(CALIFORNIA) JUST IN: When WordPress 5.8 is released in July of this year, Internet Explorer 11 will no longer be supported #AceNewsDesk report

#AceNewsReport – May.20: If you are currently using IE11, it is strongly recommended that you switch to a more modern browser, such as Google Chrome, Mozilla Firefox, Safari, or Microsoft Edge. IE11 users have been shown a warning that IE11 is considered outdated in the WordPress dashboard for the last 17+ months:

WORDPRESS: Dropping support for Internet Explorer 11: Internet Explorer 11 (IE11) was released over 7 years ago and is currently used by less than 1% of all users on the Internet with usage rapidly declining. A large majority of popular websites have already stopped supporting IE11 (including Microsoft Teams in 2020), and even the Microsoft 365 apps and services will be dropping support later this year.

If you are already using one of the more modern browsers above, you will only be positively impacted by this change, as there are performance benefits to dropping IE11 support. However, if any other users of your site are still using IE11, it’s possible they will be affected.

What does “dropping support” mean?

When support for a browser is removed from WordPress, new features are no longer tested on those browsers and are not guaranteed to function optimally.

Automated tools that generate parts of the WordPress Core source code are also updated to exclude unsupported browsers. This means that any feature relying on these generated files will likely have bugs or stop working for users of those browsers.

The block editor will be the area of WordPress most heavily impacted by this change because almost all of the files related to the block editor are compiled using these automated tools. Other areas of the WordPress dashboard also use CSS built with these tools and their appearance will potentially be impacted when using IE11.

All other areas of the code base that are IE11 specific will need to be identified, evaluated, and removed on a case-by-case basis as the rest are manually maintained. This process will begin in the WordPress 5.9 release, and will likely happen gradually over several major releases. Additionally, any bugs which are reported for IE11 will not be fixed.

How will this affect themes?

No changes will be made to any of the default bundled themes as a result of this plan. No code related to IE11 support (or any other browser that may have been supported when each theme was released) will be removed from default themes. However, any new features added going forward will not be tested in IE11.

If you are not using a default theme, it’s still unlikely that your theme will be affected by this change. Themes typically have their own browser support policies, and changes in WordPress Core do not affect those. It’s possible that your theme author may have removed support for IE11 already.

If IE11 support is important to you and you are unsure whether your theme supports IE11, it is recommended that you reach out to your theme’s developer to confirm.

More information on this change can be found on the Making WordPress Core blog.

#AceNewsDesk report ……Published: May.20: 2021:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#california, #microsoft, #wordpress

(WASHINGTON) #Cybersecurity Report: U.S. State Department and World Bank and co-founder of The Balance Group warn of protecting GPS Satellites after attacks with Solar Winds & Microsoft Exchange #AceNewsDesk report

#AceNewsReport – May.19: Sometimes when you exclaim the sky is unprotected, they mentally label you as Chicken Little and ignore your alarms. Or sometimes they might believe your warnings yet quietly follow the group inertia that’s the cornerstone of groupthink:

WASHINGTON: ‘Cybersecurity Experts Push President Biden To Protect GPS Satellites And The Connected Car: And then a watershed event or three occurs: cybersecurity attacks against SolarWinds SWI , Microsoft Exchange and the Colonial Pipeline’

And those who spoke-up look like geniuses in bittersweet fashion akin to the mortgage doubters from The Big Short.

07:10am EDTTransportation

Global Network
Despite satellites not being listed as critical infrastructure, its lack of cybersecurity poses a … [+

I have worked in the auto industry for over 27 years for both OEMs and Tier 1s. Now I’m a Principal Consultant at Kugler Maag Cie helping companies improve their product development.

Such is the tale of Lisa Donnan, an internationally recognized expert in cybersecurity and operating partner at Option3 Ventures, and Julian Gresser, the former advisor to the U.S. State Department and World Bank and co-founder of The Balance Group. They have vigorously waved the Caution Flag regarding an insecure, trusted, non-critical infrastructure (satellites) communicating to a trusting non-critical infrastructure (vehicles) that could disrupt a vast network of highways, bridges and tunnels that are recognized as critical infrastructure.

But before jumping to the ending, let’s look back at how we collectively got here, the dangerous implications, and the meat still left on the bone towards a safer tomorrow.

Senate Homeland Security Hearing On SolarWinds Supply Chain Attack
Brandon Wales, acting director of cybersecurity and information security agency at the U.S. … [+]© 2021 Bloomberg Finance LP

The Days of Naiveté

Almost fifty years ago (1973), the Global Positioning Satellite (GPS) project was begun by The United States Department of Defense with the first satellite launched into space five years later (1978). Originally GPS was designated as military system, but the tragedy of Korean Air Lines flight 007 in 1983 inspired the U.S. government to make GPS satellites available for civilian usage with intentionally degraded accuracy, thus enabling the first handheld navigation device by Magellan (1989). By 1995, all twenty-four (24) satellites in the GPS constellation were declared Full Operational Capability (FOC) and General Motors GM +0.1%began installing Guidestar as the first embedded navigational system outside of Japan. Five years later (2000), the U.S. government ends Selective Availability and enables greater use within vehicles, phones and handheld devices. 

Simultaneously, another technology was beginning to take root: the Controller Area Network (CAN). This serial bus system was introduced in 1986, and was designed to handle small, unencrypted, un-authenticated messages between modules or systems within the cars, trains and ships. Production quickly ramped up in the late 90’s and in the year 2000 alone more than 100 million CAN devices were sold. Although other network technologies would eventually be invented (e.g., FlexRay, MOST), CAN retained the throne due to chip availability, lower piece cost and the high switchover costs of changing all carryover modules.

And although automotive would experience its first cybersecurity hacks a few years later, the vast majority of visible attacks on the overall system were “white hat” attackers (a.k.a. researchers or ‘good guys’) and, therein, did not truly raise the alarm.

Smart city and communication network concept. 5G. LPWA (Low Power Wide Area). Wireless communication.
As technological breakthroughs promise true self-driving capabilities and smart cities, legacy … [+]getty

Today’s Reality

The community has begun to awaken to the threat. “The automotive industry is frankly behind when it comes to cybersecurity, mitigation, management and even building cybersecurity from the get-go rather than as a bolt-on,” says Donnan. “Car-owners know little-to-nothing about the threat. And the amount of software is growing exponentially. Automotive has to take lessons and best practices from other industries that have already had to address the very-extended threat landscape when it comes to cybersecurity.” Yes, new regulations (e.g., UNECE) shall require ongoing operations by manufacturers including the monitoring, protecting and updating of vehicles’ software long after it drives off the dealers’ lots. Certifications that enforce these regulations essentially require manufacturers’ Cybersecurity and Functional Safety Engineers to forensically investigate potential hacks and their supplanted software. But even here, the newest standards (e.g., ISO/SAE 21434) suggest that the boundary of consideration for the Threat Analysis and Risk Assessment (TARA) is the vehicle’s physical exterior, thereby making satellite signals out of scope.

“We are so reliant upon GPS,” states Donnan, “and the reality is our adversaries know that. Frankly, there are not a lot of countermeasures. They’re working on it, but still are not there.”

So in the end, the satellite system could get hacked and start communicating that certain roadways are blocked by construction or traffic and force gridlock within critical throughways such as tunnels or bridges. “There are some striking omissions in President Biden’s National Infrastructure Plan,” says Gresser. “Why are satellites not considered an essential sector in critical national infrastructure? Also, transportation is recognized as an essential sector. But, then cybersecurity risks of connected cars somehow got excluded. Policy makers need to view these complex issues from a whole systems perspective. A coherent infrastructure plan must connect the dots with a keen understanding of how a deep cybersecurity attack on one sector can rapidly cascade to many others. These failings reflect a deep national vulnerability, including from Space, that the Biden Administration must urgently address.” Maybe the hope is that hacks won’t happen, though. 

But they will.

Arguably the worst outcome of the last week was the realization that Colonial Pipeline paid nearly $5M in ransom to the hackers and now confirmed a third element to our Cyber-Pandemic: financial motive. Already the accelerated digitization of businesses during Covid-19 significantly increased Interpol-measured cybersecurity opportunities(by upwards of 59%) and larger unemployment created additional idle hands, but the large pay day will likely inspire additional hackers in the coming months. 

As possibly said best by Jennifer Granholm, the Secretary of Energy, last Thursday in an interview by Axios, “These hacks are not going to stop. Because everything is now smart technology and using the cloud, we are vulnerable everywhere. And so every private sector entity – whether you are an energy business or not – has to be thinking about how you protect your system; your [operations]. So that, I think, is a big lesson for the private sector, and it’s a big lesson the government to think about. What should we be doing inside the government itself to prevent hacks and attacks on us …?”

President Biden Delivers Remarks On Colonial Pipeline Hack
WASHINGTON, DC – MAY 13: U.S. President Biden delivers remarks on the Colonial Pipeline incident in … [+]Getty Images

Still Work To Do

Per an Op-Ed in Newsweek on May 6th, Donnan and Gresser pressed President Biden to 1) designate “space” as a critical infrastructure and 2) sign an Executive Order to effect a 180 Day Pause on the Federal Communications Commission (FCC) launch-approvals for new satellites under the uninsured Satellite Experiment.

On May 12th, President Biden did, in fact, sign an Executive Order on Cybersecurity requiring an investigation, public comment and action on Federal Information Systems that “… include systems that process data (information technology (IT)) and those that run the vital machinery that ensures our safety (operational technology (OT))” within 60, 90 and 120 days respectively. “In the end, the trust we place in our digital infrastructure should be proportional to how trustworthy and transparent that infrastructure is, and to the consequences we will incur if that trust is misplaced.”

The Order does not pause satellite launches. It does not recognize any new genres of existing assets as critical to national security (e.g., satellites, commercial fleets). It does not require a deadline for containment actions. It says that by September, we will take a first, concrete step towards protection.

In the meantime, the automotive sector moves forward with autonomy, and yesterday (May 17thanother U.S. satellite was propelled into space.

“Just because we can do something technically due to versatility and genius,” says Gresser, “doesn’t mean we should rush ahead and do it unwisely without considering the risks; a ‘ready, fire, aim’ approach. How do we develop a framework that allows us to develop a pathway that maximizes the benefits and mitigates the risks?”

A great question. Let’s hope groupthink doesn’t squelch it.

#AceNewsDesk report ……….Published: May.19: 2021:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#cybersecurity-2, #gps, #microsoft, #solar-winds, #washington

(WASHINGTON) Justice Dept Report: Announced a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable computers in the United States running on-premises versions of Microsoft Exchange Server software used to provide enterprise-level e-mail service #AceNewsDesk report

#AceNewsReport – Apr.15: Through January and February 2021, certain hacking groups exploited zero-day vulnerabilities in Microsoft Exchange Server software to access e-mail accounts and place web shells (which are pieces of code or scripts that enable remote administration) for continued access. Other hacking groups followed suit starting in early March after the vulnerability and patch were publicized. Although many infected system owners successfully removed the web shells from thousands of computers, others appeared unable to do so, and hundreds of such web shells persisted unmitigated. Today’s operation removed one early hacking group’s remaining web shells, which could have been used to maintain and escalate persistent, unauthorized access to U.S. networks.

Justice Department Announces Court-Authorized Effort to Disrupt Exploitation of Microsoft Exchange Server Vulnerabilities: The FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path). This is unrelated to Microsoft’s 13 April announcement.

Note: A full copy of the unsealed court documents can be viewed here.

‘Action Copied and Removed Web Shells that Provided Backdoor Access to Servers, but Additional Steps may be Required to Patch Exchange Server Software and to Expel Hackers from the Victims’ Networks’

“Today’s court-authorized removal of the malicious web shells demonstrates the Department’s commitment to disrupt hacking activity using all of our legal tools, not just prosecutions,” said Assistant Attorney General John C. Demers for the Justice Department’s National Security Division. “Combined with the private sector’s and other government agencies’ efforts to date, including the release of detection tools and patches, we are together showing the strength that public-private partnership brings to our country’s cybersecurity. There’s no doubt that more work remains to be done, but let there also be no doubt that the Department is committed to playing its integral and necessary role in such efforts.”

“Combatting cyber threats requires partnerships with private sector and government colleagues,” said Acting U.S. Attorney Jennifer B. Lowery of the Southern District of Texas. “This court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable computers shows our commitment to use any viable resource to fight cyber criminals. We will continue to do so in coordination with our partners and with the court to combat the threat until it is alleviated, and we can further protect our citizens from these malicious cyber breaches.”

“This operation is an example of the FBI’s commitment to combatting cyber threats through our enduring federal and private sector partnerships,” said Acting Assistant Director Tonya Ugoretz of the FBI’s Cyber Division. “Our successful action should serve as a reminder to malicious cyber actors that we will impose risk and consequences for cyber intrusions that threaten the national security and public safety of the American people and our international partners. The FBI will continue to use all tools available to us as the lead domestic law enforcement and intelligence agency to hold malicious cyber actors accountable for their actions.”

On March 2, 2021, Microsoft announced that a hacking group used multiple zero-day vulnerabilities to target computers running Microsoft Exchange Server software. Various other hacking groups also have used these vulnerabilities to install web shells on thousands of victim computers, including those located the United States. Because the web shells the FBI removed today each had a unique file path and name, they may have been more challenging for individual server owners to detect and eliminate than other web shells.

Throughout March 2021, Microsoft and other industry partners released detection tools, patches, and other information to assist victim entities in identifying and mitigating this cyber incident. Additionally, the FBI and the Cybersecurity and Infrastructure Security Agency released a Joint Advisory on Compromise of Microsoft Exchange Server on March 10, 2021. Despite these efforts, by the end of March, hundreds of web shells remained on certain U.S.-based computers running Microsoft Exchange Server software.

Although today’s operation was successful in copying and removing those web shells, it did not patch any Microsoft Exchange Server zero-day vulnerabilities or search for or remove any additional malware or hacking tools that hacking groups may have placed on victim networks by exploiting the web shells. The Department strongly encourages network defenders to review Microsoft’s remediation guidance and the March 10, 2021 Joint Advisory for further guidance on detection and patching.

The FBI is attempting to provide notice of the court-authorized operation to all owners or operators of the computers from which it removed the hacking group’s web shells. For those victims with publicly available contact information, the FBI will send an e-mail message from an official FBI e-mail account (@FBI.gov) notifying the victim of the search. For those victims whose contact information is not publicly available, the FBI will send an e-mail message from the same FBI e-mail account to providers (such as a victim’s ISP) who are believed to have that contact information and ask them to provide notice to the victim.

If you believe you have a compromised computer running Microsoft Exchange Server, please contact your local FBI Field Office for assistance. The FBI continues to conduct a thorough and methodical investigation into this cyber incident.

#AceNewsDesk report …………Published: Apr.15: 2021:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#email, #malicious, #microsoft, #software, #washington

(CALIFORNIA) Ace Security Report: Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials by leveraging ‘ Fake CAPTCHA’ system #AceSecurityDesk report

#AceSecurityReport – Mar.11: The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims’ companies:

microsoft office 365 phishing attack

Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords: According to researchers, at least 2,500 such emails have been unsuccessfully sent to senior-level employees in the banking and IT sector, over the past three months. The emails first take recipients to a fake Google reCAPTCHA system page. Google reCAPTCHA is a servicethat helps protect websites from spam and abuse, by using a Turing test to tell humans and bots apart (through asking a user to click on a fire hydrant out of a series of images, for instance).

March 8, 2021 12:04 pm

A phishing attack targeting Microsoft users leverages a bogus Google reCAPTCHA system.

Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims’ companies.

“The attack is notable for its targeted aim at senior business leaders with titles such as Vice President and Managing Director who are likely to have a higher degree of access to sensitive company data,” said researchers with Zscaler’s ThreatLabZ security research team on Friday. “The aim of these campaigns is to steal these victims’ login credentials to allow threat actors access to valuable company assets.”

Fake Phishing Emails: Voicemail Attachments

The phishing emails pretend to be automated emails from victims’ unified communications tools, which say that they have a voicemail attachment. For instance, one email tells users that “(503) ***-6719 has left you a message 35 second(s) long on Jan 20” along with a lone attachment that’s titled “vmail-219.HTM.” Another tells email recipients to “REVIEW SECURE DOCUMENT.”

phishing attack microsoft

The phishing email sample. Credit: Zscaler

When the victims click on the attachment, they then encounter the fake Google reCAPTCHA screen, which contains a typical reCAPTCHA box – featuring a checkbox that the user must click that says “I’m not a robot,” which then triggers the turing test.

After filling out the fake reCAPTCHA system, victims are then directed to what appears to be a Microsoft login screen. The login pages also contain different logos from the companies which victims work at – such as one containing a logo from software company ScienceLogic and another from office rental company BizSpace. This reveals that attackers have done their homework and are customizing their phishing landing pages to fit their victims’ profile, in order to make the attack appear more legitimate.

Victims are asked to input their credentials into the system; once they do so, a message tells them that the validation was “successful” and that they are being redirected.

phishing microsoft

The phishing landing page mimics Microsoft’s login page. Credit: Zscaler

“After giving the login credentials, the phishing campaign will show a fake message that says ‘Validation successful,’” said researchers. “Users are then shown a recording of a voicemail message that they can play, allowing threat actors to avoid suspicion.”

Researchers found a variety of phishing pages associated with the campaign, which were hosted using generic top level domains such as .xyz, .club and .online. These top level domains are typically utilized by cybercriminals in spam and phishing attacks. That’s because they can be purchased for less than $1 each – a low price for adding a level of believability to phishing campaigns.

More Phishing Attacks on Fake Google reCAPTCHA Tactic

microsoft phishing attack

Credit: Zscaler

Adversaries have been leveraging bogus reCAPTCHA systems in their attacks for years. For instance, in 2019, a malware campaign targeted a Polish bank and its users with emails containing a link to a malicious PHP file, which eventually downloaded the BankBot malware onto victims’ systems. The attackers used a fake Google reCAPTCHA system to seem more realistic.

Another phishing attack in February purported to be sent from a voicemail service and contained a link to play the voice message “Play Audi Date.wav,” eventually redirecting victims to a malicious site with a reCAPTCHA message.

Both of the above examples show that reCAPTCHA continues to be used in phishing attacks, as the tactic successfully adds legitimacy to the attack: “Similar phishing campaigns utilizing fake Google reCAPTCHAs have been observed for several years, but this specific campaign targeting executives across specific industry verticals started in December 2020,” noted researchers.

Microsoft Office 365 users have faced several sophisticated phishing attacks and scams over the past few months. In October, researchers warned of a phishing campaign that pretends to be an automated message from Microsoft Teams. In reality, the attack aimed to steal Office 365 recipients’ login credentials. Also in October, an Office365 credential-phishing attack targeted the hospitality industry, using visual CAPTCHAs to avoid detection and appear legitimate. Phishing attackers have also adopted new tactics like Google Translate or  custom fonts to make the scams seem more legitimate.

Share this article:

#AceSecurityDesk report …….Published: Mar.11: 2021:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#captcha, #google, #microsoft, #phishing

(WASHINGTON) #Cybercrime Report: Biden administration plans ‘Action Against Russian Networks’ and is planning wether it should be looking at another serious adversary China after the latest Microsoft attack #AceNewsDesk report

#AceNewsReport – Mar.09: The first major move is expected over the next three weeks, officials said, with a series of clandestine actions across Russian networks that are intended to be evident to President Vladimir V. Putin and his intelligence services and military but not to the wider world:

Preparing for Retaliation Against Russia, U.S. Confronts Hacking by China: ‘Just as it plans to begin retaliating against Russia for the large-scale hacking of American government agencies and corporations discovered late last year, the Biden administration faces a new cyberattack that raises the question of whether it will have to strike back at another major adversary’

The proliferation of cyberattacks by rivals is presenting a challenge to the Biden administration as it seeks to deter intrusions on government and corporate systems.

March 7, 2021:

Jake Sullivan, President Biden’s national security adviser, last month. He said on Thursday that the White House was “closely tracking” reports that the vulnerabilities exploited in the Microsoft hacking were being used in “potential compromises of U.S. think tanks and defense industrial base entities.”
Jake Sullivan, President Biden’s national security adviser, last month. He said on Thursday that the White House was “closely tracking” reports that the vulnerabilities exploited in the Microsoft hacking were being used in “potential compromises of U.S. think tanks and defense industrial base entities.”Stefani Reynolds for The New York Times

Taken together, the responses will start to define how President Biden fashions his new administration’s response to escalating cyberconflictand whether he can find a way to impose a steeper penalty on rivals who regularly exploit vulnerabilities in government and corporate defenses to spy, steal information and potentially damage critical components of the nation’s infrastructure.

The officials said the actions would be combined with some kind of economic sanctions — though there are few truly effective sanctions left to impose — and an executive order from Mr. Biden to accelerate the hardening of federal government networks after the Russian hacking, which went undetected for months until it was discovered by a private cybersecurity firm.

The issue has taken on added urgency at the White House, the Pentagon and the intelligence agencies in recent days after the public exposure of a major breach in Microsoft email systems used by small businesses, local governments and, by some accounts, key military contractors.

Microsoft identified the intruders as a state-sponsored Chinese group and moved quickly to issue a patch to allow users of its software to close off the vulnerability.

But that touched off a race between those responsible for patching the systems and a raft of new attackers — including multiple other Chinese hacking groups, according to Microsoft — who started using the same exploit this week.

The United States government has not made public any formal determination of who was responsible for the hacking, but at the White House and on Microsoft’s campus in Redmond, Wash., the fear is that espionage and theft may be a prelude to far more destructive activity, such as changing data or wiping it out.

The White House underscored the seriousness of the situation in a statement on Sunday from the National Security Council.

“The White House is undertaking a whole of government response to assess and address the impact” of the Microsoft intrusion, the statement said. It said the response was being led by Anne Neuberger, a former senior National Security Agency official who is the first occupant of a newly created post: deputy national security adviser for cyber and emerging technologies.

The statement said that national security officials were working throughout the weekend to address the hacking and that “this is an active threat still developing, and we urge network operators to take it very seriously.”

Jake Sullivan, Mr. Biden’s national security adviser, said on Twitter on Thursday that the White House was “closely tracking” the reports that the vulnerabilities in Microsoft Exchange were being used in “potential compromises of U.S. think tanks and defense industrial base entities.”

The discovery came as Mr. Biden’s national security team, led by Mr. Sullivan and Ms. Neuberger, has moved to the top of its agenda an effort to deter attacks, whether their intent is theft, altering data or shutting down networks entirely. For the president, who promised that the Russian attack would not “go unanswered,” the administration’s reactions in the coming weeks will be a test of his ability to assert American power in an often unseen but increasingly high-stakes battle among major powers in cyberspace.

A mix of public sanctions and private actions is the most likely combination to force a “broad strategic discussion with the Russians,” Mr. Sullivan said in an interview on Thursday, before the scope of the Chinese attack was clear.

“I actually believe that a set of measures that are understood by the Russians, but may not be visible to the broader world, are actually likely to be the most effective measures in terms of clarifying what the United States believes are in bounds and out of bounds, and what we are prepared to do in response,” he added.

From the first day of the new administration, Mr. Sullivan has been reorganizing the White House to fashion such responses. The same order he issued on Jan. 20, requiring the military to advise the White House before conducting drone strikes outside war zones, contained a paragraph with separate instructions for dealing with major cyberoperations that risk escalating conflict.

The order left in place, however, a still secret document signed by President Donald J. Trump in August 2018 giving the United States Cyber Command broader authorities than it had during the Obama administration to conduct day-to-day, short-of-war skirmishes in cyberspace, often without explicit presidential authorization.

Under the new order, Cyber Command will have to bring operations of significant size and scope to the White House and allow the National Security Council to review or adjust those operations, according to officials briefed on the memo. The forthcoming operation against Russia, and any potential response to China, is likely to fall in this category.

The hacking that Microsoft has attributed to China poses many of the same challenges as the SolarWinds attack by the Russians that was discovered late last year.
The hacking that Microsoft has attributed to China poses many of the same challenges as the SolarWinds attack by the Russians that was discovered late last year.Swayne B. Hall/Associated Press

American officials continue to try to better understand the scope and damage done by the Chinese attack, but every day since its revelation has suggested that it is bigger, and potentially more harmful, than first thought.

“This is a crazy huge hack,” Christopher C. Krebs, the former director of the Cybersecurity and Infrastructure Security Agency, wrote on Twitteron Friday.

The initial estimates were that 30,000 or so systems were affected, mostly those operated by businesses or government agencies that use Microsoft software and run their email systems in-house. (Email and others systems run on Microsoft’s cloud were not affected.)

But the breadth of the intrusion and the identities of the victims are still unclear. And while the Chinese deployed the attack widely, they might have sought only to take information from a narrow group of targets in which they have the highest interest.

There is little doubt that the scope of the attack has American officials considering whether they will have to retaliate against China as well. That would put them in the position of engaging in a potentially escalating conflict with two countries that are also its biggest nuclear-armed adversaries.

It has become increasingly clear in recent days that the hacking that Microsoft has attributed to Beijing poses many of the same challenges as the SolarWinds attack conducted by the Russians, although the targets and the methodology are significantly different.

Like the Russians, the Chinese attackers initiated their campaign against Microsoft from computer servers — essentially cloud services — that they rented under assumed identities in the United States. Both countries know that American law prohibits intelligence agencies from looking in systems based in the United States, and they are exploiting that legal restriction.

“The Chinese actor apparently spent the time to research the legal authorities and recognized that if they could operate from inside the United States, it takes some of the government’s best threat-hunters off the field,” Tom Burt, the Microsoft executive overseeing the investigation, said on Friday.

The result was that in both the SolarWinds and the more recent Chinese hacking, American intelligence agencies appeared to have missed the evidence of what was happening until a private company saw it and alerted the authorities.

The debate preoccupying the White House is how to respond. Mr. Sullivan served as Mr. Biden’s national security adviser while he was vice president, as the Obama administration struggled to respond to a series of attacks.

Those included the Chinese effort that stole 22.5 million security-clearance records from the Office of Personnel Management in 2014 and the Russian attack on the 2016 presidential election.

In writings and talks over the past four years, Mr. Sullivan has made clear that he believes traditional sanctions alone do not sufficiently raise the cost to force powers like Russia or China to begin to talk about new rules of the road for cyberspace.

But government officials often fear that too strong a response risks escalation.

That is a particular concern in the Russian and Chinese attacks, where both countries have clearly planted “back doors” to American systems that could be used for more destructive purposes.

American officials say publicly that the current evidence suggests that the Russian intention in the SolarWinds attack was merely data theft. But several senior officials, when speaking not for attribution, said they believed the size, scope and expense of the operation suggested that the Russians might have had much broader motives.

“I’m struck by how many of these attacks undercut trust in our systems,” Mr. Burt said, “just as there are efforts to make the country distrust the voting infrastructure, which is a core component of our democracy.”

Russia broke into the Democratic National Committee and state voter-registration systems in 2016 largely by guessing or obtaining passwords. But they used a far more sophisticated method in the SolarWinds hacking, inserting code into the company’s software updates, which ushered them deep into about 18,000 systems that used the network management software. Once inside, the Russians had high-level access to the systems, with no passwords required.

Similarly, four years ago, a vast majority of Chinese government hacking was conducted via email spear-phishing campaigns. But over the past few years, China’s military hacking divisions have been consolidating into a new strategic support force, similar to the Pentagon’s Cyber Command. Some of the most important hacking operations are run by the stealthier Ministry of State Security, China’s premier intelligence agency, which maintains a satellite network of contractors.

Beijing also started hoarding so-called zero-days, flaws in code unknown to software vendors and for which a patch does not exist.

In August 2019, security researchers got their first glimpse of how these undisclosed zero-day flaws were being used: Security researchers at Google’s Project Zero and Volexity — the same company in Reston, Va., that discovered the Microsoft attack — found that Chinese hackers were using a software vulnerability to spy on anyone who visited a website read by Uighurs, an ethnic minority group whose persecution has drawn international condemnation.

For two years, until the campaign was discovered, anyone who visited the sites unwittingly downloaded Chinese implants onto their smartphones, allowing Beijing to monitor their communications.Kevin Mandia of FireEye, Sudhakar Ramakrishna of SolarWinds and Brad Smith of Microsoft testified last month in a Senate Intelligence Committee hearing on the Russian hacking.Drew Angerer/Agence France-Presse, via Pool/Afp Via Getty Images

The Chinese attack on Microsoft’s servers used four zero-days flaws in the email software. Security experts estimated on Friday that as many as 30,000 organizations were affected by the hacking, a detail first reported by the security writer Brian Krebs. But there is some evidence that the number could be much higher.

#AceNewsDesk report ………..Published: Mar.09: 2021:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#russia, #blinken, #china, #cybercrime, #microsoft, #united-states

‘ Google Could Face Record Fine for Breaching EU Competition Rules ‘

#AceWorldNews – BRUSSELS – September 22 – Google could face a record fine for breaching EU competition rules, the European Commission’s competition chief has said, warning that its four year investigation into the US search engine could eventually rival the sixteen years spent investigating software rival Microsoft.

google-rankings

Presenting the Commission’s annual competition report in the European Parliament on Tuesday (23 September), Joaquin Almunia said that he had asked Google “to improve its proposals” or face a formal ‘Statement of Objections’, including a possible fine, if its latest offer did not go “in the right direction”.

Google faces a total of twenty complaints from its rivals, including Microsoft.

“Some of the twenty formal complainants have given us fresh evidence and solid arguments against several aspects of the latest proposals put forward by Google,” Almunia told MEPs.

“We now need to see if Google can address these issues and allay our concerns,” said Almunia, although he noted that “Microsoft was investigated for 16 years, which is four times as much as the Google investigation has taken, and there are more problems with Google than there were with Microsoft.”

#ANS2014

#brussels, #european-commission, #european-parliament, #google, #microsoft

‘ Microsoft Cutting Record 18,000 Jobs From Work-Force ‘

#AceWorldNews – UNITED STATES (Silicon Valley) – July 17 – Microsoft will cut a record 18,000 jobs next year, as the company’s new CEO Satya Nadella seeks to boost efficiency, according to a company memo on Thursday.

“The first step to building the right organization for our ambitions is to realign our workforce. With this in mind, we will begin to reduce the size of our overall workforce by up to 18,000 jobs in the next year,” Satya Nadella said in the memo published by Business Insider.

The number made redundant represents 14 percent of the entire Microsoft workforce.

Nadella assured that the layoff will be conducted “in the most thoughtful and transparent way possible.”

“We will offer severance to all employees impacted by these changes, as well as job transition help in many locations, and everyone can expect to be treated with the respect they deserve for their contributions to this company,” he said.

The company is moving to layoff the first 13,000 workers, and most of the employees will be given notice over the next six months, the document added.

“Of that total, our work toward synergies and strategic alignment on Nokia Devices and Services is expected to account for about 12,500 jobs, comprising both professional and factory workers,” it added.

#ANS2014  

#layoff, #microsoft, #nadella, #nokia, #satya-nadella, #steve-ballmer, #thursday, #workforce

' Microsoft Windows XP Will No Longer Get Java Runtime Support '

#AceWorldNews – UNITED STATES (Silicon Valley) – July 14 – Windows XP hold-outs pay attention. If you run the Java runtime on XP, it looks as if the current version is about as good as it gets.

The next version, 7u65 and 8u11, due to ship in the middle of July, will not support or run on XP.

Oracle hasn’t announced this so much as sneaked out the information on its Java support site.

#ANS2014

#java, #microsoft, #silicon-valley, #united-states, #windows, #xp

` US Department of Homeland Security Advises Users of Microsoft’s Explorer Browser to Use Alternatives ‘

#AceSecurityNews – BOSTON (Reuters) – The U.S. Department of Homeland Security advised computer users to consider using alternatives to Microsoft Corp’s Internet Explorer browser until the company fixes a security flaw that hackers have used to launch attacks.

The bug is the first high-profile security flaw to emerge since Microsoft stopped providing security updates for Windows XP earlier this month.
That means PCs running the 13-year old operating system could remain unprotected against hackers seeking to exploit the newly uncovered flaw, even after Microsoft figures out how to defend against it.

The United States Computer Emergency Readiness Team, a part of Homeland Security known as US-CERT, said in an advisory released on Monday morning that the vulnerability in versions 6 to 11 of Internet Explorer could lead to “the complete compromise” of an affected system.

“We are currently unaware of a practical solution to this problem,” Carnegie Mellon’s Software Engineering Institute warned in a separate advisory, that US-CERT linked to in its warning.

FireEye, whose Mandiant division helps companies respond to cyber attacks, declined to name specific victims or identify the group of hackers, saying that an investigation into the matter is still active.

“It’s a campaign of targeted attacks seemingly against U.S.-based firms, currently tied to defense and financial sectors,” said FireEye spokesman Vitor De Souza on Sunday. “It’s unclear what the motives of this attack group are, at this point.

It appears to be broad-spectrum intel gathering.”

Ace Related News:

  1. April 28 – http://tinyurl.com/m4re4p2

#ANS2014

#boston, #microsoft, #us-department-of-homeland-security

SEA: ` Reportedly obtained Documents that reveal how much Money the `FBI ‘ pay `Microsoft ‘ to view client’s Data ‘

#AceSecurityNews – Syrian Electronic Army (SEA) hackers have reportedly obtained documents that reveal how much money the FBI pays Microsoft each time agents try to obtain or view an individual customer’s communication information.

syrian-hackers-reveal-fbi-microsoft.siThe SEA, a group that has made headlines in the past for infiltrating Western media outlets that it perceives to be against Syrian President Bashar Assad, provided a trove of emails and invoices to the Daily Dot http://www.dailydot.com/news/microsoft-compliance-emails-fbi-ditu/, which analyzed the documents before publishing them.

“The documents consist of what appear to be invoices and emails between Microsoft’s Global Criminal compliance team and the FBI’s Digital Intercept Technology Unit (DITU), and purport to show exactly how much money Microsoft charges DITU, in terms of compliance costs, when DITU provides warrants and court orders for customers’ data,” wrote the Daily Dot’s Kevin Collier and Fran Berman.

“In December 2012, for instance, Microsoft emailed DITU a PDF invoice for $145,100, broken down to $100 per request for information, the documents appear to show,” they went on. “In August 2013, Microsoft allegedly emailed a similar invoice, this time for $352, 200 at a rate of $200 per request.

The latest invoice provided, from November 2013, is for $281,000.”

Daily Dot – RT News – News Sources

Related News – Verge – http://www.theverge.com/2014/3/20/5530630/hacked-invoices-show-how-much-microsoft-charges-the-fbi-for-customer-information

#ANS2014

Enhanced by Zemanta

#ans2014, #bashar-al-assad, #daily-dot, #ditu, #fbi, #federal-bureau-of-investigation, #internet-censorship-in-syria, #invoice, #microsoft, #president-of-syria, #syrian-electronic-army-sea, #syrian-president-bashar-assad

`Data Hacker’s steal `Three Hundred and Sixty Million Account Credentials’ now on `Black Market’

#AceSecurityNews says one of the largest single personal data hack’s ever? 360 million stolen account credentials found on-line.

Published time: March 01, 2014 01:31
 
Reuters / Kacper PempelReuters / Kacper Pempel
A cyber security firm has reported a “mind boggling” cache of stolen credentials which has been put up for sale on online black markets.
A total of 360 million accounts were affected in a series of hacks, one of which seems to be the biggest in history.

Alex Holden, chief information security officer of Hold Security LLC, said that the firm had uncovered the data over the past three weeks.

He said that 360 million personal account records were obtained in separate attacks, but one single attack seems to have obtained some 105 million records which could make it the biggest single data breach to date, Reuters reports. “The sheer volume is overwhelming,” said Holden in a statement on Tuesday. 

“These mind boggling figures are not meant to scare you and they are a product of multiple breaches which we are independently investigating. This is a call to action,” he added. 

Hold Security said that as well as 360 million credentials, hackers were also selling 1.25 billion email addresses, which may be of interest to spammers. 

The huge treasure trove of personal details includes user names, which are most often email addresses, and passwords, which in most cases are unencrypted. 

Hold Security uncovered a similar breach in October last year, but the tens of millions of records had encrypted passwords, which made them much more difficult for hackers to use. 

“In October 2013, Hold Security identified the biggest ever public disclosure of 153 million stolen credentials from Adobe Systems Inc. One month later we identified another large breach of 42 million credentials from Cupid Media,”
 Hold Security said in statement.

AFP Photo / Justin SullivanAFP Photo / Justin Sullivan

Holden said he believes that in many cases the latest theft has yet to be publically reported and that the companies that have been attacked are unaware of it. He added that he will notify the companies concerned as soon as his staff has identified them. 

“We have staff working around the clock to identify the victims,”
 he said. 

However, he did say that the email addresses in question are from major providers such as AOL Inc, Google Inc, Yahoo Inc, and Microsoft Corp, as well as “almost all” Fortune 500 companies and nonprofit organizations.

Heather Bearfield, who runs cybersecurity for an accounting firm Marcum LLP, told Reuters that while she had no information about Hold Security’s findings, she believed that it was quite plausible as hackers can do more with stolen credentials than they can with stolen credit cards, as people often use the same login and password for many different accounts. 

“They can get access to your actual bank account. That is huge. That is not necessarily recoverable funds,” she said. 

The latest revelation by Hold Security comes just months after the US retailer Target announced that 110 million of their customers had their data stolen by hackers. Target and the credit and debit card companies concerned said that consumers do not bear much risk as funds are rapidly refunded in fraud losses.

RT  

 

Enhanced by Zemanta

#acesecuritynews, #adobe-systems, #aol, #cupid-media, #fortune-500, #google, #information-technology, #microsoft, #reuters, #yahoo

#NSA: ” Obama Administration Announces Agreement with Facebook, LinkedIn, Yahoo, Google and Microsoft but Civil Rights Still Want More”

#AceSecurityNews says Facebook, Google, and others can unveil national security request details, but not until product is two years old. Thus urging `Civil Rights Groups’ to want more!

Published time: February 03, 2014 23:02
Reuters / Pawel KopczynskiReuters / Pawel Kopczynski
Some of the most influential companies in Silicon Valley have unveiled data regarding the national security requests they have received from the US government, detailing how many requests they receive, how many the company responds to, and other details.

The Obama administration announced Monday it had come to an agreement with Facebook, LinkedIn, Yahoo, Google, and Microsoft to allow the companies to disclose some details about the surveillance requests targeting their customers.

Apple released its own transparency report last week.

US Attorney General Eric Holder and Director of National Intelligence James Clapper said in a joint statement that the tech companies are now authorized to disclose the “number of national security orders and requests issued to communication providers, the number of customer accounts targeted under those orders and requests and the underlying legal authorities.”

The companies have spent months fighting for such a deal after complaining that the National Security Agency dragnet exposed last year had hurt business.

We filed our lawsuits because we believe that the public has a right to know about the volume and types of national security requests we receive,” the five companies said in a joint statement Monday. “We’re pleased the Department of Justice has agreed that we and other providers can disclose this information. While this is a very positive step we’ll continue to encourage Congress to take additional steps to address all of the reforms we believe are needed.”

Civil liberties activists hold a rally against surveillance of US citizens on January 17, 2014. (AFP Photo / Nicholas Kamm)Civil liberties activists hold a rally against surveillance of US citizens on January 17, 2014. (AFP Photo / Nicholas Kamm)

Reports indicate that, when the first of the Edward Snowden leaks were publicized in June, the White House was reluctant to make any deals with Silicon Valley. But with media pressure mounting and shifting polls proving that a sizable number of Americans are skeptical about the NSA surveillance, administration officials told Politico the time to negotiate had come.

While this aggregate data was properly classified until today, the office of the Director of National Intelligence, in consultation with other departments and agencies, has determined that the public interest in disclosing this information now outweighs the national security concerns that require its classification,” stated Holder and Clapper.

Facebook’s transparency report for the latter half of 2012 and the first six months of 2013 noted that only a “small fraction” of one percent of its users were the target of any surveillance requests.

LinkedIn received “between 0 and 249” national security-related requests in the first six months of 2013. Over the same time period, Microsoft said it was sent under 1,000 national security letters pertaining to fewer than 1,000 accounts.

However, the government still prohibits companies from disclosing surveillance details about a new product until two years after it was launched, a condition that has irked civil liberties advocates calling for wider change.

Brad Smith, Microsoft’s general counsel and the company’s executive vice president for legal and corporate affairs, has said the government agreed to let the companies disclose requests “in bands of a thousand” and only six months after a request was made.

Asking the public and policymakers to try to judge the appropriateness of the government’s surveillance practices based on a single, combined, rounded number is like asking a doctor to diagnose a patient’s shadow: only the grossest and most obvious problem, if even that, will be ever evident,” Kevin Bankston, policy director at the New America Foundation’s Open Technology Institute, told Politico.

Enhanced by Zemanta

#acesecuritynews, #edward-snowden, #director-of-national-intelligence, #facebook, #google, #linkedin, #microsoft, #national-security-agency, #united-states

“Stop spying on people!” — Syrian Electronic Army’s cyber-attacks compromising Skype’s Twitter, Facebook accounts

syrian-electronic-army-skype.si#AceSecurityNews says “Syrian Electronic Army {SEA} ” commits “Cyber-Attacks” on Social Media sites – Twitter, Facebook and Skype‘s Accounts” #Spying

 

#acesecuritynews, #cyber-attacks, #facebook, #internet-censorship-in-syria, #microsoft, #national-security-agency, #new-york-times, #skype, #social-media, #syrian-electronic-army-sea, #twitter

#AceBreakingNews says this is courtesy of Rob Cox…

#AceBreakingNews says this is courtesy of Rob Cox – Author Reuters Breaking Views columnist. The opinions expressed are his own.
Can General Electric keep activist investors at bay? If the gates at Apple, Microsoft and Procter & Gamble can be rattled, complacency just is not an option for any company, even and maybe especially a $270 billion conglomerate. While GE’s broad strategy looks more coherent than ever, the Connecticut giant still has two potential vulnerabilities: its finance arm and its long-time leader Jeffrey Immelt.

Corporate America has learned of late that size offers no immunity from the braying of ornery shareholders. A $320 billion market value did not shield Microsoft from the pressures of Value Act Capital, which nabbed a board seat and accelerated the exit of Chief Executive Steve Ballmer. Even bigger Apple, and boss Tim Cook, have been targeted by both David Einhorn and Carl Icahn to return more cash to shareholders. A long-standing reputation as a consumer-products stalwart did not protect $220 billion P&G from the advances of Bill Ackman.

GE has so far kept clear. Its executives, however, seem to be cognizant of how quickly that could change. The engines-to-dishwashers manufacturer has been proactively restructuring in ways that could wisely head off rabble-rousers. GE is reducing its exposure to finance, and in recent years exited businesses like NBC Universal, deemed ancillary to a strategy focused on global infrastructure.

As a result, the existing configuration of GE’s industrial portfolio looks better positioned to take advantage of a middle-class future. That world, to put it simply, involves more people around the globe seeking better healthcare, travelling on jet planes and gaining access to clean water and abundant energy – from which they can run GE appliances.

So what would an activist investor go after at GE? The most obvious weak spot is GE Capital. During the financial crisis, the division’s balance sheet of some $550 billion overshadowed the world-class industrial businesses. The need to finance a large financial institution without a stable base of deposits stoked fears GE might even need to jettison valuable assets. GE Capital has since pared its balance sheet by almost a third.

There’s also more to come. In November, GE said it would begin the process of spinning off its consumer finance business, which carries some $59 billion of assets. Once the divestiture is completed, GE Capital will have a loan book of about $350 billion. That’s far below its peak. Yet it still puts GE Capital on a par with U.S. Bancorp and renders it among the country’s biggest financial institutions.

Some of this is easy to justify. About a quarter of GE Capital’s assets will be devoted to what it calls “GE Verticals” where it uses its balance sheet to help finance customer purchases of GE products. But it still envisions tying up more than half its assets in lending and leasing initiatives and some $50 billion in commercial real estate. To investors wanting a more focused, industrial GE, this could provide a potential soft spot.
Courtesy of Rob Cox – Author Reuters Breaking Views columnist. The opinions expressed are his own.

#breaking-views, #apple, #ge-capital, #microsoft, #proctergamble, #reuters, #rob-cox, #steve-balmer

#NSA and #CIA Spied on “World of Warcraft Games” and On-line Games

World of Spycraft: NSA and CIA Spied in Online Games

 

by Justin Elliott, ProPublica, and Mark Mazzetti, The New York Times, Dec. 9, 2013, 7 a.m.

 

This story has been reported in partnership between The New York Times, the Guardian and ProPublica based on documents obtained by The Guardian.

 

Editor says this is a Copyrighted Article courtesy of ProPublica and The New York Times.  

 

Banner made for WikiProject Warcraft. Made by ...

Banner made for WikiProject Warcraft. Made by Havok. (Photo credit: Wikipedia)

 

Not limiting their activities to the earthly realm, American and British spies have infiltrated the fantasy worlds of World of Warcraft and Second Life, conducting surveillance and scooping up data in the online games played by millions of people across the globe, according to newly disclosed classified documents.

 

Fearing that terrorist or criminal networks could use the games to communicate secretly, move money or plot attacks, the documents show, intelligence operatives have entered terrain populated by digital avatars that include elves, gnomes and supermodels.

 

The spies have created make-believe characters to snoop and to try to recruit informers, while also collecting data and contents of communications between players, according to the documents, disclosed by the former National Security Agency contractor Edward J. Snowden. Because militants often rely on features common to video games — fake identities, voice and text chats, a way to conduct financial transactions — American and British intelligence agencies worried that they might be operating there, according to the papers.

 

Online games might seem innocuous, a top-secret 2008 NSA document warned, but they had the potential to be a “target-rich communication network” allowing intelligence suspects “a way to hide in plain sight.” Virtual games “are an opportunity!,” another 2008 NSA document declared.

 

But for all their enthusiasm — so many CIA, FBI and Pentagon spies were hunting around in Second Life, the document noted, that a “deconfliction” group was needed to avoid collisions — the intelligence agencies may have inflated the threat.

 

The documents do not cite any counterterrorism successes from the effort, and former American intelligence officials, current and former gaming company employees and outside experts said in interviews that they knew of little evidence that terrorist groups viewed the games as havens to communicate and plot operations.

 

Games “are built and operated by companies looking to make money, so the players’ identity and activity is tracked,” said Peter W. Singer of the Brookings Institution, an author of “Cybersecurity and Cyberwar: What Everyone Needs to Know.” “For terror groups looking to keep their communications secret, there are far more effective and easier ways to do so than putting on a troll avatar.”

 

The surveillance, which also included Microsoft’s Xbox Live, could raise privacy concerns. It is not clear exactly how the agencies got access to gamers’ data or communications, how many players may have been monitored or whether Americans’ communications or activities were captured.

 

One American company, the maker of World of Warcraft, said that neither the NSA nor its British counterpart, the Government Communications Headquarters, had gotten permission to gather intelligence in its game. Many players are Americans, who can be targeted for surveillance only with approval from the nation’s secret intelligence court. The spy agencies, though, face far fewer restrictions on collecting certain data or communications overseas.

 

“We are unaware of any surveillance taking place,” said a spokesman for Blizzard Entertainment, based in Irvine, Calif., which makes World of Warcraft. “If it was, it would have been done without our knowledge or permission.”

 

A spokeswoman for Microsoft declined to comment. Philip Rosedale, the founder of Second Life and a former chief executive officer of Linden Lab, the game’s maker, declined to comment on the spying revelations. Current Linden executives did not respond to requests for comment.

 

A Government Communications Headquarters spokesman would neither confirm nor deny any involvement by that agency in gaming surveillance, but said that its work is conducted under “a strict legal and policy framework” with rigorous oversight. An NSA spokeswoman declined to comment.

 

Intelligence and law enforcement officials became interested in games after some became enormously popular, drawing tens of millions of people worldwide, from preteens to retirees. The games rely on lifelike graphics, virtual currencies and the ability to speak to other players in real-time. Some gamers merge the virtual and real worlds by spending long hours playing and making close online friends.

 

In World of Warcraft, players share the same fantasy universe — walking around and killing computer-controlled monsters or the avatars of other players, including elves, animals or creatures known as orcs. In Second Life, players create customized human avatars that can resemble themselves or take on other personas — supermodels and bodybuilders are popular — who can socialize, buy and sell virtual goods, and go places like beaches, cities, art galleries and strip clubs. In Microsoft’s Xbox Live service, subscribers connect online in games that can involve activities like playing soccer or shooting at each other in space.

 

According to American officials and documents that Mr. Snowden provided to The Guardian, which shared them with The New York Times and ProPublica, spy agencies grew worried that terrorist groups might take to the virtual worlds to establish safe communications channels.

 

In 2007, as the NSA and other intelligence agencies were beginning to explore virtual games, NSA officials met with the chief technology officer for the manufacturer of Second Life, the San Francisco-based Linden Lab. The executive, Cory Ondrejka, was a former Navy officer who had worked at the NSA with a top-secret security clearance.

 

He visited the agency’s headquarters at Fort Meade, Md., in May 2007 to speak to staff members over a brown bag lunch, according to an internal agency announcement. “Second Life has proven that virtual worlds of social networking are a reality: come hear Cory tell you why!” said the announcement. It added that virtual worlds gave the government the opportunity “to understand the motivation, context and consequent behaviors of non-Americans through observation, without leaving U.S. soil.”

 

Ondrejka, now the director of mobile engineering at Facebook, said through a representative that the NSA presentation was similar to others he gave in that period, and declined to comment further.

 

Even with spies already monitoring games, the NSA thought it needed to step up the effort.

 

“The Sigint Enterprise needs to begin taking action now to plan for collection, processing, presentation and analysis of these communications,” said one April 2008 NSA document, referring to “signals intelligence.” The document added, “With a few exceptions, NSA can’t even recognize the traffic,” meaning that the agency could not distinguish gaming data from other Internet traffic.

 

By the end of 2008, according to one document, the British spy agency, known as GCHQ, had set up its “first operational deployment into Second Life” and had helped the police in London in cracking down on a crime ring that had moved into virtual worlds to sell stolen credit card information. The British spies running the effort, which was code-named “Operation Galician,” were aided by an informer using a digital avatar “who helpfully volunteered information on the target group’s latest activities.”

 

Though the games might appear to be unregulated digital bazaars, the companies running them reserve the right to police the communications of players and store the chat dialogues in servers that can be searched later. The transactions conducted with the virtual money common in the games, used in World of Warcraft to buy weapons and potions to slay monsters, are also monitored by the companies to prevent illicit financial dealings.

 

In the 2008 NSA document, titled “Exploiting Terrorist Use of Games & Virtual Environments,” the agency said that “terrorist target selectors” — which could be a computer’s Internet Protocol address or an email account — “have been found associated with Xbox Live, Second Life, World of Warcraft” and other games. But that document does not present evidence that terrorists were participating in the games.

 

Still, the intelligence agencies found other benefits in infiltrating these online worlds. According to the minutes of a January 2009 meeting, GCHQ’s “network gaming exploitation team” had identified engineers, embassy drivers, scientists and other foreign intelligence operatives to be World of Warcraft players — potential targets for recruitment as agents.

 

At Menwith Hill, a Royal Air Force base in the Yorkshire countryside that the NSA has long used as an outpost to intercept global communications, American and British intelligence operatives started an effort in 2008 to begin collecting data from World of Warcraft.

 

One NSA document said that the World of Warcraft monitoring “continues to uncover potential Sigint value by identifying accounts, characters and guilds related to Islamic extremist groups, nuclear proliferation and arms dealing.” In other words, targets of interest appeared to be playing the fantasy game, though the document does not indicate that they were doing so for any nefarious purposes. A British document from later that year said that GCHQ had “successfully been able to get the discussions between different game players on Xbox Live.”

 

By 2009, the collection was extensive. One document says that while GCHQ was testing its ability to spy on Second Life in real time, British intelligence officers vacuumed up three days’ worth of Second Life chat, instant message and financial transaction data, totaling 176,677 lines of data, which included the content of the communications.

 

For their part, players have openly worried that the NSA might be watching them.

 

In one World of Warcraft discussion thread, begun just days after the first Snowden revelations appeared in the news media in June, a human death knight with the user name “Crrassus” asked whether the NSA might be reading game chat logs.

 

“If they ever read these forums,” wrote a goblin priest with the user name “Diaya,” “they would realize they were wasting” their time.

 

Even before the American government began spying in virtual worlds, the Pentagon had identified the potential intelligence value of video games. The Pentagon’s Special Operations Command in 2006 and 2007 worked with several foreign companies — including an obscure digital media business based in Prague — to build games that could be downloaded to mobile phones., according to people involved in the effort. They said the games, which were not identified as creations of the Pentagon, were then used as vehicles for intelligence agencies to collect information about the users.

 

Eager to cash in on the government’s growing interest in virtual worlds, several large private contractors have spent years pitching their services to American intelligence agencies. In one 66-page document from 2007, part of the cache released by Mr. Snowden, the contracting giant SAIC promoted its ability to support “intelligence collection in the game space,” and warned that online games could be used by militant groups to recruit followers and could provide “terrorist organizations with a powerful platform to reach core target audiences.”

 

It is unclear whether SAIC received a contract based on this proposal, but one former SAIC employee said that the company at one point had a lucrative contract with the CIA for work that included monitoring the Internet for militant activity. An SAIC spokeswoman declined to comment.

 

In spring 2009, academics and defense contractors gathered at the Marriott at Washington Dulles International Airport to present proposals for a government study about how players’ behavior in a game like World of Warcraft might be linked to their real-world identities. “We were told it was highly likely that persons of interest were using virtual spaces to communicate or coordinate,” said Dmitri Williams, a professor at the University of Southern California who received grant money as part of the program.

 

After the conference, both SAIC and Lockheed Martin won contracts worth several million dollars, administered by an office within the intelligence community that finances research projects.

 

It is not clear how useful such research might be. A group at the Palo Alto Research Center, for example, produced a government-funded study of World of Warcraft that found “younger players and male players preferring competitive, hack-and-slash activities, and older and female players preferring noncombat activities,” such as exploring the virtual world. A group from the nonprofit SRI International, meanwhile, found that players under age 18 often used all capital letters both in chat messages and in their avatar names.

 

Those involved in the project were told little by their government patrons. According to Nick Yee, a Palo Alto researcher who worked on the effort, “We were specifically asked not to speculate on the government’s motivations and goals.”

 

Andrew W. Lehren contributed reporting.

 

Editor says this is a Copy Righted Article Courtesy of ProPublica and The New York Times. 

 

LIVE DISCUSSION: What are intelligence agencies doing in virtual worlds? Join ProPublica reporter Justin Elliott and New York Times reporter Mark Mazzetti this Monday, Dec. 9, at 2 pm ET to discuss. Submit your questions here or on Twitter with the hashtag #spygames.

 

Editor says this is a Copy Righted Article courtesy of ProPublica and The New York Times. 

 

Tweet #SpyGames

 

Follow @justinelliott

 

 

 

#acenewsservices, #acesecuritynews, #cia, #communications, #government-communications-headquarters, #guardian, #intelligence, #microsoft, #national-security-agency, #new-york-times, #nsa, #online-games, #propublica, #second-life, #virtual-worlds, #world-of-warcraft

“Tracking Santa The Norad Way For Sixty Three Years”

English: NORAD Tracks Santa logo.

English: NORAD Tracks Santa logo. (Photo credit: Wikipedia)

#AceChristmasNews says it is 63 years ago since, the North American Aerospace Defense Command has tracked Santa Claus on Christmas Eve, as he makes his way around the world delivering gifts to all the good boys and girls.

In 2012 the tradition continued, and showed even more ways that you and your little ones can follow Father Christmas‘ progress. A stunning 25 million people from around the globe are predicted to follow Santa in real-time on-line, on mobile phones and tablets, by email and phone.

What makes the program so special is that more than 1,250 Canadian and American uniformed personnel and Defense-Department civilians volunteer their time on Christmas Eve to answer thousands of phone calls and emails. What’s more, organizations such as Microsoft, Analytical Graphics Inc., Verizon, Vision-box and over 50 others support NORAD.

Interestingly, the popular tradition actually began by mistake, as Capt. Jeff Davis, director of NORAD and the U.S. Northern Command Public Affairs, recently revealed in a guest post on Microsoft’s official blog:

t’s hard to believe it all started with a typo. A program renowned the world over — one that brings in thousands of volunteers, prominent figures such as the First Lady of the United States, and one that has gone on for more than five decades — all started as a misprint.

That error ran in a local Colorado Springs newspaper back in 1955 after a local department store printed an advertisement with an incorrect phone number that children could use to ‘call Santa.’ Except that someone goofed. Or someone mistook a three for an eight. Maybe elves broke into the newspaper and changed the number. We’ll never know.

Official seal of the North American Aerospace ...

Official seal of the North American Aerospace Defense Command. Note that the oceans’ colour is supposed to be “turquoise” http://www.norad.mil/about_us/heraldry.htm but has consistently been rendered, in recent years, as frankly greenish. Older memorabilia uses a bluer colour, ranging up to light blue. (Photo credit: Wikipedia)

But somehow, the number in the advertisement changed, and instead of reaching the ‘Santa’ on call for the local department store, it rang at the desk of the Crew Commander on duty at the Continental Air Defense Command Operations Center, the organization that would one day become the North American Aerospace Defense Command, or ‘NORAD.’

And when the commander on duty, Col. Harry Shoup, first picked up the phone and heard kids asking for Santa, he could have told them they had a wrong number.

But he didn’t, instead, the kind-hearted colonel asked his crew to play along and find Santa’s location. Just like that, NORAD was in the Santa-tracking business.

2012 Improvements Are Made:

Santa is already on his way across the globe delivering presents to the boys and girls on his Nice List. The 2012 NORAD Santa Tracker is currently tracking good ol’ Saint Nick as he makes  his way across the world to deliver presents on Christmas.

You can watch a live video of Santa’s journey below thanks to Norad’s hightech Santa Tracker, but you can also interact with the Santa tracking team via Facebook and Twitter. NORAD will be posting a constant stream of updates via social media sites today.

If you want to talk to the team first hand, you can even give NORAD a call.

Santa’s navigation team can be reached at 877-HI-NORAD (877-446-6723). They’ll be able to give you Santa’s current location and may even be able to tell you when to expect your  presents.

2013 Technology Steps Up:

For the second straight year, Microsoft has partnered with the North American Aerospace Defense Command (NORAD) to monitor Santa’s progress around the globe. Microsoft redid the site this year, however, to allow excited children armed with Surface tablets to spin an interactive Claymation-styled globe around (beginning Dec. 24) and pinpoint when the jolly old elf will arrive in their neighborhood.

The site, now live, offers several holiday-themed games (unlocked using an Advent calendar motif), holiday videos, and music. There’s also “secret Santa” files that talk about the tracker’s history, which began when an advertisement offering to help kids track Santas accidentally published the phone number of CONAD, NORAD’s predecessor. The Director of Operations when, Colonel Harry Shoup, had his staff check the radar for indications of Santa making his way south from the North Pole, according to NORAD.

Years later, Google provided the first “data” that established the Santa Tracker Web site.(For the record, NORAD says its joint radar and satellite tracking system, together with a network of “Santa-Cams” and U.S. and Canadian jet fighters, provide up-to-the-minute alerts on Santa’s progress.) But two years ago, Google and NORAD parted ways, for unexplained reasons, and went with Microsoft instead.. Last year, Google’s revamped Santa tracker offered an opportunity to chat with Santa, download an Android app, and track him via Google+.

NORAD Santa Tracker’s Santa VillageNORADSANTA.ORG
The Santa Village hides videos and games.

For Microsoft, it’s another opportunity to show off how sites designed for Internet Explorer and touch can mimic the apps that its platforms have unfortunately lacked. Microsoft has archived other, similar sites at its ”Reimagine the Web” site. Bing Maps will track Santa this year.

It looks like Google will be directly competing with NORAD this year, however.

“On Christmas Eve we’ll be proudly showcasing a preview of Santa’s dashboard—the technology that powers his sleigh during his around-the-world journey,” Google says. “We have received this special preview from one of Santa’s many developer elves, who are hard at work in the North Pole helping Santa prepare for his big day. Santa’s dashboard—featuring the latest and greatest in Google Maps technology and sleigh engineering—will allow you to follow his progress around the world, and also learn a little about some of his stops along the way.”

Don’t worry, though. As Stefan Weitz, Bing’s general manager, tweeted last month (as noted by Search Engine Land) Microsoft and Google have teamed up to avoid placing Santa in different locations throughout Christmas Eve night.

NORAD OFFICIAL SITE:

#christmas, #google, #microsoft, #norad, #norad-tracks-santa, #north-american-aerospace-defense-command, #santa, #santa-claus