U.S. West Coast.

“Considering what we think is the best way to proceed and hearing these calls from some of the manufacturers, we have decided to work with them to give them some exclusive access to the additional technical details that we have so that the fixes can be developed and pushed out, so people can be secure,” Assange said during a press conference broadcast via Facebook Live.

Responding to Assange’s comments, CIA spokesman Jonathan Liu, said in a statement, “As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity.”

“Despite the efforts of Assange and his ilk, CIA continues to aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states and other adversaries.”

The disclosures alarmed the technology world and among consumers concerned about the potential privacy implications of the cyber espionage tactics that were described.

One file described a program known as Weeping Angel that purportedly could take over a Samsung smart television, making it appear it was off when in fact it was recording conversations in the room.

Other documents described ways to hack into Apple Inc <AAPL.O> iPhones, devices running Google’s <GOOGL.O> Android software and other gadgets in a way that could observe communications before they are protected by end-to-end encryption offered by messaging apps like Signal or WhatsApp.

Several companies have already said they are confident that their recent security updates have already accounted for the purported flaws described in the CIA documents. Apple said in a statement on Tuesday that “many of the issues” leaked had already been patched in the latest version of its operating system.

WikiLeaks’ publication of the documents reignited a debate about whether U.S. intelligence agencies should hoard serious cyber security vulnerabilities rather than share them with the public. An interagency process created under former President Barack Obama called for erring on the side of disclosure.

President Donald Trump believed changes were needed to safeguard secrets at the CIA, White House spokesman Sean Spicer told a news briefing on Thursday. “He believes that the systems at the CIA are outdated and need to be updated.”

Two U.S. intelligence and law enforcement officials told Reuters on Wednesday that intelligence agencies have been aware since the end of last year of a breach at the CIA, which led to WikiLeaks releasing thousands of pages of information on its website.

The officials, speaking on condition of anonymity, said contractors likely breached security and handed over the documents to WikiLeaks. The CIA has declined to comment on the authenticity of the documents leaked, but the officials said they believed the pages about hacking techniques used between 2013 and 2016 were authentic.

Contractors have been revealed as the source of sensitive government information leaks in recent years, most notably Edward Snowden and Harold Thomas Martin, both employed by consulting firm Booz Allen Hamilton <BAH.N> while working for the National Security Agency.

Assange said he possessed “a lot more information” about the CIA’s cyber arsenal that would be released soon. He criticized the CIA for “devastating incompetence” for not being able to control access to such sensitive material.

Nigel Farage, the former leader of the populist UK Independence Party, visited Assange at the Ecuadorean embassy in London earlier on Thursday. A representative for Farage said he was unaware what was discussed.

Assange has been holed up since 2012 at the embassy, where he fled to avoid extradition to Sweden over allegations of rape, which he denies.

(Reporting by Dustin Volz; Additional reporting by Eric Auchard in Frankfurt, Joseph Menn in San Francisco and Guy Falconbridge in London; Editing by Frances Kerry and Grant McCool)

CIA contractors likely source of latest WikiLeaks release: U.S. officials

The lobby of the CIA Headquarters Building in Langley, Virginia, U.S. on August 14, 2008. REUTERS/Larry Downing/File Photo

By John Walcott and Mark Hosenball

WASHINGTON (Reuters) – Contractors likely breached security and handed over documents describing the Central Intelligence Agency’s use of hacking tools to anti-secrecy group WikiLeaks, U.S. intelligence and law enforcement officials told Reuters on Wednesday.

Two officials speaking on condition of anonymity said intelligence agencies have been aware since the end of last year of the breach, which led to WikiLeaks releasing thousands of pages of information on its website on Tuesday.

According to the documents, CIA hackers could get into Apple Inc <AAPL.O> iPhones, devices running Google’s Android software and other gadgets in order to capture text and voice messages before they were encrypted with sophisticated software.

The White House said on Wednesday that President Donald Trump was “extremely concerned” about the CIA security breach that led to the WikiLeaks release.

“Anybody who leaks classified information will be held to the highest degree of law,” spokesman Sean Spicer said.

The two officials told Reuters they believed the published documents about CIA hacking techniques used between 2013 and 2016 were authentic.

One of the officials with knowledge of the investigation said companies that are contractors for the CIA have been checking to see which of their employees had access to the material that WikiLeaks published, and then going over their computer logs, emails and other communications for any evidence of who might be responsible.

On Tuesday in a press release, WikiLeaks itself said the CIA had “lost control” of an archive of hacking methods and it appeared to have been circulated “among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”

The CIA, which is the United States’ civilian foreign intelligence service, declined to comment on the authenticity of purported intelligence documents.

The agency said in a statement that its mission was to collect foreign intelligence abroad “to protect America from terrorists, hostile nation states and other adversaries” and to be “innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad.”

The CIA is legally prohibited from surveillance inside the United States and “does not do so”, the statement added.

CONTRACTORS MUST BE ‘LOYAL TO AMERICA’

A U.S. government source familiar with the matter said it would be normal for the Federal Bureau of Investigation and the CIA both to open investigations into such leaks. U.S. officials previously have confirmed that prosecutors in Alexandria, Virginia for years have been conducting a federal grand jury investigation of WikiLeaks and its personnel.

A spokesman for the prosecutors declined to comment on the possibility of that probe being expanded. It is not clear if the investigation of the latest CIA leaks is part of the probe.

Contractors have been revealed as the source of sensitive government information leaks in recent years, most notably Edward Snowden and Harold Thomas Martin, both employed by consulting firm Booz Allen Hamilton <BAH.N> while working for the National Security Agency.

U.S. Senator Dianne Feinstein of California and a Democrat on the intelligence committee, said the government needed to stop the breaches.

“I think we really need to take a look at the contractor portion of the employee workforce, because you have to be loyal to America to work for an intelligence agency, otherwise don’t do it,” Feinstein said.

Both U.S. Senate and U.S. House of Representatives intelligence committees have either opened or are expected to open inquiries into the CIA breach, congressional officials said.

Some cyber security experts and technology companies have criticized the government for opting to exploit rather than disclose software vulnerabilities, though an interagency review process set up under former President Barack Obama was intended to err on the side of disclosure.

Those concerns would grow if U.S. authorities did not notify companies that CIA documents describing various hacking techniques had been compromised.

Apple, Alphabet Inc’s <GOOGL.O> Google, Cisco Systems Inc <CSCO.O> and Oracle Corp <ORCL.N> did not immediately respond when asked if they were notified of a CIA breach before WikiLeaks made its files public.

At Apple, none of the vulnerabilities described in the documents provoked a panic, though analysis was continuing, according to a person who spoke with engineers there.

Google’s director of information security and privacy, Heather Adkins, said in a statement: “As we’ve reviewed the documents, we’re confident that security updates and protections in both Chrome and Android (operating systems) already shield users from many of these alleged vulnerabilities. Our analysis is ongoing and we will implement any further necessary protections.”

LARGER NUMBER OF CONTRACTORS

One reason the investigation is focused on a potential leak by contractors rather than for example a hack by Russian intelligence, another official said, is that so far there is no evidence that Russian intelligence agencies tried to exploit any of the leaked material before it was published.

One European official, speaking on condition of anonymity, said the WikiLeaks material could in fact lead to closer cooperation between European intelligence agencies and U.S. counterparts, which share concerns about Russian intelligence operations.

U.S. intelligence agencies have accused Russia of seeking to tilt last year’s U.S. presidential election in Trump’s favor, including by hacking into Democratic Party emails. Moscow has denied the allegation.

One major security problem was that the number of contractors with access to information with the highest secrecy classification has “exploded” because of federal budget constraints, the first U.S. official said.

U.S. intelligence agencies have been unable to hire additional permanent staff needed to keep pace with technological advances such as the “internet of things” that connects cars, home security and heating systems and other devices to computer networks, or to pay salaries competitive with the private sector, the official said.

Reuters could not immediately verify the contents of the published documents.

A person familiar with WikiLeaks’ activities said the group has had the CIA hacking material for months, and that the release of the material was in the works “for a long time.”

In Germany on Wednesday, the chief federal prosecutor’s office said that it would review the WikiLeaks documents because some suggested that the CIA ran a hacking hub from the U.S. consulate in Frankfurt.

“We will initiate an investigation if we see evidence of concrete criminal acts or specific perpetrators,” a spokesman for the federal prosecutor’s office told Reuters.

Chancellor Angela Merkel is scheduled to visit Washington on March 14 for her first meeting with Trump, who has sharply criticized Berlin for everything from its trade policy to what he considers inadequate levels of military spending.

(Reporting by John Walcott, Mark Hosenball, Dustin Volz, Yara Bayoumy in Washington and Matthias Sobolewski and Andrea Shalal in Berlin; Additional reporting by Joseph Menn in San Francisco; Writing by Grant McCool; Editing by Peter Graff and Bill Rigby)

Berlin says Turkey has stepped up spying in Germany

Turkish Foreign Minister Mevlut Cavusoglu meets his German counterpart Sigmar Gabriel in Berlin, Germany, March 8, 2017. Cem Ozdel/Turkish Foreign Ministry Press Office/Handout via Reuters

BERLIN (Reuters) – The German government said on Wednesday there had been a significant increase in Turkish spying in Germany, where tensions within the large Turkish community have escalated ahead of next month’s referendum on Turkey’s presidency.

The BfV domestic intelligence agency said divisions in Turkey leading up to the April 16 referendum on boosting the powers of President Tayyip Erdogan were mirrored in Germany.

At the same time, strained relations between Germany and Turkey, which soured after a failed army bid last July to overthrow Erdogan, reached a new low this month in a row over Turkish political rallies to drum up support in the referendum.

“The BfV is observing a significant increase in intelligence efforts by Turkey in Germany,” it said in a statement. No further details were provided.

Germany’s chief federal prosecutor launched an investigation in January into possible spying by clerics sent to Germany by Ankara.

Bfv President Hans-Georg Maassen underscored his concern over tensions between right-wing Turks in Germany and supporters of the Kurdistan Workers Party (PKK).

“There is the danger that these proxy fights between PKK supporters and nationalist, right-wing extremist Turks will escalate because there is a high, hard-hitting potential for danger in both groups,” he said.

Maassen did not specifically address the issue of Turkish spying. He told reporters in January that Germany would not tolerate Turkish intelligence operations within its borders.

German Foreign Minister Sigmar Gabriel on Wednesday met his Turkish counterpart Mevlut Cavusoglu in Berlin and said Turkey’s internal fights should not be imported into Germany.

(Reporting by Sabine Siebold, Writing by Andrea Shalal; Editing by Dominic Evans)

WikiLeaks says it releases files on CIA cyber spying tools

FILE PHOTO: People are silhouetted as they pose with laptops in front of a screen projected with binary code and a Central Inteligence Agency (CIA) emblem, in this picture illustration taken in Zenica, Bosnia and Herzegovina October 29, 2014. REUTERS/Dado Ruvic/File Photo/Illustration

By Dustin Volz and Warren Strobel

WASHINGTON (Reuters) – Anti-secrecy group WikiLeaks on Tuesday published what it said were thousands of pages of internal CIA discussions about hacking techniques used over several years, renewing concerns about the security of consumer electronics and embarrassing yet another U.S. intelligence agency.

The discussion transcripts showed that CIA hackers could get into Apple Inc iPhones, Google Inc Android devices and other gadgets in order to capture text and voice messages before they were encrypted with sophisticated software.

Cyber security experts disagreed about the extent of the fallout from the data dump, but said a lot would depend on whether WikiLeaks followed through on a threat to publish the actual hacking tools that could do damage.

Reuters could not immediately verify the contents of the published documents, but several contractors and private cyber security experts said the materials, dated between 2013 and 2016, appeared to be legitimate.

A longtime intelligence contractor with expertise in U.S. hacking tools told Reuters the documents included correct “cover” terms describing active cyber programs.

Among the most noteworthy WikiLeaks claims is that the Central Intelligence Agency, in partnership with other U.S. and foreign agencies, has been able to bypass the encryption on popular messaging apps such as WhatsApp, Telegram and Signal.

The files did not indicate the actual encryption of Signal or other secure messaging apps had been compromised.

The information in what WikiLeaks said were 7,818 web pages with 943 attachments appears to represent the latest breach in recent years of classified material from U.S. intelligence agencies.

Security experts differed over how much the disclosures could damage U.S. cyber espionage. Many said that, while harmful, they do not compare to former National Security Agency contractor Edward Snowden’s revelations in 2013 of mass NSA data collection.

“This is a big dump about extremely sophisticated tools that can be used to target individual user devices … I haven’t yet come across the mass exploiting of mobile devices,” said Tarah Wheeler, senior director of engineering and principal security advocate for Symantec.

Stuart McClure, CEO of Cylance, an Irvine, California, cyber security firm, said that one of the most significant disclosures shows how CIA hackers cover their tracks by leaving electronic trails suggesting they are from Russia, China and Iran rather than the United States.

Other revelations show how the CIA took advantage of vulnerabilities that are known, if not widely publicized.

In one case, the documents say, U.S. and British personnel, under a program known as Weeping Angel, developed ways to take over a Samsung smart television, making it appear it was off when in fact it was recording conversations in the room.

The CIA and White House declined comment. “We do not comment on the authenticity or content of purported intelligence documents,” CIA spokesman Jonathan Liu said in a statement.

Google declined to comment on the purported hacking of its Android platform, but said it was investigating the matter.

Snowden on Twitter said the files amount to the first public evidence that the U.S. government secretly buys software to exploit technology, referring to a table published by WikiLeaks that appeared to list various Apple iOS flaws purchased by the CIA and other intelligence agencies.

Apple Inc did not respond to a request for comment.

The documents refer to means for accessing phones directly in order to catch messages before they are protected by end-to-end encryption tools like Signal.

Signal inventor Moxie Marlinspike said he took that as “confirmation that what we’re doing is working.” Signal and the like are “pushing intelligence agencies from a world of undetectable mass surveillance to a world where they have to use expensive, high-risk, extremely targeted attacks.”

CIA CYBER PROGRAMS

The CIA in recent years underwent a restructuring to focus more on cyber warfare to keep pace with the increasing digital sophistication of foreign adversaries. The spy agency is prohibited by law from collecting intelligence that details domestic activities of Americans and is generally restricted in how it may gather any U.S. data for counterintelligence purposes.

The documents published Tuesday appeared to supply specific details to what has been long-known in the abstract: U.S. intelligence agencies, like their allies and adversaries, are constantly working to discover and exploit flaws in any manner of technology products.

Unlike the Snowden leaks, which revealed the NSA was secretly collecting details of telephone calls by ordinary Americans, the new WikiLeaks material did not appear to contain material that would fundamentally change what is publicly known about cyber espionage.

WikiLeaks, led by Julian Assange, said its publication of the documents on the hacking tools was the first in a series of releases drawing from a data set that includes several hundred million lines of code and includes the CIA’s “entire hacking capacity.”

The documents only include snippets of computer code, not the full programs that would be needed to conduct cyber exploits.

WikiLeaks said it was refraining from disclosing usable code from CIA’s cyber arsenal “until a consensus emerges on the technical and political nature of the C.I.A.’s program and how such ‘weapons’ should be analyzed, disarmed and published.”

U.S. intelligence agencies have said that Wikileaks has ties to Russia’s security services. During the 2016 U.S. presidential campaign, Wikileaks published internal emails of top Democratic Party officials, which the agencies said were hacked by Moscow as part of a coordinated influence campaign to help Republican Donald Trump win the presidency.

WikiLeaks has denied ties to Russian spy agencies.

Trump praised WikiLeaks during the campaign, often citing hacked emails it published to bolster his attacks on Democratic Party candidate Hillary Clinton.

WikiLeaks said on Tuesday that the documents showed that the CIA hoarded serious security vulnerabilities rather than share them with the public, as called for under a process established by President Barack Obama.

Rob Knake, a former official who dealt with the issue under Obama, said he had not seen evidence in what was published to support that conclusion.

The process “is not a policy of unilateral disarmament in cyberspace. The mere fact that the CIA may have exploited zero-day [previously undisclosed] vulnerabilities should not surprise anyone,” said Knake, now at the Council on Foreign Relations.

U.S. officials, speaking on condition of anonymity, said they did not know where WikiLeaks might have obtained the material.

In a press release, the group said, “The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”

U.S. intelligence agencies have suffered a series of security breaches, including Snowden’s.

In 2010, U.S. military intelligence analyst Chelsea Manning provided more than 700,000 documents, videos, diplomatic cables and battlefield accounts to Wikileaks.

Last month, former NSA contractor Harold Thomas Martin was indicted on charges of taking highly sensitive government materials over a course of 20 years, storing the secrets in his home.

(Reporting by Dustin Volz and Warren Strobel; additional reporting by Joseph Menn, Mark Hosenball, Jonathan Landay and Jim Finkle; Editing by Grant McCool)

NSA contractor indicted over mammoth theft of classified data

NSA HQ

By Dustin Volz

(Reuters) – A former National Security Agency contractor was indicted on Wednesday by a federal grand jury on charges he willfully retained national defense information, in what U.S. officials have said may have been the largest heist of classified government information in history.

The indictment alleges that Harold Thomas Martin, 52, spent up to 20 years stealing highly sensitive government material from the U.S. intelligence community related to national defense, collecting a trove of secrets he hoarded at his home in Glen Burnie, Maryland.

The government has not said what, if anything, Martin did with the stolen data.

Martin faces 20 criminal counts, each punishable by up to 10 years in prison, the Justice Department said.

“For as long as two decades, Harold Martin flagrantly abused the trust placed in him by the government,” said U.S. Attorney Rod Rosenstein.

Martin’s attorney could not immediately be reached for comment.

Martin worked for Booz Allen Hamilton Holding Corp when he was taken into custody last August.

Booz Allen also had employed Edward Snowden, who leaked a trove of secret files to news organizations in 2013 that exposed vast domestic and international surveillance operations carried out by the NSA.

The indictment provided a lengthy list of documents Martin is alleged to have stolen from multiple intelligence agencies starting in August 1996, including 2014 NSA reports detailing intelligence information “regarding foreign cyber issues” that contained targeting information and “foreign cyber intrusion techniques.”

The list of pilfered documents includes an NSA user’s guide for an intelligence-gathering tool and a 2007 file with details about specific daily operations.

The indictment also alleges that Martin stole documents from U.S. Cyber Command, the CIA and the National Reconnaissance Office.

Martin was employed as a private contractor by at least seven different companies, working for several government agencies beginning in 1993 after serving in the U.S. Navy for four years, according to the indictment.

His positions, which involved work on highly classified projects involving government computer systems, gave him various security clearances that routinely provided him access to top-secret information, it said.

Unnamed U.S. officials told the Washington Post this week that Martin allegedly took more than 75 percent of the hacking tools belonging to the NSA’s tailored access operations, the agency’s elite hacking unit.

Booz Allen, which earns billions of dollars a year contracting with U.S. intelligence agencies, came under renewed scrutiny after Martin’s arrest was revealed last October. The firm announced it had hired former FBI Director Robert Mueller to lead an audit of its security, personnel and management practices.

A Booz Allen spokeswoman did not have an immediate comment on Martin’s indictment.

Martin’s initial appearance in the U.S. District Court of Baltimore was scheduled for next Tuesday, the Justice Department said.

(Reporting by Dustin Volz in Washington and Jonathan Stempel in New York; editing by Jonathan Oatis and Phil Berlowitz)

Hamas sets ‘honey traps’ to hack Israeli soldiers’ phones: army

Israeli soldier calling his mother on mobile phone

By Maayan Lubell

TEL AVIV (Reuters) – Using photos of young women and Hebrew slang, the Palestinian militant group Hamas chatted up dozens of Israeli soldiers online, gaining control of their phone cameras and microphones, the military said on Wednesday.

An officer, who briefed reporters on the alleged scam, said the Islamist group that runs the Gaza Strip uncovered no major military secrets in the intelligence-gathering operation.

Hamas spokesman Fawzi Barhoum declined to comment.

Mainly using Facebook, Hamas used fake online identities and photos of young women, apparently found on the Internet, to lure soldiers in, the officer said.

“Just a second, I’ll send you a photo, my dear,” one “woman” wrote.

“OK. Ha-ha,” the soldier replied, before a photo of a blonde woman in a swimsuit popped up.

The “woman” then suggested they both download “a simple app that lets us have a video chat”, according to an example of an exchange provided by the officer.

The officer said most of the soldiers were low-ranking and that Hamas was mostly interested in gathering information about Israeli army manoeuvres, forces and weaponry in the Gaza area.

The military discovered the hacking when soldiers began reporting other suspicious online activity on social networks and uncovered dozens of fake identities used by the group to target the soldiers, the officer said.

In 2001, a 16-year-old Israeli was lured to the occupied West Bank, where he was shot dead by Palestinian gunmen, after entering into an online relationship with a Palestinian woman who posed as an American tourist.

(Additional reporting by Nidal al-Mughrabi in Gaza; Editing by Jeffrey Heller and Louise Ireland)

Yahoo email scan shows U.S. spy push to recast constitutional privacy

Yahoo logo near cyber screen

By Joseph Menn

(Reuters) – Yahoo Inc’s secret scanning of customer emails at the behest of a U.S. spy agency is part of a growing push by officials to loosen constitutional protections Americans have against arbitrary governmental searches, according to legal documents and people briefed on closed court hearings.

The order on Yahoo from the secret Foreign Intelligence Surveillance Court (FISC) last year resulted from the government’s drive to change decades of interpretation of the U.S. Constitution’s Fourth Amendment right of people to be secure against “unreasonable searches and seizures,” intelligence officials and others familiar with the strategy told Reuters.

The unifying idea, they said, is to move the focus of U.S. courts away from what makes something a distinct search and toward what is “reasonable” overall.

The basis of the argument for change is that people are making much more digital data available about themselves to businesses, and that data can contain clues that would lead to authorities disrupting attacks in the United States or on U.S. interests abroad.

While it might technically count as a search if an automated program trawls through all the data, the thinking goes, there is no unreasonable harm unless a human being looks at the result of that search and orders more intrusive measures or an arrest, which even then could be reasonable.

Civil liberties groups and some other legal experts said the attempt to expand the ability of law enforcement agencies and intelligence services to sift through vast amounts of online data, in some cases without a court order, was in conflict with the Fourth Amendment because many innocent messages are included in the initial sweep.

“A lot of it is unrecognizable from a Fourth Amendment perspective,” said Orin Kerr, a former federal prosecutor and Georgetown University Law School expert on surveillance. “It’s not where the traditional Fourth Amendment law is.”

But the general counsel of the Office of the Director of National Intelligence (ODNI), Robert Litt, said in an interview with Reuters on Tuesday that the legal interpretation needed to be adjusted because of technological changes.

“Computerized scanning of communications in the same way that your email service provider scans looking for viruses – that should not be considered a search requiring a warrant for Fourth Amendment purposes,” said Litt. He said he is leaving his post on Dec. 31 as the end of President Barack Obama’s administration nears.

DIGITAL SIGNATURE

Reuters was unable to determine what data, if any, was handed over by Yahoo after its live email search. The search was first reported by Reuters on Oct. 4. Yahoo and the National Security Agency (NSA) declined to explain the basis for the order.

The surveillance court, whose members are appointed by U.S. Supreme Court Chief Justice John Roberts, oversees and approves the domestic pursuit of intelligence about foreign powers. While details of the Yahoo search are classified, people familiar with the matter have told Reuters it was aimed at isolating a digital signature for a single person or small team working for a foreign government frequently at odds with America.

The ODNI is expected to disclose as soon as next month an estimated number of Americans whose electronic communications have been caught up in online surveillance programs intended for foreigners, U.S. lawmakers said.

The ODNI’s expected disclosure is unlikely to cover such orders as the one to Yahoo but would encompass those under a different surveillance authority called section 702. That section allows the operation of two internet search programs, Prism and “upstream” collection, that were revealed by former NSA contractor Edward Snowden more than three years ago. Prism gathers the messaging data of targets from Alphabet Inc’s Google, Facebook, Microsoft, Apple among others.

Upstream surveillance allows the NSA to copy web traffic to search data for certain terms called “selectors,” such as email addresses, that are contained in the body of messages. ODNI’s Litt said ordinary words are not used as selectors.

The Fourth Amendment applies to the search and seizure of electronic devices as much as ordinary papers. Wiretaps and other surveillance in the internet age are now subject to litigation across the United States. But in the FISC, with rare exceptions, the judges hear only from the executive branch.

Their rulings have been appealed only three times, each time going to a review board. Only the government is permitted to appeal from there, and so far it has never felt the need.

PUBLIC LEGAL CHALLENGES

The FISC’s reasoning, though, is heading into public courts. The 9th U.S. Circuit Court of Appeals on Dec. 5 cited FISC precedents in rejecting an appeal of an Oregon man who was convicted of plotting to bomb a Christmas tree lighting ceremony after his emails were collected in another investigation.

Groups such as the American Civil Liberties Union and the Electronic Frontier Foundation are fighting the expansion of legalized surveillance in Congress and in courts.

On Dec. 8, the ACLU argued in the 4th U.S. Circuit Court of Appeals that a lawsuit by Wikipedia’s parent group against the NSA should not have been dismissed by a lower court, which ruled that the nonprofit could not show it had been snooped on and that the government could keep details of the program secret.

The concerns of civil libertarians and others have been heightened by President-elect Donald Trump’s nomination of conservative Representative Mike Pompeo of Kansas to be director of the CIA. Pompeo, writing in the Wall Street Journal in January, advocated expanding bulk collection of telephone calling records in pursuit of Islamic State and its sympathizers who could plan attacks on Americans. Pompeo said the records could be combined with “publicly available financial and lifestyle information into a comprehensive, searchable database.”

Yahoo’s search went far beyond what would be required to monitor a single email account. The company agreed to create and then conceal a special program on its email servers that would check all correspondence for a specific string of bits.

Trawling for selectors is known as “about” searching, when content is collected because it is about something of interest rather than because it was sent or received by an established target. It is frequently used by the NSA in its bulk upstream collection of international telecom traffic.

The Privacy and Civil Liberties Oversight Board, an appointed panel established by Congress as part of its post-9/11 expansion of intelligence authority, reported in 2014 that “about” searches “push the program close to the line of constitutional reasonableness.”

A glimpse of the new legal arguments came in a FISC proceeding last year held to review NSA and FBI annual surveillance targets and four sets of procedures for limiting the spread of information about Americans.

Judge Thomas Hogan appointed Amy Jeffress, an attorney at Arnold and Porter and a former national security prosecutor, to weigh in, the first time that court had asked an outside privacy expert for advice before making a decision.

Jeffress argued each search aimed at an American should be tested against the Fourth Amendment, while prosecutors said that only overall searching practice had to be evaluated for “reasonableness.” Hogan agreed with the government, ruling that even though the Fourth Amendment was all but waived in the initial data gathering because foreigners were the targets, the voluminous data incidentally gathered on Americans could also be used to investigate drug deals or robberies.

“While they are targeting foreign intelligence information, they are collecting broader information, and there needs to be strong protections for how that information is used apart from national security,” Jeffress told Reuters.

ODNI’s Litt wrote in a February Yale Law Review article that the new approach was appropriate, in part because so much personal data is willingly shared by consumers with technology companies. Litt advocated for courts to evaluate “reasonableness” by looking at the entirety of the government’s activity, including the degree of transparency.

Litt told Reuters that he did not mean, however, that the same techniques in “about” searches should be pushed toward the more targeted searches at email providers such as Yahoo.

Although speaking generally, he said: “My own personal approach to this is you should trade off broader collection authority for stricter use authority,” so that more is taken in but less is acted upon.

This position strikes some academics and participants in the process as a remarkable departure from what the highest legal authority in the land was thinking just two years ago.

That was when the Supreme Court’s Roberts wrote for a majority in declaring that mobile phones usually could not be searched without warrants.

After prosecutors said they had protocols in place to protect phone privacy, Roberts wrote: “Probably a good idea, but the Founders did not fight a revolution to gain the right to government agency protocols.”

With little evidence that the Supreme Court agrees with the surveillance court, it remains possible it would reverse the trend. But a case would first need to make its way up there.

(Reporting by Joseph Menn in San Francisco; additional reporting by Dustin Volz, Mark Hosenball and John Walcott in Washington; Editing by Jonathan Weber and Grant McCool)

China returns underwater drone, U.S. condemns “unlawful” seizure

The oceanographic survey ship, USNS Bowditch, is shown September 20, 2002, which deployed an underwater drone seized by a Chinese Navy warship in international waters in South China Sea,

By Ben Blanchard

BEIJING, Dec 20 (Reuters) – China has returned a U.S. underwater drone taken by one of its naval vessels in the
disputed South China Sea last week after what it said were friendly talks with the United States, which reiterated its criticism of the “unlawful” seizure.

The taking of the unmanned underwater vehicle in international waters near the Philippines triggered a diplomatic protest and speculation about whether it would strengthen U.S. President-elect Donald Trump’s hand as he seeks a tougher line with China.

A Chinese naval ship took the drone, which the Pentagon says uses unclassified, commercially available technology to collect oceanographic data, on Thursday about 50 nautical miles northwest of Subic Bay in the Philippines.

China’s defence ministry said in a brief statement the drone had been given back to the United States on Tuesday.

“After friendly consultations between the Chinese and U.S. sides, the handover work for the U.S. underwater drone was smoothly completed in relevant waters in the South China Sea at midday,” the ministry said.

The defence ministry declined to give more details about the handover when contacted by Reuters.

The Pentagon said the vehicle had been handed over to the guided missile destroyer USS Mustin near where it had been “unlawfully seized”. It called on China to comply with international law and refrain from further efforts to impede lawful U.S. activities.

“The U.S. remains committed to upholding the accepted principles and norms of international law and freedom of navigation and overflight and will continue to fly, sail, and operate in the South China Sea wherever international law allows,” Pentagon Press Secretary Peter Cook said in a statement.

Chinese foreign ministry spokeswoman Hua Chunying referred questions about the handover and other details of the case to the defence ministry.

“The handling of this incident shows that the Chinese and U.S. militaries have quite smooth communication channels. We think that this communication channel is beneficial to timely communication and the handling of sudden incidents and prevention of miscalculations and misunderstandings,” she said.

“As to what the U.S. defence department said, I have to verify it with the military. But I think what they said is
unreasonable as we have always said that for a long time the U.S. military has regularly sent ships and aircraft to carry out close up surveillance and military surveys in waters facing China, which threatens China’s sovereignty and security,” Hua told reporters.

“China is resolutely opposed to this and has always demanded the U.S. end these kinds of activities. I think this is the cause of this or similar incidents.”

The seizure has added to U.S. concern about China’s growing military presence and aggressive posture in the disputed South China Sea, including its militarization of maritime outposts.

China is deeply suspicious of any U.S. military activity in the resource-rich South China Sea, with state media and experts saying the use of the drone was likely part of U.S. surveillance efforts in the disputed waterway.

The U.S. Navy has about 130 such underwater drones, made by Teledyne Webb, each weighing about 60 kg (130 lb) and able to stay underwater for up to five months. They are used around the world to collect unclassified data about oceans, including temperature and depth.

It is not clear how many are used in the South China Sea.

(Editing by Paul Tait and Lincoln Feast)

Dozens of U.S. lawmakers request briefing on Yahoo email scanning

Yahoo Mail logo

By Dustin Volz

WASHINGTON (Reuters) – A bipartisan group of 48 lawmakers in the U.S. House of Representatives on Friday asked the Obama administration to brief Congress “as soon as possible” about a 2015 Yahoo <YHOO.O> program to scan all of its users’ incoming email at the behest of the government.

The request comes amid scrutiny by privacy advocates and civil liberties groups about the legal authority and technical nature of the surveillance program, first revealed by Reuters last week. Custom software was installed to search messages to hundreds of millions of accounts under an order issued by the secretive Foreign Intelligence Surveillance Court.

“As legislators, it is our responsibility to have accurate information about the intelligence activities conducted by the federal government,” according to the letter, organized by Republican Representative Justin Amash of Michigan and Democratic Representative Ted Lieu of California.

“Accordingly, we request information and a briefing as soon as possible for all members of Congress to resolve the issues raised by these reports.”

Investigators searched for messages that contained a single piece of digital content linked to a foreign state sponsor of terrorism, sources have told Reuters, though the nature of the content remains unclear.

Intelligence officials said Yahoo modified existing systems used to stop child pornography and filter spam messages on its email service.

But three former Yahoo employees told Reuters the court-ordered search was done by a module buried deep near the core of the company’s email server operation system, far below where mail sorting was handled.

The Senate and House intelligence committees were given a copy of the order when it was issued last year, sources said, but other members of Congress have express concern at the scope of the email scanning.

Some legal experts have questioned the breadth of the court order and whether it runs afoul of the U.S. Constitution’s Fourth Amendment protections against unreasonable searches.

Half of registered U.S. voters believe the Yahoo program violated the privacy of customers, according to a poll of 1,989 people conducted last week by Morning Consult, a polling and media company.

Twenty-five percent were supportive of the program because of its potential to stop criminal acts, the survey found, while another quarter did not know or had no opinion.

The congressional letter is addressed to Attorney General Loretta Lynch and Director of National Intelligence James Clapper.

(Additional reporting by Mark Hosenball and Joseph Menn; Editing by Jeffrey Benkoe)