(SAN FRANCISCO) USCG REPORT: The Coast Guard and partner agencies are in the process of investigating the cause of the pipeline fracture off the coast of Southern California, Thursday #AceNewsDesk report

#AceNewsReport – Oct.08: A joint investigation is being led by the Coast Guard, with assistance from the National Transportation Safety Board (NTSB), Bureau of Safety and Environmental Enforcement (BSEE) and the Pipeline and Hazardous Materials Safety Administration (PHMSA).

#AceDailyNews reports on the Newport Beach pipeline fracture that is now being investigated jointly by the US Coast Guard, NTSB, BSEE & PHSMA to findout what cause the incident that leaked gallons of oil into the ocean causing so much damage to the environment ….

News Release : U.S. Coast Guard 11th District Pacific Southwest
Contact: 11th District Public Affairs
Office: (510) 437-3325
After Hours: (510) 772-8865
PADETSF@uscg.mil
11th District online newsroom

Editor’s Note: Click on images above to download full-resolution version.

Coast Guard, partner agencies investigating cause of Southern California pipeline fracture

The Coast Guard Commandant designated the oil spill as a Major Marine Casualty. 

Marine casualties are categorized based on their severity to include reportable marine casualties as the lowest level of severity, serious marine incidents as the next level, and major marine casualties as the highest level. A Major Marine Casualty is a marine casualty involving a vessel that results in one or more of the following:

  • The loss of six or more lives.
  • The loss of a mechanically propelled vessel of 100 or more gross tons. 
  • Property damage initially estimated as $500,000 or more. 
  • Serious threat, as determined by the Commandant and concurred with by the NTSB chairman, to life, property, or the environment by hazardous materials. 

As part of its mission to prevent and mitigate marine accidents, the Coast Guard investigates the causes of marine casualties and analyzes investigation data in an effort to identify measures that will promote safety, protect the environment, and to prevent future accidents. The primary purpose of a marine casualty investigation is to ascertain, as closely as possible:

  • The cause of the casualty. 
  • Whether an act of misconduct, incompetence, negligence, unskillfulness, or willful violation of the law has been committed so that appropriate remedial actions may be taken.
  • Whether there is evidence that an act subjecting the offender to a civil penalty under the laws of the United States has been committed, so that appropriate action may be undertaken to collect the penalty. 
  • Whether there is evidence that a criminal act under laws of the United States have been committed, so the matter may be referred to appropriate authorities for prosecution.
  • Whether there is need for new laws or regulations, or amendment or repeal of existing laws or regulations to prevent the recurrence of the casualty. 

The Pipeline P00547 Spill has been deemed a Major Marine Casualty due to the potential involvement of a vessel and the resulting damages estimated in excess of $500,000. As a Major Marine Casualty, the NTSB is also conducting an investigation and working in coordination with the Coast Guard. Other agencies involved include PHMSA and BSEE. These four agencies are working in conjunction with California Department of Fish and Wildlife. 

If the public has any information about the incident they are requested to contact the NTSB hotline at witness@ntsb.gov. 

#AceNewsDesk report ……………Published: Oct.08: 2021:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily all of our posts fromTwitter can be found here: https://acetwitternews.wordpress.com/ and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#bsee, #coast-guard, #newport-beach, #ntsb, #phsma, #san-francisco, #uscg

(SAN FRANCISCO) USCG REPORT: The Coast Guard and Southern Marin Fire Protection District crews rescued five people Saturday from a cliffside near Muir Beach #AceNewsDesk report

#AceNewsReport – Aug.26: Watchstanders briefed the Coast Guard Air Station San Francisco operations center who accepted the agency assist request and launched their MH-65 Dolphin helicopter crew.

#AceDailyNews reports that the Coast Guard, Southern Marin Fire crews rescue five from cliff near Muir Beach as Battalion 3, Southern Marine Fire Protection District, notified Coast Guard Sector San Francisco watchstanders at 8:17 p.m. Saturday of three people stranded on a cliff face and two additional individuals stranded topside in view of Muir Beach.

U.S. Coast Guard sent this bulletin at 08/22/2021 01:28 PM EDTNews Release 

U.S. Coast Guard 11th District Pacific Southwest
Contact: 11th District Public Affairs
Office: (510) 437-3325
After Hours: (510) 772-8865
PADETSF@uscg.mil
11th District online newsroom

Coast Guard, Southern Marin Fire crews rescue 5 from cliff near Muir Beach

Coast Guard, Southern Marin Fire rescue 5 from cliff near Muir Beach

Editor’s Note: Click on images above to download full-resolution version.

Battalion 3 personnel reported a land-based rescue of the two people on top of the cliff and remained on scene to vector in the Dolphin helicopter crew to the three people stranded on the cliff.

The Dolphin helicopter crew arrived on scene at approximately 9 p.m. and hoisted all three people from the cliff and transported them to Air Station San Francisco with no reported injuries.

“Cliff operations are inherently risky for both ground parties and air crew, and are significantly higher risk during nighttime,” said Lt. Cmdr. Eric Schwartz, the Air Station San Francisco Dolphin aircraft commander. “We were glad the conditions allowed us to save three lives alongside our partner agencies.”

#AceNewsDesk report ………Published: Aug.26: 2021:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily all of our posts fromTwitter can be found here: https://acetwitternews.wordpress.com/ and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#acedailynewsreports, #coast-guard, #san-francisco, #uscg

(SAN FRANCISCO) USCG REPORT: The Coast Guard rescued a kayaker approximately 70 miles west of Santa Cruz, Sunday morning #AceNewsDesk report

#AceNewsReport – June.08: The kayaker lost GPS capability, had nearly capsized due to heavy weather and contacted the Coast Guard for rescue.

Coast Guard rescues kayaker 70 miles west of Santa Cruz after San Francisco watchstanders received a report at 9:42 p.m. Saturday from a kayaker who was making a solo voyage from Sausalito to Honolulu.

U.S. Coast Guard sent this bulletin at 06/06/2021 08:34 PM EDTNews Release 

U.S. Coast Guard 11th District Pacific Southwest
Contact: 11th District Public Affairs
Office: (510) 437-3325
After Hours: (510) 772-8865
11th District online newsroom

Coast Guard rescues kayaker 70 miles west of Santa Cruz

CG rescues kayaker 70 miles west of Santa Cruz

Editor’s Note: Click on image above to download full-resolution version.

Watchstanders directed the launch of a Coast Guard Air Station San Francisco MH-65 Dolphin helicopter crew at 10:25 p.m. The aircrew arrived on scene at 12:39 a.m., hoisted the kayaker into the helicopter and returned to Air Station San Francisco.

“Recognizing that the situation was beyond his capabilities and calling for assistance allowed our crews to reach him in time for a successful rescue,” said Lt. Cmdr. Matthew Kroll, a Coast Guard spokesperson. “This shows that even experienced mariners with proper safety equipment can get into trouble on the ocean, which is why having the right equipment and knowing when and how to use it is so important.”

The survivor was reported to be in good condition with no medical concerns.

#AceNewsDesk report ………Published: Jun.08: 2021:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#kayaker, #san-francisco, #santa-cruz, #uscg

WASHINGTON: ‘ House passes legislation 241-179 to deny Sanctuary Cities Funding ‘

#AceNewsReport – WASHINGTON:July.28: House Republicans passed legislation on Thursday that would deny federal funds to sanctuary cities in the aftermath of the slaying in San Francisco this month that allegedly involved an illegal immigrant.

The bill, passed 241-179, would withhold certain federal law enforcement grants to cities that have policies designed to shelter illegal immigrants from deportation.

Read the full story here.

@AceNewsServices

Ace Worldwide News

#federal-law-enforcement-grants, #illegal-immigrant, #illegal-immigrants, #san-francisco

‘ Microsoft Launches Windows 10 Skipping 9 -WHY- Terry Myerson Replies its a More Appropriate Name ‘

#AceWorldNews – UNITED STATES (San Francisco) – Microsoft on Tuesday lifted the veil on the next version of Windows: Windows 10.

At an event in San Francisco focused on corporate users, Microsoft previewed early elements of the next generation of its iconic computer operating system.

It represents the first step in a whole new generation of Windows, said Microsoft executive Terry Myerson.

What happened to Windows 9? Twitter reacts to Microsoft news 

The company said it will focus on one Windows product family across devices. Its corporate users will find Windows 10 “familiar, compatible and productive,” Myerson said.

Microsoft’s Joe Belfiore gave a demo, focused on the core experience in how the PC “is evolving.”

There are live tiles, familiar to Windows 8 users, but also elements familiar to Windows 7 users, which is far more widely deployed. The Start menu and task bar are front and center.

Yes, the company is skipping the “Windows 9” moniker. Why skip 9?

“When you see the product in its fullness, I think you will agree with us that it is a more appropriate name,” Myerson said.

Among other things, Belfiore said the company wants to focus on personalization, to make the Windows experience particular to individual users’ tastes and preferences.

“We are trying to hit this balance in just the right way,” Belfiore said.

#ANS2014

#san-francisco, #united-states, #windows

` San Francisco Social Media Maven and Former Political Consultant Chamberlain is Arrested '

#AceNewsServices – SAN FRANCISCO (AP) – A San Francisco social media maven and former political consultant who was wanted on suspicion of possessing explosives has been taken into custody after a three-day manhunt.

Federal agents and the San Francisco police said they captured Ryan Kelly Chamberlain II, 42, on Monday afternoon shortly after announcing that they had found his car near Crissy Field, just south of the Golden Gate Bridge.

Though Chamberlain was considered armed and dangerous, FBI spokesman Peter Lee said Monday that he did not seem to pose an immediate threat to public safety.

“Anyone who has the means, methods and access to make a bomb should be considered armed and dangerous,” Lee said before the arrest.

A law enforcement official who spoke on the condition of anonymity because he was not authorized to speak publicly on the matter said Chamberlain was spotted in his white car around 6:22 p.m. Monday.

The official told The Associated Press that Chamberlain was arrested without incident and is in the custody of the FBI, where he is being processed or undergoing interrogation.

Multiple agencies, including hazardous materials crews, searched Chamberlain’s apartment Saturday in San Francisco’s Russian Hill neighbourhood, blocking off the street to vehicle and pedestrian traffic for much of the day.

Lee gave no further details about the nature of the investigation, and the affidavit and search warrant used to enter Chamberlain’s home remained under seal.

AP – Fox News – Huffington Post

#ANS2014

#golden-gate-bridge, #san-francisco

FBI issues nationwide alert for San Francisco man


42-year-old Ryan Kelly Chamberlain II

The FBI has issued a nationwide alert to law enforcement agencies about a San Francisco social media consultant they consider armed and dangerous who is wanted on suspicion of possessing explosives. FBI spokesman Peter Lee said Sunday that 42-year-old Ryan Kelly Chamberlain II was last seen in a dark blue, hooded sweatshirt and jeans. Multiple agencies, including hazardous materials crews, searched Chamberlain’s apartment in San Francisco’s Russian Hill neighborhood on Saturday, blocking off the street to vehicle and pedestrian traffic for much of the day. Lee gave no details Sunday about the nature of the investigation, but said authorities believe Chamberlain is acting alone. “We believe he is alone in the vehicle but we just don’t know, again, where his ties or his network is so we ask that any members of the public be on the lookout for anyone that matches this man’s description,” Lee said at a press conference outside FBI headquarters on Sunday. Chamberlain is traveling in a white 2008 Nissan Altima with Texas or California license plates, but authorities do not know where he is heading, Lee said.

His boss at a music rights consultancy group said he last contacted her Friday to remind her to deposit his paycheck at a new bank account. Brooke Wentz said the conversation was uneventful and that she was “tremendously dumbfounded” by the news that the contractor she hired to handle her company’s social media accounts was wanted by the FBI. “He’s a nice guy,” Wentz told The Associated Press.

Wentz said it didn’t seem like Chamberlain was staying in the apartment on Jackson Street. She said when she mailed him his paycheck in April, he told her he would have to go the apartment to pick it up. She said he seemed under financial pressure because he told her that two friends who were leasing his apartment left without telling him and he had to scramble to pay for two rentals. “I wondered what kind of friends would do something like that? I tried to ask him about the situation but he was kind of evading my question,” Wentz said. Randy Bramblett, a personal trainer and professional athlete in San Francisco, said he became friends with Chamberlain through Project Sport, a local sports marketing company. The company let Chamberlain go when it was sold in November and he soon lost touch with friends and stopped returning calls and messages, Bramblett said.


Via AP

“We all knew that he was a very emotional guy and when he didn’t get his own way he would say ‘Screw you, I’m going to go do my own thing,'” Bramblett said. “I’ve never seen him be violent, ever, but I would definitely say that maybe emotionally and mentally he was a little unstable.” Chamberlain had worked for years as a political consultant on Democratic campaigns, Bramblett said. He also worked as an independent contractor for The San Francisco Chronicle during the 2012 NFL season, doing social media to boost coverage for the San Francisco 49ers Insider iPad app, the newspaper said.

A spokeswoman for the University of San Francisco said Chamberlain taught a “Grass Roots Mobilization” course to graduate students in the Public Affairs program in 2011. Anne-Marie Devine said Chamberlain taught for one semester, and wasn’t invited to teach another course. She said she didn’t know why because hundreds of adjunct professors come and go at the university. The affidavit and search warrant used to enter Chamberlain’s home remain under seal.

#42-year-old-ryan-kelly-chamberlain-ii, #fbi, #naationwide-alert, #possessing-explosives, #russian-hill-neighborhood, #ryan-kelly-chamberlain-ii, #san-francisco

` Facebook Headquarters in `San Francisco ‘ area are targeted by a threat but investigations show totally not credible’

#AceWorldNews Police searched and secured the headquarters of social media giant Facebook on Tuesday evening after receiving a threat against the company, Reuters reported.

San Francisco-area authorities said the threat turned out to be “totally not credible.” Facebook personnel held employees at the campus until officers were on scene, and police officers allowed Facebook staff to leave at about 8:30pm (03:30 GMT).

#ANS2014

#facebook, #reuters, #san-francisco

” Passengers On-Board `Asiana Airlines Flight 214′ Have Filed Personal Injury Lawsuit Against Boeing”

#AceWorldNews says a group of passengers on-board Asiana Airlines Flight 214, which crash-landed in San Francisco on July 6, have filed a personal injury lawsuit against Boeing, CNN reports.
The lawsuit claims that some equipment on the plane was faulty or improperly installed or defective, resulting in inadequate warnings for the pilots regarding low airspeed.
More than 80 of the plane’s 291 passengers are named as plaintiffs in the lawsuit.
The law firm handling the suit said that Asiana and certain parts manufacturers could be added to the lawsuit at a later date.

#asiana-airlines, #boeing, #cnn, #san-francisco

#NSA’s Shadowy World of Spying Uncovered by Spiegel Staff

The seal of the U.S. National Security Agency....

The seal of the U.S. National Security Agency. The first use was in September 1966, replacing an older seal which was used briefly. For more information, see here and here. (Photo credit: Wikipedia)

#AceSecurityNews says this was a post provided copyrighted and courtesy of “Der Spiegel” and all the revelations contained within were uncovered by the Spiegal Staff during their investigations and piecing together documents.      

The NSA’s TAO hacking unit is considered to be the intelligence agency‘s top-secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting.

San Francisco

San Francisco (Photo credits: www.roadtrafficsigns.com)

In January 2010, numerous home owners in San Antonio, Texas, stood baffled in front of their closed garage doors. They wanted to drive to work or head off to do their grocery shopping, but their garage door openers had gone dead, leaving them stranded. No matter how many times they pressed the buttons, the doors didn’t budge. The problem primarily affected residents in the western part of the city, around Military Drive and the interstate highway known as Loop 410.

In the United States, a country of cars and commuters, the mysterious garage door problem quickly became an issue for local politicians. Ultimately, the municipal government solved the riddle. Fault for the error lay with the United States’ foreign intelligence service, the National Security Agency, which has offices in San Antonio. Officials at the agency were forced to admit that one of the NSA’s radio antennas was broadcasting at the same frequency as the garage door openers. Embarrassed officials at the intelligence agency promised to resolve the issue as quickly as possible, and soon the doors began opening again.

It was thanks to the garage door opener episode that Texans learned just how far the NSA’s work had encroached upon their daily lives. For quite some time now, the intelligence agency has maintained a branch with around 2,000 employees at Lack-land Air Force Base, also in San Antonio. In 2005, the agency took over a former Sony computer chip plant in the western part of the city. A brisk pace of construction commenced inside this enormous compound. The acquisition of the former chip factory at Sony Place was part of a massive expansion the agency began after the events of Sept. 11, 2001.

On-Call Digital Plumbers:

TAOOne of the two main buildings at the former plant has since housed a sophisticated NSA unit, one that has benefited the most from this expansion and has grown the fastest in recent years — the Office of Tailored Access Operations, or TAO. This is the NSA’s top operative unit — something like a squad of plumbers that can be called in when normal access to a target is blocked.

According to internal NSA documents viewed by SPIEGEL, these on-call digital plumbers are involved in many sensitive operations conducted by American intelligence agencies. TAO’s area of operations ranges from counter-terrorism to cyber attacks to traditional espionage. The documents reveal just how diversified the tools at TAO’s disposal have become — and also how it exploits the technical weaknesses of the IT industry, from Microsoft to Cisco and Huawei, to carry out its discreet and efficient attacks.

The unit is “akin to the wunderkind of the US intelligence community,” says Matthew Aid, a historian who specializes in the history of the NSA. “Getting the ungettable” is the NSA’s own description of its duties. “It is not about the quantity produced but the quality of intelligence that is important,” one former TAO chief wrote, describing her work in a document. The paper seen by SPIEGEL quotes the former unit head stating that TAO has contributed “some of the most significant intelligence our country has ever seen.” The unit, it goes on, has “access to our very hardest targets.”  

A Unit Born of the Internet:

Defining the future of her unit at the time, she wrote that TAO “needs to continue to grow and must lay the foundation for integrated Computer Network Operations,” and that it must “support Computer Network Attacks as an integrated part of military operations.” To succeed in this, she wrote, TAO would have to acquire “pervasive, persistent access on the global network.” An internal description of TAO’s responsibilities makes clear that aggressive attacks are an explicit part of the unit’s tasks. In other words, the NSA’s hackers have been given a government mandate for their work. During the middle part of the last decade, the special unit succeeded in gaining access to 258 targets in 89 countries — nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.

Indeed, TAO specialists have directly accessed the protected networks of democratically elected leaders of countries. They infiltrated networks of European telecommunications companies and gained access to and read mails sent over Blackberry’s BES email servers, which until then were believed to be securely encrypted. Achieving this last goal required a “sustained TAO operation,” one document states.

This TAO unit is born of the Internet — created in 1997, a time when not even 2 percent of the world’s population had Internet access and no one had yet thought of Facebook, YouTube or Twitter. From the time the first TAO employees moved into offices at NSA headquarters in Fort Meade, Maryland, the unit was housed in a separate wing, set apart from the rest of the agency. Their task was clear from the beginning — to work around the clock to find ways to hack into global communications traffic.

Recruiting the Geeks:

To do this, the NSA needed a new kind of employee. The TAO workers authorized to access the special, secure floor on which the unit is located are for the most part considerably younger than the average NSA staff member. Their job is breaking into, manipulating and exploiting computer networks, making them hackers and civil servants in one. Many resemble geeks — and act the part, too.

Official portrait of NSA director Keith B. Ale...

Official portrait of NSA director Keith B. Alexander. (Photo credit: Wikipedia)

<

p>Indeed, it is from these very circles that the NSA recruits new hires for its Tailored Access Operations unit. In recent years, NSA Director Keith Alexander has made several appearances at major hacker conferences in the United States. Sometimes, Alexander wears his military uniform, but at others, he even dons jeans and a t-shirt in his effort to court trust and a new generation of employees.

The recruitment strategy seems to have borne fruit. Certainly, few if any other divisions within the agency are growing as quickly as TAO. There are now TAO units in Wahiawa, Hawaii; Fort Gordon, Georgia; at the NSA’s outpost at Buckley Air Force Base, near Denver, Colorado; at its headquarters in Fort Meade; and, of course, in San Antonio.

One trail also leads to Germany. According to a document dating from 2010 that lists the “Lead TAO Liaisons” domestically and abroad as well as names, email addresses and the number for their “Secure Phone,” a liaison office is located near Frankfurt — the European Security Operations Center (ESOC) at the so-called “Dagger Complex” at a US military compound in the Griesheim suburb of Darmstadt.

But it is the growth of the unit’s Texas branch that has been uniquely impressive, the top-secret documents reviewed by SPIEGEL show. These documents reveal that in 2008, the Texas Cryptologic Centre employed fewer than 60 TAO specialists. By 2015, the number is projected to grow to 270 employees. In addition, there are another 85 specialists in the “Requirements & Targeting” division (up from 13 specialists in 2008). The number of software developers is expected to increase from the 2008 level of three to 38 in 2015. The San Antonio office handles attacks against targets in the Middle East, Cuba, Venezuela and Colombia, not to mention Mexico, just 200 kilometers (124 miles) away, where the government has fallen into the NSA’s cross-hairs.

Quantamtheory -GCHQTargeting Mexico

Mexico’s Secretariat of Public Security, which was folded into the new National Security Commission at the beginning of 2013, was responsible at the time for the country’s police, counter-terrorism, prison system and border police. Most of the agency’s nearly 20,000 employees worked at its headquarters on Avenida Constituyentes, an important traffic artery in Mexico City. A large share of the Mexican security authorities under the auspices of the Secretariat are supervised from the offices there, making Avenida Constituyentes a one-stop shop for anyone seeking to learn more about the country’s security apparatus.

Operation WHITETAMALE:

That considered, assigning the TAO unit responsible for tailored operations to target the Secretariat makes a lot of sense. After all, one document states, the US Department of Homeland Security and the United States’ intelligence agencies have a need to know everything about the drug trade, human trafficking and security along the US-Mexico border. The Secretariat presents a potential “goldmine” for the NSA’s spies, a document states. The TAO workers selected systems administrators and telecommunications engineers at the Mexican agency as their targets, thus marking the start of what the unit dubbed Operation WHITETAMALE.

Workers at NSA’s target selection office, which also had Angela Merkel in its sights in 2002 before she became chancellor, sent TAO a list of officials within the Mexican Secretariat they thought might make interesting targets. As a first step, TAO penetrated the target officials’ email accounts, a relatively simple job. Next, they infiltrated the entire network and began capturing data.

Soon the NSA spies had knowledge of the agency’s servers, including IP addresses, computers used for email traffic and individual addresses of diverse employees. They also obtained diagrams of the security agencies’ structures, including video surveillance. It appears the operation continued for years until SPIEGEL first reported on it in October.

The technical term for this type of activity is “Computer Network Exploitation” (CNE). The goal here is to “subvert endpoint devices,” according to an internal NSA presentation that SPIEGEL has viewed. The presentation goes on to list nearly all the types of devices that run our digital lives — “servers, workstations, firewalls, routers, handsets, phone switches, SCADA systems, etc.” SCADAs are industrial control systems used in factories, as well as in power plants. Anyone who can bring these systems under their control has the potential to knock out parts of a country’s critical infrastructure.

StuxnetThe most well-known and notorious use of this type of attack was the development of Stuxnet, the computer worm whose existence was discovered in June 2010. The virus was developed jointly by American and Israeli intelligence agencies to sabotage Iran’s nuclear program, and successfully so. The country’s nuclear program was set back by years after Stuxnet manipulated the SCADA control technology used at Iran’s uranium enrichment facilities in Natanz, rendering up to 1,000 centrifuges unusable.

The special NSA unit has its own development department in which new technologies are developed and tested. This division is where the real tinkerers can be found, and their inventiveness when it comes to finding ways to infiltrate other networks, computers and smartphones evokes a modern take on Q, the legendary gadget inventor in James Bond movies.

Having Fun at Microsoft’s Expense:

One example of the sheer creativity with which the TAO spies approach their work can be seen in a hacking method they use that exploits the error-proneness of Microsoft’s Windows. Every user of the operating system is familiar with the annoying window that occasionally pops up on-screen when an internal problem is detected, an automatic message that prompts the user to report the bug to the manufacturer and to restart the program. These crash reports offer TAO specialists a welcome opportunity to spy on computers.

When TAO selects a computer somewhere in the world as a target and enters its unique identifiers (an IP address, for example) into the corresponding database, intelligence agents are then automatically notified any time the operating system of that computer crashes and its user receives the prompt to report the problem to Microsoft. An internal presentation suggests it is NSA’s powerful XKeyscore spying tool that is used to fish these crash reports out of the massive sea of Internet traffic.

The automated crash reports are a “neat way” to gain “passive access” to a machine, the presentation continues. Passive access means that, initially, only data the computer sends out into the Internet is captured and saved, but the computer itself is not yet manipulated. Still, even this passive access to error messages provides valuable insights into problems with a targeted person’s computer and, thus, information on security holes that might be exploitable for planting malware or spyware on the unwitting victim’s computer.

Although the method appears to have little importance in practical terms, the NSA’s agents still seem to enjoy it because it allows them to have a bit of a laugh at the expense of the Seattle-based software giant. In one internal graphic, they replaced the text of Microsoft’s original error message with one of their own reading, “This information may be intercepted by a foreign sigint system to gather detailed information and better exploit your machine.” (“Sigint” stands for “signals intelligence.”)

One of the hackers’ key tasks is the offensive infiltration of target computers with so-called implants or with large numbers of Trojans. They’ve bestowed their spying tools with illustrious monikers like “ANGRY NEIGHBOUR,” “HOWLERMONKEY” or “WATERWITCH.” These names may sound cute, but the tools they describe are both aggressive and effective.

According to details in Washington’s current budget plan for the US intelligence services, around 85,000 computers worldwide are projected to be infiltrated by the NSA specialists by the end of this year. By far the majority of these “implants” are conducted by TAO teams via the Internet.

Increasing Sophistication:

Until just a few years ago, NSA agents relied on the same methods employed by cyber criminals to conduct these implants on computers. They sent targeted attack emails disguised as spam containing links directing users to virus-infected websites. With sufficient knowledge of an Internet browser’s security holes — Microsoft’s Internet Explorer, for example, is especially popular with the NSA hackers — all that is needed to plant NSA malware on a person’s computer is for that individual to open a website that has been specially crafted to compromise the user’s computer. Spamming has one key drawback though: It doesn’t work very often.

Quantamtheory -GCHQNevertheless, TAO has dramatically improved the tools at its disposal. It maintains a sophisticated toolbox known internally by the name “QUANTUMTHEORY.” “Certain QUANTUM missions have a success rate of as high as 80%, where spam is less than 1%,” one internal NSA presentation states.

A comprehensive internal presentation titled “QUANTUM CAPABILITIES,” which SPIEGEL has viewed, lists virtually every popular Internet service provider as a target, including Facebook, Yahoo, Twitter and YouTube. “NSA QUANTUM has the greatest success against Yahoo, Facebook and static IP addresses,” it states. The presentation also notes that the NSA has been unable to employ this method to target users of Google services. Apparently, that can only be done by Britain’s GCHQ intelligence service, which has acquired QUANTUM tools from the NSA.

A favoured tool of intelligence service hackers is “QUANTUMINSERT.” GCHQ workers used this method to attack the computers of employees at partly government-held Belgian telecommunications company Belgacom, in order to use their computers to penetrate even further into the company’s networks. The NSA, meanwhile, used the same technology to target high-ranking members of the Organization of the Petroleum Exporting Countries (OPEC) at the organization’s Vienna headquarters. In both cases, the trans-Atlantic spying consortium gained unhindered access to valuable economic data using these tools.

The NSA’s Shadow Network:

The insert method and other variants of QUANTUM are closely linked to a shadow network operated by the NSA alongside the Internet, with its own, well-hidden infrastructure comprised of “covert” routers and servers. It appears the NSA also incorporates routers and servers from non-NSA networks into its covert network by infecting these networks with “implants” that then allow the government hackers to control the computers remotely. (Click here to read a related article on the NSA’s “implants”.)

In this way, the intelligence service seeks to identify and track its targets based on their digital footprints. These identifiers could include certain email addresses or website cookies set on a person’s computer. Of course, a cookie doesn’t automatically identify a person, but it can if it includes additional information like an email address. In that case, a cookie becomes something like the web equivalent of a fingerprint.

A Race Between Servers

Once TAO teams have gathered sufficient data on their targets’ habits, they can shift into attack mode, programming the QUANTUM systems to perform this work in a largely automated way. If a data packet featuring the email address or cookie of a target passes through a cable or router monitored by the NSA, the system sounds the alarm. It determines what website the target person is trying to access and then activates one of the intelligence service’s covert servers, known by the codename FOXACID.

This NSA server coerces the user into connecting to NSA covert systems rather than the intended sites. In the case of Belgacom engineers, instead of reaching the LinkedIn page they were actually trying to visit, they were also directed to FOXACID servers housed on NSA networks. Undetected by the user, the manipulated page transferred malware already custom tailored to match security holes on the target person’s computer.

The technique can literally be a race between servers, one that is described in internal intelligence agency jargon with phrases like: “Wait for client to initiate new connection,” “Shoot!” and “Hope to beat server-to-client response.” Like any competition, at times the covert network’s surveillance tools are “too slow to win the race.” Often enough, though, they are effective. Implants with QUANTUMINSERT, especially when used in conjunction with LinkedIn, now have a success rate of over 50 percent, according to one internal document.

Tapping Undersea Cables:

At the same time, it is in no way true to say that the NSA has its sights set exclusively on select individuals. Of even greater interest are entire networks and network providers, such as the fiber optic cables that direct a large share of global Internet traffic along the world’s ocean floors.

One document labelled “top-secret” and “not for foreigners” describes the NSA’s success in spying on the “SEA-ME-WE-4” cable system. This massive underwater cable bundle connects Europe with North Africa and the Gulf states and then continues on through Pakistan and India, all the way to Malaysia and Thailand. The cable system originates in southern France, near Marseille. Among the companies that hold ownership stakes in it are France Telecom, now known as Orange and still partly government-owned, and Telecom Italia Sparkle.

The document proudly announces that, on Feb. 13, 2013, TAO “successfully collected network management information for the SEA-Me-We Undersea Cable Systems (SMW-4).” With the help of a “website masquerade operation,” the agency was able to “gain access to the consortium’s management website and collected Layer 2 network information that shows the circuit mapping for significant portions of the network.”

It appears the government hackers succeeded here once again using the QUANTUMINSERT method.

The document states that the TAO team hacked an internal website of the operator consortium and copied documents stored there pertaining to technical infrastructure. But that was only the first step. “More operations are planned in the future to collect more information about this and other cable systems,” it continues.

But numerous internal announcements of successful attacks like the one against the undersea cable operator aren’t the exclusive factors that make TAO stand out at the NSA. In contrast to most NSA operations, TAO’s ventures often require physical access to their targets. After all, you might have to directly access a mobile network transmission station before you can begin tapping the digital information it provides.

Spying Traditions Live On:

To conduct those types of operations, the NSA works together with other intelligence agencies such as the CIA and FBI, which in turn maintain informants on location who are available to help with sensitive missions. This enables TAO to attack even isolated networks that aren’t connected to the Internet. If necessary, the FBI can even make an agency-owned jet available to ferry the high-tech plumbers to their target. This gets them to their destination at the right time and can help them to disappear again undetected after as little as a half hour’s work.

Responding to a query from SPIEGEL, NSA officials issued a statement saying, “Tailored Access Operations is a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies.” The statement added that TAO’s “work is centered on computer network exploitation in support of foreign intelligence collection.” The officials said they would not discuss specific allegations regarding TAO’s mission.

Sometimes it appears that the world’s most modern spies are just as reliant on conventional methods of reconnaissance as their predecessors.

Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called “load stations,” agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide back-door access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.

These minor disruptions in the parcel shipping business rank among the “most productive operations” conducted by the NSA hackers, one top-secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks “around the world.”

Even in the Internet Age, some traditional spying methods continue to live on.

REPORTED BY JACOB APPELBAUM, LAURA POITRAS, MARCEL ROSENBACH, CHRISTIAN STÖCKER, JÖRG SCHINDLER AND HOLGER STARK

Courtesy of: DS

© SPIEGEL ONLINE 2013
All Rights Reserved
Reproduction only allowed with the permission of SPIEGELnet GmbH  

 

Enhanced by Zemanta

#acesecuritynews, #buckley-air-force-base, #computer-network-operations, #der-spiegel, #fort-gordon, #national-security-agency, #nsa, #san-antonio, #san-francisco, #tao, #united-states