What’s the News: America’s intelligence agencies are in the business of predicting the future, using limited amounts of information to divine world events. But even expert analysts and sophisticated algorithms can make mistakes.

That’s why IARPA—which takes on high-risk, high-reward research projects (read: awesome longshots) in US intelligence—is turning to crowdsourcing, reports Adam Rawnsley at Wired.com’s Danger Room. Applied Research Associates will launch an IARPA-backed website this Friday to test whether those of us without security clearances can point the clandestine services in the right direction.

(more…)

Over the last two years (and perhaps as long as four), hackers probably based in China have been targeting several huge multinational energy companies and using long-established techniques to extract information. That’s according to the computer security firm McAfee, which helped some of the companies fight back against the ongoing wave of attacks it has dubbed “Night Dragon.”

“We have confirmed that five companies have been attacked,” said Dmitri Alperovitch, McAfee’s vice president for threat research. He said he suspected that at least a dozen companies might have been affected by the team of computer hackers seemingly based in Beijing and who appeared to work during standard business hours there. “These people seemed to be more like company worker bees rather than free-spirited computer hackers,” he said. “These attacks were bold, even brazen, and they left behind a trail of evidence.” [The New York Times]

In a blog post about the attacks, McAfee CTO George Kurtz notes that the hackers took advantage of techniques that have been around for more than a decade. In fact, he says, their simplicity helped them to evade security software.

During the last two years — and up to four years — the hackers had access to the computer networks, focusing on financial documents related to oil and gas field exploration and bidding contracts, said Alperovitch. They also copied proprietary industrial processes. “That information is tremendously sensitive and would be worth a huge amount of money to competitors,” said Alperovitch. [Reuters]

(more…)

It was late September when the world got wind of Stuxnet, the complex piece of malware that appeared to specifically target Iranian nuclear sites. Now, analysis of Stuxnet suggests it was almost perfectly designed to corrupt nuclear centrifuges, according to David Albright of the Institute for Science and International Security.

On Wednesday, Mr. Albright and a colleague, Andrea Stricker, released a report saying that when the worm ramped up the frequency of the electrical current supplying the centrifuges, they would spin faster and faster. The worm eventually makes the current hit 1,410 Hertz, or cycles per second — just enough, they reported, to send the centrifuges flying apart. In a spooky flourish, Mr. Albright said in the interview, the worm ends the attack with a command to restore the current to the perfect operating frequency for the centrifuges — which, by that time, would presumably be destroyed. [The New York Times]

Computer experts don’t know Stuxnet’s origin for sure, though the Times’ story drops a few cryptic hints of Israeli involvement. And further study of the attack shows that although Stuxnet appears calibrated to disrupt centrifuges, it could be easily adapted to seize the reins of other systems.

The widespread interconnection of corporate networks and use of SCADA systems [supervisory control and data acquisition] means that industrial infrastructure is increasingly vulnerable to software attack. Such control systems are used in virtually every industry—food production, vehicle assembly, chemical manufacturing—and are commonly exposed to insecure networks. This leaves them vulnerable to tampering, such as with Stuxnet, as well as intellectual property theft. [Ars Technica]

(more…)

A lucrative new car market, a former General Motors employee, and a dumpster with shredded documents. According to a federal court indictment (pdf) released on Thursday, these may be a recipe for hybrid car espionage. A former GM employee and her husband–Shanshan Du and Yu Qin–stand accused of shuttling secrets out of the American automobile company and attempting to provide design information to a Chinese competitor.

Earth2Tech reports that as hybrids become a bigger part of the automotive landscape, they’re also the cause of more legal fights, including recent legal battles over hybrid technology patents involving Ford and Toyota.

According to Australia-based IP law firm Griffith Hack, filings for patents covering hybrid technology have been “increasing roughly exponentially” across much of the industry in the last few years, although the Clean Energy Patent Growth Index from intellectual property law firm Heslin Rothenberg Farley & Mesiti suggests a more gradual climb.[Earth2Tech]

General Motors values the stolen secrets at over $40 million and suspects that Du started loading documents onto a hard drive after the company offered her a severance package in January 2005.

(more…)

Shahram Amiri is at the Pakistani embassy in Washington D.C. Unless he’s not.

The missing Iranian nuclear scientist is no stranger to intrigue and indecision: Last month we covered dueling YouTube videos in which two men, both claiming to be Amiri, say that either he was being held against his will in the United States or was studying freely and happily here. Today his case took more strange turns, as government officials in Pakistan claimed that Amiri is currently at their embassy in Washington, awaiting a return trip to Iran.

Today Amiri was quoted by Iranian official media as claiming that the US government had intended to return him to Iran to cover up his kidnapping in Saudi Arabia. “Following the release of my interview in the internet which brought disgrace to the US government for this abduction, they wanted to send me back quietly to Iran by another country’s airline,” he told state radio from the Iranian interests office in Washington. “Doing so, they wanted to deny the main story and cover up this abduction. However, they finally failed” [The Guardian].

(more…)

This week, the FBI arrested 11 alleged Russian spies living in New Jersey. How did they catch them? By digging through their photos.

These weren’t snapshots of covert meetings or secret handshakes, but–more likely–the quotidian: kittens and ice cream cones. They weren’t hidden in some obscure drop location, but viewable to the public, online. The pictures’ real importance was tucked inside, in encoded messages detailing secret meetings.

We aren’t talking Magic Eye–no mater how long you cross your eyes, staring at these pictures wouldn’t tell you where to drop off money or who to call. The alleged spies reportedly encoded the messages at the pixel level.

Every color on your computer screen is a combination of red, blue, and green–digitally represented as three numeric values. By making subtle changes to these numbers, the Russians hid binary code that someone–with the right software–could recombine into a message.

(more…)

Have you seen this man? If so, please ask him to make up his mind.

Shahram Amiri, a 32-year-old Iranian nuclear scientist, is at the center of an episode of United States-Iran intrigue that just got weirder, thanks to YouTube. Amiri disappeared during his pilgrimage to Saudi Arabia last year, and anonymous U.S. officials confirmed that he defected, presumably bringing information about Iran’s nuclear program. Now he—or someone purporting to be him—appears in two contradictory videos that claim he was either abducted and tortured by the United States or is living happily here and going about his studies.

The first video:

The dark-haired man, appearing unshaven and disheveled, said he was being held against his will in Tucson. “I was kidnapped in a joint operation by the American intelligence, CIA terror and kidnap teams, and Saudi Arabia’s Istikhbarat” spy service, the man said in a grainy video aired in Iran on Monday night. He said he had been drugged before being smuggled out of Saudi Arabia, adding that he had been subjected to “severe torture” and “psychological pressures” [Washington Post].

A very different Amiri showed up in a second video today. He, or someone like him, appears in a professionally shot video sitting in front of some parlor with a globe and a chess board, as if he wants to have a few minutes of our time to talk about life insurance.

(more…)

Despite burning curiosity, I have no idea what the Dalai Lama writes in his personal emails. But somewhere in China, hackers know.

China-based hacking operations have moved from murmurs to the front page since the fracas between the Chinese government and Google flared up three months ago. Besides the communist government’s flagrant and unapologetic Internet censorship, the search giant also accused China of harboring hackers who were behind politically motivated cyber attacks, like the targeting of Chinese human rights activists’ Gmail accounts. This week, computer security experts at the Munk School of Global Affairs at the University of Toronto announced that they’ve been trailing a group of China-based attackers they dub the “Shadow Network” for eight months. And they say they can show that those hackers have stolen a plethora of politically sensitive materials.

The intruders breached the systems of independent analysts, taking reports on several Indian missile systems. They also obtained a year’s worth of the Dalai Lama’s personal e-mail messages. The intruders even stole documents related to the travel of NATO forces in Afghanistan [The New York Times]. They also took political documents that outlined India’s concerns about its relations with Africa, Russia, and the Middle East. The core servers for the operation seem to be based in the city of Chengdu in southwest China.

(more…)

Much to the chagrin of a certain Wyoming Senator, the Central Intelligence Agency is poised to fight terrorism and spy on sea lions (Sen. John Barrasso once quipped the CIA should stick to the former occupation). The nation’s top scientists and spies are collaborating on an effort to use the federal government’s intelligence assets — including spy satellites and other classified sensors — to assess the hidden complexities of environmental change. They seek insights from natural phenomena like clouds and glaciers, deserts and tropical forests [The New York Times].

The program will have little impact on the CIA’s normal intelligence gathering, say those involved, and will only release data already in hand or data gathered during satellite down time. The images will even have their sharpness decreased in order to maintain some secrecy about the satellites’ true capabilities.

(more…)

A bold and sophisticated cyber attack that began last weekend took down government Web sites in both the United States and South Korea, and South Korean officials have blamed their neighbors to the north for the onslaught. South Korea’s National Intelligence Service, the nation’s main spy agency, told a group of South Korean lawmakers Wednesday it believes that North Korea or North Korean sympathizers in the South “were behind” the attacks [AP].

The attack, which began on July 4, brought down the Web sites of U.S. agencies like the Treasury Department, the Secret Service, and the Federal Trade Commission, with some of the problems lasting for days. In South Korea, an attack that began Tuesday crashed sites belonging to the presidential Blue House and the Defense Ministry, among others. In both countries, the cyber strike also targeted a few large commercial Web sites. “This is not a simple attack by an individual hacker, but appears to be thoroughly planned and executed by a specific organization or on a state level,” the National Intelligence Service said in a statement [The New York Times].

(more…)

Cyber spies have hacked into computers containing information about the U.S. Defense Department’s most expensive weapons program ever: the $300 billion Joint Strike Fighter, a fighter jet also known as F35 Lightning II. The intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft. The latest intrusions provide new evidence that a battle is heating up between the U.S. and potential adversaries over the data networks that tie the world together [The Wall Street Journal].

U.S. officials reportedly traced the hackers back to China, but experts note that it’s extremely difficult to determine the real origin of an online attack, as paths can be disguised and identities masked. Meanwhile, the Chinese Embassy said in a statement that China “opposes and forbids all forms of cyber crimes.” It called the Pentagon’s report “a product of the Cold War mentality” and said the allegations of cyber espionage are “intentionally fabricated to fan up China threat sensations” [The Wall Street Journal].

(more…)

Spies have hacked into the U.S. electrical grid and left behind software programs that could allow outside agents to seize control of the grid and disrupt the flow of electricity across the nation, according to a report in The Wall Street Journal.

The spies came from China, Russia and other countries, [national security] officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven’t sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war. “The Chinese have attempted to map our infrastructure, such as the electrical grid,” said a senior intelligence official. “So have the Russians” [The Wall Street Journal]. While officials say they traced the intrusions back to China, Russia, and other countries, experts say it’s nearly impossible to prove that the hacks were government-sponsored. The Chinese and Russian governments have denied any wrongdoing.

(more…)

Sophisticated computer hackers are as big a threat to the United States as weapons of mass destruction and global jihad, argues a new report on cybersecurity. The report, which was produced by the Center for Strategic and International Studies, a Washington think tank, contains recommendations for the incoming Obama administration, and issues a dire assessment of the government’s current efforts to prevent cyberattacks. “America’s failure to protect cyberspace is one of the most urgent national security problems facing the new administration that will take office in January 2009,” the report states. Cyber safety is “a battle fought mainly in the shadows. It is a battle we are losing” [DailyTech].

The federal government has been embarrassed in recent years by intrusions into the computer networks of many different agencies, including the Defense, State, Homeland Security, and Commerce departments, the National Aeronautics and Space Administration (NASA), and the National Defense University. An investigation last year by The Washington Post showed that multiple compromises of unclassified computer systems for the Transportation Security Administration and DHS headquarters went unnoticed for months in 2006 because the agency failed to effectively monitor its own networks [Washington Post]. In some cases the breaches have been linked to Chinese computer servers, indicating a possible convergence between hacking and espionage.

(more…)

A Virginia physicist and entrepreneur pled guilty yesterday to violating arms control laws by selling information on rocket technology to China, which prosecutors say will aid China in its space program. The scientist, Quan-Sheng Shu, is a naturalized U.S. citizen born in Shanghai; he’s also an expert on cryogenics and liquid hydrogen rocket systems. According to the Justice Department, China intends to use the technology to send space stations and satellites into orbit, as well as provide support for manned space flight and future lunar missions from its new Hainan space facility [The Virginian-Pilot]. An FBI press release regarding Shu’s case notes that an arm of the People’s Liberation Army is involved in the Hainan project.

Shu, who is the president of a high-tech company called AMAC International Inc., pled guilty to two counts of violating the federal Arms Control Act and one count of bribing Chinese officials, and faces up to 25 years of jail time and fines of up to $2.5 million. Sentencing in the case is scheduled for April 6, 2009.

(more…)

A physicist in Virginia has been arrested and charged with violating arms control laws by selling rocket technology information to China, which helped the country’s burgeoning space program. He has also been charged with bribing a Chinese official to win a contract for a company he represented. Quan-Sheng Shu, 68, a naturalized U.S. citizen who was born in Shanghai, was arrested Wednesday morning and made an initial appearance that afternoon in U.S. District Court in Norfolk…. Shu appeared to be shaking and bewildered at his court appearance [Virginian-Pilot]. If convicted, Shu faces up to 25 years of jail time.

The arrest came at an awkward moment for the Chinese government, which spent today celebrating the successful launch of the Shenzhou 7 spacecraft carrying a full crew of three astronauts, one of whom will perform China’s first space walk in the coming days. While the technological data that Shu allegedly sold wasn’t used in the rocket that launched the Shenzhou 7, the juxtaposition of events undercuts the message the Chinese government hoped to broadcast today: that the country has come into its own as a mature, space-faring nation, and that it needs no outside assistance to achieve its goals.

(more…)