2013年6月22日土曜日

GCHQ Espionage

GCHQのスパイ活動が報道された。
 英政府の情報機関「政府通信本部(GCHQ)」が、ブラウン前政権下で2009年
4月に開催された主要20か国・地域(G20)首脳会議や同年9月のG20財務相・中
央銀行総裁会議で、参加国閣僚らの電話や電子メールを傍受していたと報じた。

GCHQ
・NSAと協力して会議の出席者の電話やメールを傍受。
・通信傍受の対象は主にトルコと南アフリカ両国当局者
 トルコの財務相と15人の随行員のメールと電話はほとんど筒抜け。
・英国が望む方向に議事を運ぶのが目的。
・MI6と協力して偽のインターネット・カフェを設置、利用者の電子メールや
 パスワードも入手。ブラックベリーも傍受された。
・メールが閲覧された痕跡がサーバーに残らない工夫も施されていた。
・ブラックベリー傍受
・資料の一部が閣僚らに渡っていたのも確実か。

日米構造協議で行われた米CIA組織存続のため産業スパイは、日本では
有名な話。
ホテルの部屋のマイクやカメラ等の盗聴は当たり前で、電話、キーボード
のケーブルから漏れる電波、窓越しの盗聴は少し前の話。
この段階までは、外務省は対応済みとのこと。
最近は、携帯電話による通話やメールを有名な暗号であれば、復号できる
ようになったようだ。

いくつかの国の治安当局が、Black berryの機能制限を始めた頃には、
米NSAとMI6は、Black berryの一部の暗号を解読した可能性がある。
snowdenは、GPGやPGPは解読しにくいとのことだったが、本当だろうか。

主催国が、ネットカフェを設けて、盗聴を誘導。
設備費用がない国は、ありがたく利用するしかないのかもしれないが、
ネットがライフラインになる時代では性善説は通らないと思う。

EU 機内ケータイ使用可
英 中国でハニートラップ
中国 豪企業幹部拘束
ブラックベリー禁止
中国 国営ネットの諜報活動
米中軍事交流
IMS イングランド暴動拡大へ
中国 国営ネットの諜報活動
PRISM data-collection program
US Cyber Attack
NSA 通話盗聴300件未満、20カ国以上でテロ阻止


NSA Prism programme: William Hague makes statement on GCHQ


---英国もG20で盗聴?偽ネット・カフェ設置も---
2013年6月18日07時43分  読売新聞
http://www.yomiuri.co.jp/world/news/20130617-OYT1T01046.htm?from=ylist

 【ロンドン=佐藤昌宏】17日付英紙ガーディアンは、英政府の情報機関「政府通信本部(GCHQ)」が、ブラウン前政権下で2009年4月に開催された主要20か国・地域(G20)首脳会議や同年9月のG20財務相・中央銀行総裁会議で、参加国閣僚らの電話や電子メールを傍受していたと報じた。
 米政府による通信監視に内外から懸念の声が高まる中、キャメロン英首相は、主要8か国首脳会議(G8サミット)の場で同問題を非公式に協議する方針。報道が事実とすれば、オバマ米大統領のみならず、自身も他の首脳陣から説明を求められることになりそうだ。
 同紙によると、記事は、米情報機関「国家安全保障局(NSA)」の通信監視を暴露したエドワード・スノーデン氏(29)から入手した情報を基に作成した。GCHQの通信傍受の対象は主にトルコと南アフリカ両国当局者で、英国が望む方向に議事を運ぶのが目的だった。
 傍受のみならず、会場には英対外情報部(MI6)と協力して偽のインターネット・カフェを設置、利用者の電子メールやパスワードも入手したという。


---仕組まれたG20 09年に英国が盗聴、偽ネットカフェも---
2013.6.18 00:35
http://www.sankeibiz.jp/express/news/130618/exd1306180037000-n1.htm

≪元CIA職員暴露資料≫
 英紙ガーディアン(電子版)は6月16日、英政府の通信傍受機関、政府通信本部(GCHQ)が2009年4月にロンドンで開かれた20カ国・地域(G20)金融サミットなどの国際会議で、各国代表団の電話や電子メールをひそかに傍受していたと報じた。GCHQは情報収集のために、偽のインターネットカフェも設置していたという。英国では17、18の両日、北アイルランド地方のロックアーンで安倍晋三首相(58)も出席して主要国(G8)首脳会議(サミット)が開催されているが、各国は情報管理の徹底を迫られ、議長役のデービッド・キャメロン英首相(46)も釈明を求められそうだ。

議長国、優位性狙う
 ガーディアンによると、米国家安全保障局(NSA)が大手IT企業を通じて市民の通話記録やインターネット上の情報を収集していたことを暴露した、米中央情報局(CIA)元職員のエドワード・スノーデン氏(29)から提供を受けた資料に英政府の極秘文書が含まれており、その文書からGCHQによるG20などでの盗聴や通信傍受を確認したという。
 2009年は前年のリーマン・ショックからの世界経済回復に向けた具体策を話し合うため、4月にG20の首脳会合が、開かれた。極秘文書によると、GCHQはNSAと協力して会議の出席者の電話やメールを傍受。「画期的な情報収集能力」を駆使し、メールが閲覧された痕跡がサーバーに残らない工夫も施されていた。
 会議では銀行経営者の高額報酬への規制をめぐり、規制強化に積極的なフランスやドイツと過剰規制を嫌う英国や米国が対立するなど、各国の立場の違いが明確になったが、通信傍受は議長国の英国が各国の足元を見透かし、会議で優位に立つことを目的に行われたとしている。

「ブラックベリー傍受」
 具体的には、GCHQと英情報機関の秘密情報局(MI6)は、代表団の電子メール情報を収集するため、特殊なプログラムを施した偽のインターネットカフェを設置。また、秘匿性が高く、出席者の多くが使い、バラク・オバマ米大統領(51)も愛用していたことでも知られるスマートフォン「ブラックベリー」の傍受に成功していたと文書には記載されていた。
 理由は明かされていないが、特に傍受の標的になったのはトルコの代表団で、財務相と15人の随行員のメールと電話はほとんど筒抜けになっていた。
 この他、NSAが金融サミットでロンドンに滞在中の当時のドミトリー・メドベージェフ露大統領(47)の電話内容を盗聴し、その詳細な記録の提供をGCHQは受けたという。
 ガーディアンは、当時のゴードン・ブラウン英首相(62)がこうした行為を承知していたのは自明で、資料の一部が閣僚らに渡っていたのも確実としている。

GCHQ 英国の諜報機関。前身の政府暗号学校は1919年に創設され、第二次世界大戦中にナチス・ドイツの難解な暗号「エニグマ」を解読して名声を上げた。スパイ衛星や電子機器を用いた国内外の秘密情報収集、暗号解読が主な業務で、通信を傍受してテロの動きなどに目を光らせている。NSAの姉妹機関で、NSAが運営主体になっている世界規模の通信傍受システム「エシュロン」をともに構築しているとされる。本部は英南西部グロスターシャーにあり、職員数は約1万1000人。


---NSA & GCHQ spy on Russian President & G20 Delegates---
18 June 2013
http://www.infosecurity-magazine.com/view/32986/nsa-gchq-spy-on-russian-president-g20-delegates-/

New Snowden revelations revealed that the NSA and GCHQ do traditional spying too - eavesdropping on the Russian president’s phone calls out of London and the delegates at the G20 2009 meeting in London.

Further documents revealed by Edward Snowden to the Guardian indicate a thorough, if not sophisticated, spying campaign by GCHQ on foreign politicians and officials attending two G20 meetings in London in 2009 as the world banking crisis unfolded. Ironically, Britain is currently hosting a G8 meeting in Northern Ireland at this moment; and there can be little doubt that GCHQ and the NSA will again be attempting to gain as much additional information as possible. It’s their job: spies spy - but it’s also their job not to get found out.

The latest revelations have found them out; and although few people will be surprised that it happens, it is nevertheless a huge embarrassment to Obama and Cameron. As the Guardian reports, “From a technical point of view, spying on those negotiating on the territory of a country doesn't present any great difficulties", pointed out Nikolai Kovalev, the former head of the FSB, Russia's powerful domestic spy agency. Kovalev however, added: "To avoid diplomatic and international scandal security agencies are forbidden from doing this. And usually they don't do it.”

Snowden’s disclosures indicate that the NSA used its huge listening station at Menwith Hill in Yorkshire (Wikipedia), manned by NSA agents and supported by GCHQ staff, to listen into telephone conversations of the then Russian president Dmitry Medvedev emanating from the Russian embassy in London. Meanwhile, GCHQ set about spying on other delegates. That they did is disclosed; how they did it is left to conjecture from hints in the leaked documents.

One method appears to have been the establishment of local internet cafes where, says the Guardian, “they used an email interception programme and key-logging software to spy on delegates' use of computers.” Another method was “penetrating the security on delegates' BlackBerrys to monitor their email messages and phone calls.”

The surprising element is that this could work. It is hard to believe that delegates and their entourages would not have been warned against the use of internet cafes anywhere - and the vulnerability of standard phones, even BlackBerrys, is hardly news. Nevertheless, the righteous indignation of the targeted is both necessary and apparent. The leaked documents specifically mention Russia, Turkey and South Africa.

In Russia, Igor Morozov, a senator in Russia's Federation Council, told RIA-Novosti, “Won't the US special services now start spying on Vladimir Putin, rather than correcting their actions? This isn't just an act of inhospitality, but a fact that can seriously complicate international relations,” he said. “Big doubts about Obama's sincerity appear.”

In Turkey, the UK ambassador was summoned to Ankara. An official statement says, “The allegations in the Guardian are very worrying... If these allegations are true, this is going to be scandalous for the UK. At a time when international co-operation depends on mutual trust, respect and transparency, such behavior by an allied country is unacceptable.”

The response from South Africa was measured. “We do not yet have the full benefit of details reported on but in principle we would condemn the abuse of privacy and basic human rights particularly if it emanates from those who claim to be democrats,” said a spokesperson from the South African foreign ministry.

All of this is just business as usual in the modern world. Spies spy, and politicians seek political advantage. The moral, however, is simple: don’t get caught.


---GCHQ intercepted foreign politicians' communications at G20 summits---
Ewen MacAskill, Nick Davies, Nick Hopkins, Julian Borger and James Ball   
The Guardian, Monday 17 June 2013   
http://www.guardian.co.uk/uk/2013/jun/16/gchq-intercepted-communications-g20-summits

Exclusive: phones were monitored and fake internet cafes set up to gather information from allies in London in 2009
Foreign politicians and officials who took part in two G20 summit meetings in London in 2009 had their computers monitored and their phone calls intercepted on the instructions of their British government hosts, according to documents seen by the Guardian. Some delegates were tricked into using internet cafes which had been set up by British intelligence agencies to read their email traffic.

The revelation comes as Britain prepares to host another summit on Monday - for the G8 nations, all of whom attended the 2009 meetings which were the object of the systematic spying. It is likely to lead to some tension among visiting delegates who will want the prime minister to explain whether they were targets in 2009 and whether the exercise is to be repeated this week.

The disclosure raises new questions about the boundaries of surveillance by GCHQ and its American sister organisation, the National Security Agency, whose access to phone records and internet data has been defended as necessary in the fight against terrorism and serious crime. The G20 spying appears to have been organised for the more mundane purpose of securing an advantage in meetings. Named targets include long-standing allies such as South Africa and Turkey.

There have often been rumours of this kind of espionage at international conferences, but it is highly unusual for hard evidence to confirm it and spell out the detail. The evidence is contained in documents - classified as top secret - which were uncovered by the NSA whistleblower Edward Snowden and seen by the Guardian. They reveal that during G20 meetings in April and September 2009 GCHQ used what one document calls "ground-breaking intelligence capabilities" to intercept the communications of visiting delegations.

This included:

*Setting up internet cafes where they used an email interception programme and key-logging software to spy on delegates' use of computers;

*Penetrating the security on delegates' BlackBerrys to monitor their email messages and phone calls;

*Supplying 45 analysts with a live round-the-clock summary of who was phoning who at the summit;

*Targeting the Turkish finance minister and possibly 15 others in his party;

*Receiving reports from an NSA attempt to eavesdrop on the Russian leader, Dmitry Medvedev, as his phone calls passed through satellite links to Moscow.

The documents suggest that the operation was sanctioned in principle at a senior level in the government of the then prime minister, Gordon Brown, and that intelligence, including briefings for visiting delegates, was passed to British ministers.

A briefing paper dated 20 January 2009 records advice given by GCHQ officials to their director, Sir Iain Lobban, who was planning to meet the then foreign secretary, David Miliband. The officials summarised Brown's aims for the meeting of G20 heads of state due to begin on 2 April, which was attempting to deal with the economic aftermath of the 2008 banking crisis. The briefing paper added: "The GCHQ intent is to ensure that intelligence relevant to HMG's desired outcomes for its presidency of the G20 reaches customers at the right time and in a form which allows them to make full use of it." Two documents explicitly refer to the intelligence product being passed to "ministers".

According to the material seen by the Guardian, GCHQ generated this product by attacking both the computers and the telephones of delegates.

One document refers to a tactic which was "used a lot in recent UK conference, eg G20". The tactic, which is identified by an internal codeword which the Guardian is not revealing, is defined in an internal glossary as "active collection against an email account that acquires mail messages without removing them from the remote server". A PowerPoint slide explains that this means "reading people's email before/as they do".

The same document also refers to GCHQ, MI6 and others setting up internet cafes which "were able to extract key logging info, providing creds for delegates, meaning we have sustained intelligence options against them even after conference has finished". This appears to be a reference to acquiring delegates' online login details.

Another document summarises a sustained campaign to penetrate South African computers, recording that they gained access to the network of their foreign ministry, "investigated phone lines used by High Commission in London" and "retrieved documents including briefings for South African delegates to G20 and G8 meetings". (South Africa is a member of the G20 group and has observer status at G8 meetings.)

A detailed report records the efforts of the NSA's intercept specialists at Menwith Hill in North Yorkshire to target and decode encrypted phone calls from London to Moscow which were made by the Russian president, Dmitry Medvedev, and other Russian delegates.

Other documents record apparently successful efforts to penetrate the security of BlackBerry smartphones: "New converged events capabilities against BlackBerry provided advance copies of G20 briefings to ministers … Diplomatic targets from all nations have an MO of using smartphones. Exploited this use at the G20 meetings last year."

The operation appears to have run for at least six months. One document records that in March 2009 - the month before the heads of state meeting - GCHQ was working on an official requirement to "deliver a live dynamically updating graph of telephony call records for target G20 delegates … and continuing until G20 (2 April)."

Another document records that when G20 finance ministers met in London in September, GCHQ again took advantage of the occasion to spy on delegates, identifying the Turkish finance minister, Mehmet Simsek, as a target and listing 15 other junior ministers and officials in his delegation as "possible targets". As with the other G20 spying, there is no suggestion that Simsek and his party were involved in any kind of criminal offence. The document explicitly records a political objective - "to establish Turkey's position on agreements from the April London summit" and their "willingness (or not) to co-operate with the rest of the G20 nations".

The September meeting of finance ministers was also the subject of a new technique to provide a live report on any telephone call made by delegates and to display all of the activity on a graphic which was projected on to the 15-sq-metre video wall of GCHQ's operations centre as well as on to the screens of 45 specialist analysts who were monitoring the delegates.

"For the first time, analysts had a live picture of who was talking to who that updated constantly and automatically," according to an internal review.

A second review implies that the analysts' findings were being relayed rapidly to British representatives in the G20 meetings, a negotiating advantage of which their allies and opposite numbers may not have been aware: "In a live situation such as this, intelligence received may be used to influence events on the ground taking place just minutes or hours later. This means that it is not sufficient to mine call records afterwards - real-time tip-off is essential."

In the week after the September meeting, a group of analysts sent an internal message to the GCHQ section which had organised this live monitoring: "Thank you very much for getting the application ready for the G20 finance meeting last weekend … The call records activity pilot was very successful and was well received as a current indicator of delegate activity…

"It proved useful to note which nation delegation was active during the moments before, during and after the summit. All in all, a very successful weekend with the delegation telephony plot."

0 コメント: