Monday, September 12, 2016

Snowden releases Top Secret spy satellite PAN details ...

Documents obtained by the online publication ‘The Intercept‘ from NSA Whistleblower Edward Snowden have lifted the veil on one of America’s most enigmatic satellite missions of recent years, roaming high above Earth to intercept the communications of commercial satellites otherwise not accessible in the NSA’s information-gathering efforts.

Only known by the name of PAN, the satellite was sent into orbit on September 8, 2009 atop an Atlas V rocket under contract with an undisclosed U.S. Government Agency. No agency claimed ownership of the satellite – a highly unusual move as even the National Reconnaissance Office, operator of U.S. spy satellites, publicly acknowledges the launches of its intelligence-gathering birds.
Although no government agency would step forward, spacecraft builder Lockheed Martin was happy to announce the company had built the spacecraft based on the A2100 commercial satellite platform and even released a photo of it in its factory. Normally, photos of U.S. spy assets are kept under wraps until declassification decades after the fact, adding more mystery to PAN’s case.

According to Lockheed Martin, PAN was ordered by its hush-hush operator in 2006 and construction and testing on the satellite finished within three years, suggesting some urgency in getting the satellite into orbit.

The mission’s elusive three-letter designation apparently stood for ‘Palladium at Night.’ In addition to being the name of a rare silver-white metal, Palladium can also stand for a safeguard, “especially one viewed as a guarantee of the integrity of social institutions.” After its successful arrival in orbit, PAN changed its enigmatic name for the numeric designation USA-207 in America’s fleet of classified satellites.

Whenever a classified U.S. intelligence satellite sets sail for its top secret destination in space, a worldwide network of satellite trackers mobilizes to scan the sky for the newly launched bird, also employing radio equipment to help characterize its activity to reveal clues on the craft’s tasks.

In case of PAN, radio observations performed while the satellite was still riding atop its Atlas V booster revealed it was transmitting on a beacon frequency previously employed by Ultra High Frequency Follow-On satellites providing secure communications to mobile military users. However, the lone image of the satellite released by Lockheed showed it was not carrying any large helix antennas required for UHF communications, adding to the mystery of PAN’s actual identity.
PAN parked in close proximity to PakSat-1, operated by the government of Pakistan since 2002.

Eventually, satellite spotters found USA-207 in a position over Africa, having entered its high-altitude perch in Geostationary Orbit where the craft’s speed matches that of Earth’s rotation so it can remain in the same position relative to the ground.

The Snowden document is the first to tie the PAN satellite to a series of satellites codenamed NEMESIS – a designation first uncovered in a leaked U.S. government budget breakdown. Part of the High-Altitude Signals Intelligence branch, NEMESIS received a $500-million budget for Fiscal Year 2011 for what is now known to be the second satellite in the constellation, referred to as CLIO.

While no explanation for the acronym CLIO was offered, its mission was quickly connected to PAN given many parallels between the two including the Lockheed satellite platform and similar levels of secrecy surrounding its September 2014 liftoff from Florida’s Space Coast.

According to the MHS document, the inauguration of the NEMESIS satellites was expected to “open up new opportunities for discovery and will enhance collection efforts for the intelligence community into areas not previously explored.

Monday, August 29, 2016

SETI researchers hopeful about radio spike.

SETI researchers are buzzing about a strong spike in radio signals that seemed to come from the direction of a sunlike star in the constellation Hercules, known as HD 164595.

The signal conceivably fits the profile for an intentional transmission from an extraterrestrial source – but it could also be a case of earthly radio interference, or a microlensing event in which the star’s gravitational field focused stray signals coming from much farther away.

In any case, the blip is interesting enough to merit discussion by those who specialize in the search for extraterrestrial intelligence, or SETI – including Centauri Dreams’ Paul Gilster, who brought the case into the public eye this weekend.

At least two SETI research groups are aiming to track HD 164595 tonight. The SETI Institute is using the Allen Telescope Array in northern California, while METI International is looking to the Boquete Optical SETI Observatory in Panama.

Gilster reports that the signal spike was detected more than a year ago, on May 15, 2015, by the RATAN-600 radio telescope in Zelenchukskaya. That facility is in the Russian republic of Karachay-Cherkessia, not far from the Georgian border.

The apparent source of the signal, HD 164595, is interesting for a couple of reasons: It’s a sunlike star, about 95 light-years away from Earth, and it’s already known to have at least one “warm Neptune” planet called HD 164595 b. “There could, of course, be other planets still undetected in this system,” Gilster says.

Tuesday, August 16, 2016

Hackers holding stolen NSA cyber tools auction


FORTUNE: 

The teaser data dump appears to contain legitimate attack code, some experts say.

The United States government can’t seem to catch a break in cyberspace.

Hackers claim to have stolen attack code from a team of sophisticated cyber spies known as “the Equation Group,” widely believed to be associated with the U.S. National Security Agency, one of the world’s top intelligence outfits. The hackers have offered to sell their purloined exploits to the highest bidder in an online auction conducted in the cryptocurrency Bitcoin.

Although the alleged breach could just be an extravagant hoax, experts who reviewed a preliminary data dump teased alongside the hackers’ garbled sales pitch said that the files, amazingly, looked authentic. “This appears to be legitimate code,” Matt Suiche, a French cybersecurity entrepreneur, wrote in a Medium blog post, echoing what others had posted on Twitter TWTR -2.54% .

Get Data Sheet, Fortune’s technology newsletter.

“We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see,” the hackers wrote Saturday on the code-sharing site Github, as well as on Yahoo-owned Tumblr YHOO -0.94% (both later taken down). “This is good proof no? You enjoy!!!”

The lifted goods include exploits allegedly designed to target firewalls and equipment produced by Cisco CSCO -0.11% , Juniper Networks JNPR -1.08% , Fortinet FTNT 3.22% , and Topsec, a Chinese firm. The latest file modifications appear to date back to 2013, and names are consistent with NSA programs leaked by whistleblower Edward Snowden that year, such as “BANANAGLEE,” “EPICBANANA,” and “JETPLOW.”

WIRED: 

Among the sample files released by the group are exploits that target equipment sold by companies including Cisco, Juniper, Fortigate and Topsec, a Chinese network security firm, according to Matt Suiche, founder of UAE-based incident response and forensics startup Comae Technologies. Suiche says those exploits attack older versions of the equipment and don’t use “zero-days”—previously undiscovered flaws in target software or hardware. But he believes they had nonetheless remained unpublished until now and hadn’t been included in public collections of exploits like the tool Metasploit.

All of that weighs against any theory that the leaked data is a mere scam to score a few quick bitcoins. “To create [all this evidence] from scratch, it’s very unlikely but not impossible,” says Suiche. “It seems pretty legitimate to me, and I’m not the only one.”

On the other hand, the Shadow Brokers group certainly doesn’t seem to be running its auction in a very professional fashion. They require bidders to send cryptocurrency blindly to their bitcoin address, with no hope of getting their coins back if they don’t submit the winning bid. “Sorry lose bidding war lose bitcoin and files. Lose Lose. Bid to win!” the message reads. But it also promises a “consolation prize” to all bidders and adds that if bids reach the ludicrous sum of one million bitcoins, they’ll publicly release another trove of high quality data.

“Why I trust you?” reads another question in their FAQ. “No trust, risk. You like reward, you take risk, maybe win, maybe not, no guarantees.”

The Shadow Brokers’ page ends with a long message to “wealthy elites,” arguing that the tactics of hackers like Equation Group could put their control of global politics at risk, and suggesting that they too should bid on the stolen files. “We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control,” the Shadow Brokers’ message reads.

The haphazard auction and political message present a jarring disconnect: Any hackers capable of compromising the Equation Group or another NSA hacker team would likely have to be extremely sophisticated; the Equation Group, after all, went not only uncompromised, but undetected for 14 years, a remarkable track record of stealth and operational security for a team believed to have attacked targets from Russia to Belgium to Lebanon. Anyone capable of finding NSA hackers’ infrastructure, not to mention penetrating it, would likely have to possess government-level resources and talent.

Wednesday, August 3, 2016

BREAKING: Russia informs US that a chemical attack may have occurred in Aleppo


The Russian military informed the United States that rebels in the Syrian city of Aleppo launched an attack using toxic substances at 19:05 on Aug. 2, Interfax news agency reported on Wednesday, citing a Russian general.

As a result of the attack, seven people died and more than 20 people were sent to hospital, Interfax reported.

The fighting in Aleppo between government and rebel forces saw the largest rebel assault so far, according to monitoring group the Syrian Observatory for Human Rights, followed by suspected chemical attacks on Tuesday the BBC reported.

On July 30 and 31, the rebels blew up a tunnel under regime forces stationed in the Ramousah district of the city. The Syrian army, however, has fought back, aided by Russian air strikes. The Syrian Observatory said that it has managed to retake five of the eight positions the rebels had captured.

The insurgents are trying to break a government siege of their territory, which is home to around 250,000 civilians.

LinkWithin

Blog Widget by LinkWithin