2014年3月28日金曜日

OP SHOTGIANT

NSAがHuaweiを監視していたようだ。
 NSAが中国の大手通信機器メーカー「華為技術」の本社サーバーに侵入
し、同社幹部の通信情報を監視していたと報じた。

NSA OP Shotgiant
・Huaweiと中国人民解放軍(PLA)との関係を探るのが目的
・2007年ごろに開始、2010年までに中国・深センの本社サーバーに侵入。
・中国政府機関(商務省や外務省等)や金融機関などの通信を監視、
 国家主席も盗聴の標的。
・Huawei創設者Ren Zhengfeiの通信を傍受。
・マルウェア感染
 米Facebookのサーバーを装う手口。
 マルウエアを添付したスパムメールを大量送信。
・マルウエアの感染では、密かにコンピュータのマイクから音声を
 拾い、Webカメラから画像を取得。ファイルのダウンロードを妨げ、
 Webサイトへのアクセスを遮断する機能も備える。

Huawei役員の通信を傍受していたとのことだから、SoftbankやDocomoだけ
でなく、多くの会社との契約を傍受していたと思う。
Huaweiが電子媒体による保存に積極的であれば、サーバに保存された契約
条件に加え、製品仕様や設計資料、販売戦略等を盗聴か。
通信データや保存データに暗号が施されていたかの詳細は不明。
Huaweiは「世界の人口の1/3を繋ぐ」とのことだから、販売した携帯電話
端末やオペレーションセンターの設備は、人民解放軍だけでなく、NSAも
多くの同じ情報を得ていた可能性がある。NSAは、GCHQと情報を共有か。

NSAは、マルウェアを感染させて情報の監視や盗聴。
最近は、ウィルスチェッカーには、マルウェアの感染防止機能がついた
ものもある。全てのコンピュータウィルスやマルウェアからの感染はでき
ないと言う。
官製ウィルスチェッカーでは、官製ウィルスや官製マルウェアに感染する
ように作られている必要がある。
全ての感染防止は無理と言う本当の理由は、官製のものに感染させる必要
があるからか。政府から独立したソフトウェア会社は存在するのか。

Stuxnet,Duga,Flameは官製か
PRISM data-collection program
GCHQ Espionage
OP Olympic Games
XKeyScore
NSA Crack Smartphone Privacy Codes
NSA analyzed GCHQ Report
NSA OPs Keep Allies Safe
NSA情報収集改革策
DROPOUT JEEP


Leaked documents show NSA targeted Chinese telecoms giant


---米NSA、中国「華為技術」に侵入し情報監視---
2014年3月23日20時44分  読売新聞
http://www.yomiuri.co.jp/world/news/20140323-OYT1T00445.htm

 【ニューヨーク=加藤賢治、ベルリン=工藤武人】米紙ニューヨーク・タイムズ(電子版)は22日、米国家安全保障局(NSA)が中国の大手通信機器メーカー「華為技術(ファーウェイ)」の本社サーバーに侵入し、同社幹部の通信情報を監視していたと報じた。
 米中央情報局(CIA)の元職員エドワード・スノーデン容疑者から入手した2010年のNSA文書などを基に報じた。NSAの活動は、同社と中国人民解放軍との関係を探るのが目的で、07年ごろに開始され、10年までに中国・深センの本社サーバーに侵入した。
 一方、ドイツ誌シュピーゲル(電子版)は22日、NSAが、商務省や外務省などの中国政府機関や金融機関などの通信を監視していたほか、国家主席も盗聴の標的にしていたと伝えた。


---NSA:中国企業のネットに侵入 軍との通信など監視---
毎日新聞 2014年03月23日 19時25分(最終更新 03月24日 06時26分)
http://mainichi.jp/select/news/20140324k0000m030033000c.html

 【ワシントン及川正也】米国家安全保障局(NSA)が中国通信機器大手、華為技術(ファーウェイ)のネットワークに侵入するシステムを構築し、同社と中国軍との間に交信があるかを調べていたと、米紙ニューヨーク・タイムズ(電子版)が22日報じた。米議会は同社が中国軍と連携して米企業や米政府へのサイバー攻撃に関係している疑いがあると指摘。同社は軍との連携やサイバー攻撃への関与を否定しているが、米政府は中国側のスパイ活動やサイバー攻撃への監視を強化しているものとみられる。
 同紙によると、元米中央情報局(CIA)職員のスノーデン容疑者が提供した2010年の機密資料を基に報道。NSAは同社のネットワークや製品を通じてイランなどへのスパイ活動も試みようとしていたという。
 NSAは、中国のサイバー攻撃への対抗措置として中国軍を含む20を超すハッカー集団の通信を追跡しているという。米中間では国防情報や産業情報のスパイが問題になっており、24日の米中首脳会談でも議題になる見通し。


--- NSA、Facebookを装う手口などで盗聴活動を拡大---米サイトの報道---
2014/03/13
鈴木 英子=ニューズフロント
http://itpro.nikkeibp.co.jp/article/NEWS/20140313/543282/?ST=security

 米政府による監視活動を主要テーマにした米ニュースサイト「Intercept」は現地時間2014年3月12日、米国家安全保障局(NSA)が監視活動をますます広げているとする記事を公開した。革新的な監視システムを導入し、世界中の数百万台のコンピュータにマルウエアを感染させることが可能だという。
 Interceptは、NSAの監視活動を告発した元米中央情報局(CIA)職員のEdward Snowden容疑者から入手した機密文書によって明らかになったことだとして伝えている。
 問題の盗聴活動では、コンピュータに入り込む最初の手段として、米Facebookのサーバーを装う手口を使用するほか、マルウエアを添付したスパムメールを大量送信する。マルウエアは、密かにコンピュータのマイクから音声を拾い、Webカメラから画像を取得する。ファイルのダウンロードを妨げ、Webサイトへのアクセスを遮断する機能も備える。
 この監視システムは当初、従来の監視手段が通用しない数百人の対象者のみに使われていたが、NSAは過去10年で積極的に自動化を進め、ハッキング活動を拡大してきたと見られる。
 盗聴ネットワークは米メリーランド州フォートミードにあるNSA本部のほか、英国や日本にも拠点があるという。
 Facebookを偽装する手口では、インターネットユーザーがFacebookサイトにアクセスしようとすると、NSAのコンピュータがそのリクエストを検知し、Facebookのサーバーからのトラフィックに見せかけてNSAのサーバーからデータを返す。ユーザーは、FacebookのWebページを読み込んでいるつもりで、実はNSAが配信するマルウエアをダウンロードしてしまう


---NSA hacked into servers at Huawei headquarters, reports say---
Marc Ferranti
Mar 23, 2014 10:40 AM
http://www.pcworld.com/article/2110960/nsa-hacked-into-servers-at-huawei-headquarters-reports-say.html

The U.S. National Security Agency has hacked into Huawei Technologies servers, spied on communications of company executives and collected information to plant so-called backdoors on equipment from the Chinese networking manufacturer, according to reports published over the weekend.

In response, the NSA said that it declines to comment on specific, alleged foreign intelligence activities. In a statement emailed to the IDG News Service, the agency elaborated, saying that “NSA’s activities are focused and specifically deployed against-and only against-valid foreign intelligence targets in response to intelligence requirements.”

Huawei officials were not immediately available for comment.

The latest reports are part of a long-running cyberespionage saga. U.S. officials have contended for years that China’s People’s Liberation Army (PLA) works with manufacturers and hacking groups to spy on U.S. companies and government agencies.

Since last June, documents leaked by former U.S. intelligence contractor Edward Snowden and published by various news organizations have shown that the NSA has conducted its own surveillance campaigns, including programs to hack into equipment from Chinese networking manufacturers.

But according to new reports over the weekend from The New York Times and Der Spiegel and based on documents leaked by Snowden, the NSA succeeded in penetrating equipment at Huawei headquarters in a plan to monitor communications on the company’s networking equipment worldwide.

The NSA “pried its way” into Huawei servers at the company’s headquarters in Shenzhen, China, according to an online report in The New York Times Saturday.

The operation, code-named “Shotgiant,” was to try to establish long-suspected links between Huawei and the PLA, and also to plant backdoors on Huawei equipment sold worldwide, according to the Times.

Among the information cited by newspaper was a 2010 document detailing Shotgiant operations. However, covert operations against Huawei go as far back as 2007, The New York Times report said. The NSA also monitored communications of Huawei executives, the report said.

One goal of Shotgiant was to place backdoors on Huwei technology in order to monitor communications on network equipment acquired by the company’s customers, which include U.S. allies and adversaries, according to the report.

The report in the Times does not specify how successful this was, since technical details of the operation were withheld from publication at the request of the U.S. government, according to the newspaper.

The NSA is taking pains to distinguish its surveillance activities from those of China. U.S. government and business officials claim Chinese spying activities are intended, among other things, to gain commercial advantage over the U.S.

“We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of-or give intelligence we collect to-U.S. companies to enhance their international competitiveness or increase their bottom line,” the NSA said in an emailed statement Sunday.

“It is important to note the overlay of law, regulation, policy, procedure, technical safeguards, training, culture, and ethos in the use of such tools; all of these things govern how NSA deploys various foreign intelligence techniques to help defend the nation,” the NSA said.

The latest reports of the NSA’s spying on Huawei follow earlier news stories about efforts to place backdoors on equipment from the company.

In December last year, Der Spiegel published a report outlining how the NSA intercepts deliveries of new computer equipment en route to plant spyware. The operation was conducted by the NSA’s Office of Tailored Access Operations (TAO), which specializes in infiltrating computers, according to the report.

The newest reports this weekend say that the TAO unit by 2010 gained access to Huawei headquarters and was able to collect communications from Ren Zhengfei, the company’s founder.

The Times story, however, pointed out that none of the documents leaked by Snowden show that NSA operations proved a specific link between Huawei and the PLA.

U.S. government officials for years have suspected that Chinese networking companies have worked with the PLA. For example, a congressional committee concluded an inquiry in 2012 with members still in doubt about the security of networking equipment from Huawei and ZTE

The U.S. government has also blocked efforts by Huawei to expand its business in the country. In September 2011, for example, the U.S. Department of Commerce said it had told Huawei that the company was barred from participating in a project to build a national wireless network.

Last October, Huawei issued a company report on cybersecurity in which it suggested ways companies could work together internationally to secure networks from hacking.

“We can confirm that we have never been asked to provide access to our technology, or provide any data or information on any citizen or organization to any Government, or their agencies,” Huawei Deputy Chairman Ken Hu said in the report.

In an online article Saturday, The New York Times quoted William Plummer, a U.S.-based Huawei executive, as saying: “If such espionage has been truly conducted then it is known that the company is independent and has no unusual ties to any government, and that knowledge should be relayed publicly to put an end to an era of mis- and disinformation.”

In addition to selling networking equipment, Huwaei is also the third-largest vendor of smartphones in the world. However, as recently as Mobile World Congress last month, a Huwaei official confirmed that the company has essentially given up on the network infrastructure business in the U.S., which makes efforts to sell mobile devices in the country more difficult.


---NSA targeted Chinese telecoms giant Huawei - report---
Martin Pengelly in New York
theguardian.com, Saturday 22 March 2014 20.48 GMT   
http://www.theguardian.com/world/2014/mar/22/nsa-huawei-china-telecoms-times-spiegel

NSA created 'back doors' into networks Huawei networks
Company claims to connect a third of world's population
Report comes as Obama set to meet Xi Jinping on Monday

The National Security Agency created “back doors” into networks maintained by the Chinese telecommunications company Huawei, according to a report released on Saturday.

The report comes from a document provided by the former NSA contractor Edward Snowden and disclosed by the New York Times and Der Spiegel. It will add to embarrassment in US government circles, in light of an October 2012 US House of Representatives intelligence committee report which said US firms should avoid doing business with Huawei and another Chinese telecoms company, ZTE, because they posed a national security threat.

President Barack Obama is scheduled to meet Chinese president Xi Jinping in the Hague on Monday, during a six-day trip to Europe in which he will attempt to strengthen international opinion against Russia's occupation of Crimea. The first lady, Michelle Obama, is currently in China with her mother and two daughters; on Saturday she told an audience of students at Peking University's Stanford Centre that web access should be “a universal right”.

On Saturday, William Plummer, Huawei's vice-president of external affairs, said in an email to the Associated Press: "Huawei has declared its willingness to work with governments, industry stakeholders and customers in an open and transparent manner, to jointly address the global challenges of network security and data integrity.

“The information presented in Der Spiegel and the New York Times article reaffirms the need for all companies to be vigilant at all times."

At the time of the 2012 House report's release, intelligence committee chairman Mike Rogers said in comments broadcast on the CBS programme 60 Minutes: “Find another vendor [than Huawei] if you care about your intellectual property; if you care about your consumers' privacy and you care about the national security of the United States of America.”

In July 2013 Huawei rebutted such claims - the former CIA director General Michael Hayden also said he believed the company supplied information to the Chinese government - calling them “racist”. The same month, the UK government opened a review of the firm. In October 2013, the company's deputy chairman, Ken Hu, denied ever having been told to spy on customers.

The Times and Spiegel reports said that in an operation code-named Shotgiant, the NSA gained access to the company's servers in Shenzhen, obtaining information and monitoring communications between executives. Among those whose emails the NSA was able to read was the president of Huawei, Ren Zhengfei.

Huawei, which maintains operations in the UK despite all but ending its attempts to access the US market, due to government resistance, claims to connect a third of the world's population. It is also the world's third-largest maker of smartphones, after Apple and Samsung.

Saturday's reports quoted from the 2010 document: “Many of our targets communicate over Huawei-produced products. We want to make sure that we know how to exploit these products.”

In response to previous stories derived from documents obtained by Snowden and leaked to media outlets including the Guardian last year, the US government has repeatedly said the NSA breaks into foreign networks only for reasons of national security.

On Saturday an NSA spokeswoman, Caitlin Hayden, told the Times: “We do not give intelligence we collect to US companies to enhance their international competitiveness or increase their bottom line. Many countries cannot say the same.”

The Times quoted Plummer as saying: “The irony is that exactly what they are doing to us is what they have always charged that the Chinese are doing through us.”

Security against cyber warfare carried out by China is an increasing concern to the US. In February 2013 a US security company said it had pinpointed the existence of a unit within the People's Liberation Army responsible for a number of cyber attacks against the US.

The Times also quoted James A Lewis, a cyber security expert at the Centre for Strategic and International Studies, who said: “China does more in terms of cyberespionage than all other countries put together.”


---NSA infiltrates servers of China telecom giant Huawei: report---
WASHINGTON Sat Mar 22, 2014 5:25pm EDT
http://www.reuters.com/article/2014/03/22/us-usa-security-china-nsa-idUSBREA2L0PD20140322

(Reuters) - The U.S. National Security Agency has infiltrated servers in the headquarters of Chinese telecommunications and internet giant Huawei Technologies Co, obtaining sensitive information and monitoring the communications of top executives, the New York Times reported on Saturday.

The newspaper said its report on the operation, code-named "Shotgiant," was based on NSA documents provided by Edward Snowden, the former agency contractor who since last year has leaked data revealing sweeping U.S. surveillance activities. The German magazine Der Spiegel also reported on the documents.

One of the goals of the operation was to find any connections between Huawei and the Chinese People's Liberation Army, according to a 2010 document cited by the Times.

But the newspaper said the operation also sought to exploit Huawei's technology. It reported that the NSA aimed to conduct surveillance through computer and telephone networks Huawei sold to other nations. If ordered by the U.S. president, the NSA also planned to unleash offensive cyber operations, it said.

The newspaper said the NSA secured access to the servers in Huawei's sealed headquarters in the city of Shenzhen and got information about the workings of the giant routers and complex digital switches the company says connect a third of the world's people. The NSA also tracked communications of Huawei's top executives, the Times reported.

Der Spiegel reported that the NSA breached Huawei's computer network and copied a list of more than 1,400 clients and internal training documents for engineers. "We have access to so much data that we don't know what to do with it," the magazine cited an NSA document as saying.

The magazine said the NSA also is pursuing a digital offensive against the Chinese political leadership. It named the government targets as former Chinese prime minister Hu Jintao and the Chinese trade and foreign ministries.

'PLANS AND INTENTIONS'

"Many of our targets communicate over Huawei-produced products. We want to make sure that we know how to exploit these products," the Times quoted an NSA document as saying, to "gain access to networks of interest" around the world.

"If we can determine the company's plans and intentions," an analyst wrote in the 2010 document, "we hope that this will lead us back to the plans and intentions" of the Chinese government.

The Times also reported that as Huawei invested in new technology and laid undersea cables to connect its $40 billion-a-year networking operation, the NSA was interested in getting information on into key Chinese customers including "high priority targets - Iran, Afghanistan, Pakistan, Kenya, Cuba."

The Times quoted William Plummer, a senior Huawei executive in the United States, as saying that the company did not know it was a target of the NSA.

"The irony is that exactly what they are doing to us is what they have always charged that the Chinese are doing through us," the Times quoted Plummer as saying.

"If such espionage has been truly conducted then it is known that the company is independent and has no unusual ties to any government, and that knowledge should be relayed publicly to put an end to an era of mis- and disinformation," the Times quoted Plummer as saying.

The Times noted that U.S. officials see Huawei as a security threat and have blocked the company from making business deals in the United States, worried that it would furnish its equipment with "back doors" that could enable China's military or Chinese-backed hackers to swipe corporate and government secrets.

Snowden last year fled to Hong Kong and then to Russia, where he has asylum. The United States wants him returned to face criminal prosecution.

U.S. officials have denied the United States and NSA have spied on foreign companies to help American companies gain a competitive edge. A U.S. intelligence official said the NSA and other agencies do not provide secretly collected intelligence information that could be commercially sensitive or give a competitive advantage to U.S. firms.

U.S. officials acknowledge that in the course of assessing the economic prospects or stability of foreign countries American agencies might collect data on individual companies.

They also said the United States might collect data on foreign companies in preparation for imposing economic sanctions or taking other foreign policy-related actions against a country and its leadership, but not to aid American companies.

The Times and Der Spiegel articles were published just days before Chinese President Xi Jinping visits Europe and will hold talks with German Chancellor Angela Merkel, herself a target of electronic surveillance by the NSA.

They also were published during U.S. first lady Michelle Obama's visit to China. In Beijing on Saturday, she told an audience of college students that open access to information - especially online - is a universal right.

0 コメント: