TIME hackers

Founder of America’s Biggest Hacker Conference: ‘We Understand the Threat Now’

Black Hat founder Jeff Moss speaks during the Black Hat USA 2014 hacker conference at the Mandalay Bay Convention Center in Las Vegas
Hacker Jeff Moss also known as The Dark Tangent speaks during the Black Hat USA 2014 hacker conference at the Mandalay Bay Convention Center in Las Vegas, August 6, 2014. Steve Marcus—Reuters

The hacker who has presided for 22 years over what is today the biggest hacker conference in the United States talks to TIME about Edward Snowden, Dorian Gray and hackers' changing role in society.

For one weekend every year, thousands of the world’s best—or worst, depending on your point of view—hackers meet in Las Vegas, Nevada, for Defcon. It’s one of the biggest hacker conferences on Earth, with about 15,000 attendees this year. It’s an event that some feel pushes the boundaries of legality, as hackers teach one another skills from lock picking and password cracking to evading government surveillance. The weekend is a celebration of hackish whimsy, the right to privacy and radical freedom of expression.

The light-up electronic badge needed to get into the conference can only be purchased with cash, and organizers collect no information about attendees’ identity. The place is rumored to be teeming with cybercriminals and federal agents alike, plus hordes of hackers trying to crack each other’s systems. Using the Wi-Fi is highly discouraged by some, for good reason: One room is home to an electronic bulletin board called the “Wall of Sheep,” which lists the user ID and partial password of any hapless hacking victim at the conference.

While covering the 22nd annual Defcon, TIME caught up with the founder and patriarch of the conference, Jeff Moss — better known by his hacker handle, “The Dark Tangent,” more commonly rendered simply as “DT.” With his pink t-shirt, short curly black hair, thin-framed rectangular glasses and a bouquet of badges dangling from his neck, DT looked the part of a pasty chieftain presiding over an ancient rite in digital dystopia. He doesn’t give out his age (Wikipedia places it at 39, which seems close enough).

This interview has been edited for length.

TIME: You’re ageless.

DT: I know. But I’m afraid at one point it’ll all come crashing down. What’s the horror movie where when the painting on the wall burns and everybody ages?

Do you have a Dorian Gray painting somewhere?

That’s my concern.

This conference has a nefarious reputation. Is that fair?

Oh yeah. I think there’s a little bit of nefariousness. The nefariousness is really more of an irreverence. You’re judged on what you know and what you can do, so it’s really kind of a put up or shut up culture, and you’re judged on what’s in your head, not how you look or what kind of watch you own. Sometimes people don’t know how to deal with that.

Is the Wi-Fi here safe to use?

It’s funny. It used to be you wouldn’t use our secured network because nobody really trusted it, they’d use their phone. Now everybody’s hacking the phones and intercepting phone calls and SMS messages, and nobody trusts their phone thanks to Snowden and all, and they want to use our secured Wi-Fi.

The last Defcon happened just after National Security Agency leaker Edward Snowden was first granted temporary asylum in Russia. Where does he fit into the zeitgeist of this community?

I think the cult of personality around Snowden has been replaced by concerns about what he revealed. Last year, there was sort of this sense of impending doom. It was like, “My God, what are you going to tell us next?” Now it’s like, “Ok, we understand the threat now. We understand what’s going on due to the revelations.”

Last year, it was just this sense that offense was so totally overwhelming, defense is helpless, what are we going to do, woe is me, the sky is falling. Now we’ve had a year, and you can see what the reaction has been: more energy than ever from the Electronic Frontier Foundation and the [American Civil Liberties Union]. Hackers like Josh Corman [an Internet security expert] trying to make a contribution to make things more secure. IETF [the Internet Engineering Task Force, which develops the protocols on which the Internet is based] has decided that pervasive Internet surveillance is a threat and needs to be taken into account for all future Internet protocols. You see Google and Microsoft investing money to create foundations to audit software. Everybody’s responding in their own way, so this year it feels much more hopeful. I think that’s a much more healthy response. We feel like we’re trying to take our own future into our hands.

Nothing changed before or after Snowden’s revelations. The security researchers knew that of course that’s what the NSA or any government can do. If you talked to the hackers last year it was like, “Of course you can do that. I’ve been doing that for 10 years.” But now that it’s sunken in at a more policy level you can have the conversation. Before you would say something to your parents and they’d be like, “Oh hahaha. You’re paranoid.” Next thing you know your parents are like, “Oh my God. You were not crazy. You’re not my paranoid son.” Now we’re at a place where people can relate and that’s a much more healthy place for us to be.

Do you have any demographic information on the people who attend this conference?

We don’t collect anything. Just the number of people. This is clearly a record. We plan for 5% growth or something and we exceeded that. Nobody saw the growth coming and there’s just this dot com feeling of people piling in more than ever.

I mean, this is the first Defcon TIME Magazine has attended.

Yeah! Do you know who else is here? C-SPAN!

…Really…

Yeah!

First time, huh?

First time. First it was just hackers talking to hackers, and then companies came in, and then it was other verticals, like telecoms. Now all of a sudden we’ve got medical, we’ve got policy, government. Just when we think we’ve gotten as many people who care about what we do here, all of a sudden a new greenfield [in engineering terms, a new creative frontier] room pops open and it’s airplanes, pacemakers and smart cars. That’s why I feel like there’s this energy. It’s like, “Oh my god, they’re listening to me! There’s a new avenue. I can do something new, try a new skill, develop my software.” It’s like greenfield again. Last year it sucked and this year it’s awesome.

TIME technology

A ‘Federal Agent’ Plays Slots and Talks at Las Vegas Hacker Convention

Hacking Conference
Hackers compete in a digital capture the flag game at the DefCon conference Friday, Aug. 5, 2011, in Las Vegas. Isaac Brekken—AP

A TIME reporter at one of the world's biggest hacker conferences talks to a self-described Fed in attendance

At Defcon, the annual hacker conference that met over the weekend in Las Vegas, attendees play a semi-official game called “Spot the Fed.” The object is to identify who among the rabble of computer geeks and hackers is an employee of the federal government. I spent the weekend reporting at Defcon and though I never went to claim a prize—I don’t think journalists are invited to play anyway—I do think I found a Fed.

As a conference that hosts speeches on topics like how to cyber-hijack a jetliner, Defcon takes pride in skirting the edge of legality. Feds, especially in the post-Snowden era, are not especially popular, though the place is rumored to be “crawling” with them, as one long-time attendee put it to me. Not all of them are covert; two years ago former head of the National Security Agency Gen. Keith Alexander spoke to the crowd. Then last year, in the wake of Edward Snowden’s massive leak exposing NSA surveillance, conference founder and patriarch Dark Tangent (his hacker handle) wrote an open letter asking Feds to sit out the event so everyone could cool off. This year’s Defcon saw no such request.

When I found Chuck, he was sitting alone, slow-nursing $20 in credit on a poker machine at a bar in the Rio Hotel and Casino, where the conference was held. He told me it was the best way to get drinks out of the place on the cheap—play real slow through $20 at the bar and let the bartender keep coming by with booze.

“That’s what this whole conference is about,” he said. “Hacks.”

DefCon types are famously authority adverse and antagonistic toward the press, and it’s possible Chuck was just a guy getting a kick out of messing with a TIME reporter. I couldn’t verify Chuck’s identity or even his status as a Fed—he refused to give me a business card or a last name or the details of where he works—but I’ll say this: he fit the bill. Middle aged, balding shaved head, button up hawaiian style shirt, polite, personable, frugal. He said he teaches information security to other employees of the Department of Defense. “I’d like to get the other side,” Chuck said when I asked him what he was doing at Defcon. “The things I’m trying to teach my students to prevent against.”

I asked Chuck if he was, at least partly, on the lookout for criminals. Defcon is also notoriously crawling with those.

No. I’m sure they’re all over,” he said. “That’s why [to get into the conference] you pay cash only and you get a badge that just says ‘Human.’ There’s everything from DOD entities, to NSA agents, to cybercriminals and everything in between.”

Had he seen other Feds at Defcon?

“We kinda spot each other. It’s just the way they move and the general feeling you get and the confidence that some of these guys project,” Chuck said. “When they don’t start just spouting off about what they know and try to brag about how smart they are.”

I asked what were the most interesting talks he’d seen.

“The ones that begin with ‘This is illegal. Don’t do it.’”

And how does he feel about such talks?

“I’m mixed, because I’m a really low-level Fed, so that in my thinks you shouldn’t be talking about this. But the IT guy in me thinks someone should be talking about this. Because if you don’t here then in six months we’re going to read about it in your magazine.”

Defcon, he said, is “about opening people’s eyes to the intrinsic insecurity of the entire IT realm. The fact that you can manufacture a device, a piece of software, and not care about security as long as it’s marketed well.These people get ahold of it and just break it wide open,” Chuck said. “And trying to get big business and the federal government and manufacturers to understand that if you put something in my hands I’m going to take it apart and figure out how it works. So maybe you should think about security a little bit more.”

TIME National Security

Reports: Snowden Granted 3 More Years in Russia

Former intelligence contractor Edward Snowden poses for a photo during an interview in an undisclosed location in December 2013 in Moscow.
Former intelligence contractor Edward Snowden in an undisclosed location in Moscow, December 2013. Barton Gellman—Getty Images

"If I could go anywhere in the world, that place would be home," Snowden said in an interview in May.

Former National Security Agency contractor Edward Snowden received permission to stay in Russia for an additional three years, his lawyer told local media Thursday, amid the worst U.S.-Russian relations since the Cold War.

Snowden revealed troves of classified information on the American government’s surveillance activities before fleeing the U.S. more than a year ago. He was shortly thereafter granted temporary asylum in Russia, which expired Aug. 1.

His lawyer in Russia, Anatoly Kucherena, was quoted in Russian news agencies saying Snowden received an extended temporary residency for three years, the Associated Press reports. However, Snowden has not received political asylum, which would allow him to stay indefinitely. Kucherena said applying for political asylum requires a separate process, but Kucherena did not say whether Snowden had begun that procedure.

The lawyer’s statements in Russia could not be immediately confirmed.

Snowden faces charges of espionage in the U.S., but Russia, which does not have an extradition treaty with the U.S., has refused to hand him over. The case was a major source of tension between the two countries even before relations deteriorated further following Russia’s annexation of Crimea earlier this year and its suspected support for pro-Russian separatists in eastern Ukraine.

[AP]

TIME intelligence

New Post-Snowden Leaks Reveal Secret Details of U.S. Terrorist Watch List

Edward Snowden, displayed on television screens, asks a question to Russian President Vladimir Putin during a nationally televised question-and-answer session, in Moscow, Thursday, April 17, 2014.
Edward Snowden, displayed on television screens, asks a question to Russian President Vladimir Putin during a nationally televised question-and-answer session, in Moscow, Thursday, April 17, 2014. Pavel Golovkin—AP

The documents are not as highly classified as the materials released by former NSA contractor Edward Snowden

The U.S. government believes that someone other than former National Security Agency contractor Edward Snowden has recently leaked secret national-security documents to the media, an official confirmed Tuesday.

The documents, published by the Intercept on Tuesday, detail the growth of federal terrorist watch lists. They were drafted after Snowden fled prosecution in the U.S. for Russia, when he no longer had access to classified intelligence networks.

CNN first reported that the government has assessed a second source of the documents. Classified as “secret” with instructions not to reveal them to foreign nationals, the documents would have been available broadly throughout the intelligence community and the military on the classified SIPRNet, the Secret Internet Protocol Router Network, the system predominantly used by former Army Private Bradley Manning to collect documents to pass to WikiLeaks.

That network is open to a vastly larger audience than the top-secret-level JWICS, the Joint Worldwide Intelligence Communications System, which was used by Snowden to gather as many as a million documents on some of the nation’s most sensitive surveillance programs. So far, just a couple of documents have been published, making it impossible to determine whether the source of the leak simply passed the Intercept a small number of documents or a larger contingent on the order of the previous leaks.

The published documents describe government efforts using the Terrorist Identities Datamart Environment (TIDE), a database used by federal state and local law-enforcement agencies to identify and track known or suspected terrorist suspects. The database has been subject to public debate and federal litigation, because of the secretive process that determines inclusion on this list.

The leaked documents say TIDE included more than 1 million people in June 2013, after Snowden had fled the country. The documents also detail use of the database in tracking possible combatants in the Syrian civil war and in providing security at events, like the Boston and Chicago marathons. A spokesman for the Office of the Director of National Intelligence declined to comment on the possible source of the leak.

TIME National Security

Government Spying Hurts Journalists and Lawyers, Report Says

A Human Rights Watch and American Civil Liberties Union report suggests NSA snooping prevents sources talking to journalists and compromises the relationships between defense attorneys and their clients

+ READ ARTICLE

Updated at 4:51 p.m.

National Security Agency surveillance in the U.S. has seriously hurt the ability of journalists to cover national security issues and of attorneys, particularly defense lawyers, to represent their clients, according to a new report out Monday.

Based on interviews in the United States with 46 journalists, 42 practicing attorneys, and five current or former senior government officials, the report seeks to document the tangible impact of NSA surveillance on Americans revealed by former NSA contractor Edward Snowden.

In particular, the report cites the degree to which the Obama administration’s tough crackdown on unauthorized leaks, in combination with revelations about the extent of government surveillance on Americans’ cell phones and online communications, has caused sources to vanish for national security reporters.

“Sources are worried that being connected to a journalists through some sort of electronic record will be seen as suspicious and that they will be punished as a result,” said study author Alex Sinha, a fellow at Human Rights Watch and the American Civil Liberties Union, which jointly issued the report. “As a result sources are less willing to talk to the press about anything, including unclassified matters that could be of significant public concern,” he said.

“I had a source whom I’ve known for years whom I wanted to talk to about a particular subject and this person said, ‘It’s not classified but I can’t talk about it because if they find out they’ll kill me,’ [figuratively speaking]” longtime National Security Correspondent for McClatchy Newspapers Jonathan Landay said for the report.

“It’s a terrible time to be covering government,” Tom Gjelten, a National Public Radio employee for more than 30 years, said. TIME was not listed among the news outlets from which reporters, many of whom chose to remain anonymous, were interviewed for the report.

Defense attorneys, who represent clients charged with a wide variety of offenses including terrorism, drug and financial crimes, among others, described how U.S. government surveillance has forced them to take extraordinary and often cumbersome measures to protect the privacy of sources and clients.

Such measures might include the use of complex encryption technologies, disposable “burner” cell phones, so called “air-gapped” computers, which are never connected to the internet as a precaution against hacking and surveillance, and in some cases abandoning electronic communications entirely.

“I’ll be damned if I have to start acting like a drug dealer in order to protect my client’s confidentiality,” said national security defense attorney Tom Durkin for the report.

“We are fearful that our communications with witnesses abroad are monitored [and] might put people in harm’s way,” said Jason Wright, who has represented terrorism clients as a military defense attorney before the Guantánamo commissions.

A report released earlier this month by The New America Foundation argues the NSA deliberately weakens cybersecurity, making online communications, study authors argue, less secure in general. The NSA has “minimization procedures” designed to limit the exposure of “US Persons”—Americans at home or abroad and others legally inside the United States—to the NSA’s wide-net surveillance programs. Privacy advocates contend they are insufficient and that, in any case, it’s impossible to verify their effectiveness because the details remain secret.

The Office of the Director of National Intelligence told TIME that, contrary to revealing a decrease in press freedom, the Snowden leaks are evidence that journalism in the United States remains robust and unencumbered.

“The Intelligence Community, like all Americans, supports a free and robust press,” said Jeffrey Anchukaitis, spokesperson for Director of National Intelligence James Clapper. “The events of the last year demonstrate that the IC’s foreign intelligence surveillance activities clearly have not prevented vigorous reporting on intelligence activities. U.S. intelligence activities are focused on discovering and developing intelligence about valid foreign intelligence targets to help defend the nation, not on intimidating or inhibiting journalists. Likewise, the IC recognizes the importance of the attorney-client privilege, and has procedures in place to ensure that appropriate protection is given to privileged attorney-client communications.”

To address problems raised in the report, HRW and the ACLU recommend reforming U.S. surveillance practices, reducing state secrecy in general and limitations on official contact with journalists, enhanced whistleblower protections and strengthened minimization procedures.

The report comes just days before the expected unveiling in the Senate of the latest iteration of the USA Freedom Act, a bill to reform NSA surveillance practices. An earlier House version of the bill was significantly gutted of reform measures, leading privacy advocates to pull support for the bill and try instead to get more substantial reforms through the Senate.

TIME National Security

The NSA Shared Sexually Explicit Photographs, Says Edward Snowden

Edward Snowden Gives First Interview In Russia
Former intelligence contractor Edward Snowden poses for a photo during an interview in an undisclosed location in December 2013 in Moscow. Barton Gellman/Getty Images

For some agents, Snowden says, the racy images were one of the "fringe benefits of surveillance positions"

Edward Snowden, the National Security Agency contractor turned whistle-blower, claims that “incredibly weak” oversight of U.S. surveillance programs enabled military personnel to obtain sexually explicit photos of people under surveillance and to sometimes share them with others.

In an interview with the Guardian, Snowden talked about the impact of poor auditing systems within the NSA. He claimed many people sifting through monitored communications were 18 to 22 years old and suddenly put in a position of extraordinary responsibility that was sometimes abused.

“In the course of their daily work they stumble across something that is completely unrelated to their work, for example an intimate nude photo of someone in a sexually compromising situation but they’re extremely attractive,” said Snowden.

“So what do they do? They turn around in their chair and they show a co-worker. And their co-worker says: ‘Oh, hey, that’s great. Send that to Bill down the way,’” he said.

Snowden, who lives in Moscow after being granted temporary asylum last year, added that this information is never reported and nobody knows about it because of inadequate oversight.

He said the interception of intimate images was “routine enough” and described it as “sort of the fringe benefits of surveillance positions.”

He added, “The mere seizure of that communication by itself was an abuse. The fact that your private images, records of your private lives, records of your intimate moments have been taken from your private communication stream, from the intended recipient, and given to the government without any specific authorization, without any specific need, is itself a violation of your rights.”

NSA spokeswoman Vaneé Vines gave a comment to the New York Times on the allegations. The Times paraphrased her as saying that “the agency had zero tolerance for willful violations of authority or professional standards, and that it would respond as appropriate to any credible allegations of misconduct.”

[The Guardian]

TIME Iran

Why Iran Believes the Militant Group ISIS Is an American Plot

A fighter of the ISIL holds a flag and a weapon on a street in Mosul
A fighter of the Islamic State of Iraq and Greater Syria (ISIS) holds an ISIS flag and a weapon on a street in the city of Mosul, Iraq, on June 23, 2014 Reuters

Conspiracy theories are nothing new in the Middle East, but the latest to come from Tehran is a self-protecting mechanism that could ultimately backfire

Iran’s English-language daily newspaper, the Tehran Times, recently ran a front-page story describing the Islamic State of Iraq and Greater Syria’s (ISIS) June offensive in Iraq as part of a U.S.-backed plot to destabilize the region and protect Israel. The story was an English translation of a scoop by the state-run Islamic Republic News Agency (IRNA), which cited a purported interview with National Security Agency (NSA) leaker Edward Snowden.

According to the article, Snowden had described a joint U.S., British and Israeli effort to “create a terrorist organization capable of centralizing all extremist actions across the world.” The plan, according to IRNA, was code-named Beehive — or in other translations, Hornet’s Nest — and it was devised to protect Israel from security threats by diverting attention to the newly manufactured regional enemy: ISIS.

The IRNA story appears to build on, or may have even started, an Internet rumor that has assumed truthlike proportions through multiple reposts and links. No mention of a “hornet’s nest” plot can be found in Snowden’s leaked trove of U.S. intelligence documents, and even though Snowden has not publicly refuted the claim, it is safe to assume that the quoted interview never took place. (IRNA has been known to report stories from the satirical Onion newspaper as fact.) Yet Iranian government officials and independent analysts in Iran alike cited IRNA’s report as definitive proof of ISIS’s American and Israeli origins.

Back when former President Mahmoud Ahmadinejad was in power, it was not unusual to see IRNA echoing specious wild theories dreamed up by the leadership, but since the more moderate Hassan Rouhani assumed the presidency in August 2013, the security establishment’s nuttier fantasies of deranged plots against Iran have been largely reined in. That is, until ISIS spilled out of Syria and started setting up camp next door in Iraq, where Iran has tight ties with the Shi‘ite-dominated government in Baghdad.

Even before the Snowden scoop made the rounds of Iran’s media, military commanders, citing their own sources of intelligence, struck a similar theme. On June 18, Fars News Agency quoted Major General Hassan Firoozabadi, Chief of Staff of Iran’s armed forces, saying that ISIS “is an Israel[i] and America[n] movement for the creation of a secure border for the Zionists against the forces of resistance in the region.” That Iran’s media, along with its leaders, is focusing on ISIS’s supposed external backers — as opposed to its origins in local terrorist groups, al-Qaeda and popular discontent in both Syria and Iraq — demonstrates a concerted effort to streamline the national narrative in order to project power and preserve stability. As an example of another Western plot against Iran, ISIS can be managed — so goes Iran’s thinking. But as a new, potentially more destabilizing threat on Iran’s borders, ISIS poses challenges that the leadership is still struggling to understand and respond to. The only problem is that dismissing ISIS as a Zionist conspiracy could end up undermining Iran far more than any supposed American plot.

In its previous incarnation as an Iraqi al-Qaeda affiliate, ISIS has been responsible for thousands of Shi‘ite deaths in terrorist attacks since its formation in 2003. The group’s current success in Iraq — by some estimates it now controls a third of Iraq’s territory, including the city of Mosul — has as much to do with its considerable funding and military prowess as it does the weaknesses of the Iraqi state, led by Prime Minister Nouri al-Maliki, an Iranian-backed Shi‘ite who has alienated Iraq’s large Sunni minority. Now that ISIS leader Abu Bakr al-Baghdadi has declared himself the emir of a caliphate spanning the Syrian-Iraqi border, he continues to advocate violence against members of the Shi‘ite sect, whom he calls apostates, and has threatened to destroy Shi‘ite holy sites in an attempt to ignite an Islamic sectarian civil war. That would likely cause the Iranian-backed government in Baghdad to collapse, forcing Iran to send in troops and sparking a region-wide conflagration.

Yet Iranian government officials refuse to accept that there is a sectarian root to ISIS’s agenda, or that ISIS was able to advance in part because of Sunni discontent. When American leaders suggested that al-Maliki’s Shi‘ite chauvinism may have played a role in rallying Sunni support for the ISIS advance into Iraq, and suggested he step down, Iranians saw it as a direct threat to their influence. “When ISIS started advancing into Iraq, the first thing the Americans said was that Maliki should be changed,” says Hossein Shariatmadari, editor in chief of the government-owned conservative daily Kayhan. “Maliki was democratically elected, so what does he have to do with it? Nothing. The Americans wanted to cut the ties between Iran and Iraq.”

Instead Iran has declared the group a region-wide terrorist threat that funded and peopled by outsiders, including the U.S., Saudi Arabia and other Gulf monarchies. So far Iran says it has not gotten directly involved in Iraq, though it is prepared to do so if necessary. (Official statements aside, there is significant evidence of Iranian support in the form of military weaponry, assistance and training, if not troops on the ground.) But if Iran does take a hand in the battle against ISIS, it will do so in the name of fighting terrorism — and not for the cause of supporting its Shi‘ite ally in government.

That’s a canny move that could explain, in part, the government line, says a Western diplomat in Tehran. To go in with an overtly sectarian agenda would invite a regional backlash that could harm Iranian interests and threaten the state. “It is in the best interest of Iran to present this group as terrorists, because that way no one can accuse Iran of backing Shi‘ites against a Sunni movement,” says the diplomat.

But if Iran continues to back Maliki against the will of a disgruntled, powerful and armed Sunni minority in Iraq, it could still invoke a backlash all the same. Which might explain why the government line also plays up the American and Mossad angle a familiar trope. If it all collapses, Iran can still blame the West for the debacle, says the diplomat. “If Iran can convince its people that there is a plot against the country that must be countered, while at the same time providing a narrative of counterterror to the world, they are protecting their interests and hedging their bets at the same time.”

Why IRNA had to concoct something so obviously fictional as a fake Snowden interview to bolster the narrative is still unclear. Even Shariatmadari, editor of Kayhan, is mystified. “I thought this interview was strange too, because all this happened after Snowden had access to those documents,” he tells TIME. Nonetheless, he ran the story on his front page as well.

— With reporting by Kay Armin Serjoie / Tehran

TIME intelligence

Report: Chinese Hackers Target Information of Federal Employees

John Kerry, Liu Yandong
U.S. Secretary of State John Kerry, left, and Chinese Vice Premier Liu Yandong attend the plenary session of the annual China-U.S. High Level Consultation on People-to-People Exchange at the Great Hall of the People in Beijing, China Thursday, July 10, 2014. Andy Wong—AP

Revelations come as U.S. Secretary of State John Kerry visits Beijing for bilateral talks

Chinese hackers penetrated the computer networks of a U.S. government agency in March, gaining access to databases that store the personal information of all federal employees, in one of the only security breaches of government servers in the past year, senior Washington officials disclosed to the New York Times.

It is unclear how far the hackers delved into some of the databases of the Office of Personnel — which stores applications for security clearances that list personal information such as financial data, former jobs, past drug use and foreign contacts of tens of thousands of employees — before the threat was discovered and thwarted by federal authorities, officials said. It is also not known if the hackers were connected to the Beijing government.

A senior official of the Department of Homeland Security said that although the Office of the Personnel contains personal information, a response team within the Homeland Security had not “identified any loss of personally identifiable information” during the cyber attack. Government agencies are not obliged to inform the public about security threats unless it is verifiable that personal information has been stolen.

Although the Obama Administration encourages companies to be transparent about security breaches, the attack on the Office of Personnel was never announced to the public because “the administration has never advocated that all intrusions be made public,” White House spokeswoman Caitlin Hayden told the Times. However, relevant federal, state and local agencies were apparently notified of the threat. “None of this differs from our normal response to similar threats,” she added.

The U.S. and China have engaged in bitter cyber security disputes in the past. The U.S. Justice Department indicted five alleged Chinese hackers from the People’s Liberation Army for theft of corporate secrets in May. Following the indictment, China halted plans to create a bilateral group focused on cyber security. Documents revealed by National Security Agency whistleblower Edward Snowden also showed that his former employer penetrated the systems of Huawei, a Chinese company that produces computer network equipment.

The new revelations come as U.S. Secretary of State John Kerry is visiting Beijing for the annual Strategic and Economic Dialogue — a discussion on American political, economic and security relations with China.

Although Kerry has not yet specifically mentioned the security breach, he said that cyber hacking on American companies had a “chilling effect on innovation and investment,” AP reports. Chinese foreign policy chief Yang Jiechi responded that the two countries had to establish trust to prevent future cyber attacks.

[New York Times]

TIME Surveillance

Report: U.S. Spied on Prominent Muslim Americans

Latest report based on documents leaked by Edward Snowden

The NSA and FBI monitored the emails of five well-known Muslim Americans between 2002-2008, according to a new report based on documents leaked by former NSA contractor Edward Snowden.

The Intercept, a news organization started by the journalist who first broke the Snowden story, reports that a government spreadsheet detailing the email addresses of monitored citizens was included in “FISA recap,” which refers to the secretive court that approves wiretapping and other intelligence activities.

Among the 7,485 email addresses listed on the spreadsheet are those of Faisal Gill, who served as an intelligence policy adviser in the Department of Homeland Security under President George W. Bush; Hooshang Amirahmadi, a professor at Rutgers University; Nihad Awad, executive director of the Council on American-Islamic Relations (CAIR), the largest Muslim civil rights organization in the U.S.; Asim Ghafoor, a lawyer who has represented clients in terrorism cases; and Agha Saeed, a former political science lecturer at California State University.

The five have denied any connection with terrorist organizations and do not have criminal records.

The office of the Director of National Intelligence denied the report Wednesday.

“It is entirely false that U.S. intelligence agencies conduct electronic surveillance of political, religious or activist figures solely because they disagree with public policies or criticize the government, or for exercising constitutional rights,” the office said in a statement. “Unlike some other nations, the United States does not monitor anyone’s communications in order to suppress criticism or to put people at a disadvantage based on their ethnicity, race, gender, sexual orientation or religion.”

Faisal Gill, who was accused of falsifying records in the mid-2000s to gain his security clearance but was later cleared by the Department of Homeland Security, found it “troubling” that the NSA was monitoring his Yahoo! and AOL email accounts.

“I just don’t know why. I’ve done everything in my life to be patriotic,” Gill told Intercept. “I think that certainly goes to show how we need to shape policy differently than it is right now,” he added.

Although the ODNI denied the report, the FBI and the Justice Department declined to comment. The Intercept says the reasons why the five were monitored remain unknown.

TIME intelligence

German Mistrust of the U.S. Deepens Amid Latest Spy Scandals

Angela, Merkel, German chancellor
German Chancellor Angela Merkel Ute Grabowsky—Photothek/Getty Images

Just as the outrage over U.S. surveillance in Germany was starting to die down, a fresh set of allegations sends their relations into another tailspin

The annual Fourth of July party this year did not go quite as the U.S. embassy in Berlin had planned. The event still gave the German political elites a chance to mingle with American diplomats, sample a hotdog and take home a box of donuts. But even as the band played the Star-Spangled Banner, some of the guests couldn’t stop grumbling about the spying habits of their hosts.

Just before presiding over the party on Friday, U.S. Ambassador John Emerson was called into the Foreign Office in Berlin to explain the latest case of alleged U.S. espionage against the German government. It wasn’t the first time. Since last fall, when German Chancellor Angela Merkel learned that the U.S. had been tapping her cell phone for years, U.S spying allegations have eroded decades of trust between Berlin and Washington. But the mess just keeps getting worse.

Last week alone saw two separate scandals involving U.S. espionage in Germany. The first one broke on Thursday, when German media reported that the U.S. National Security Agency, or NSA, has been spying on a German privacy advocate who works to protect Internet users from the snooping of … the NSA. The following day, July 4, a second scandal broke in the German daily Süddeutsche Zeitung and other media, which reported that an employee of Germany’s foreign-intelligence service, the BND, had confessed to selling secrets to the U.S. government. New details of that case continued to emerge on Monday, with Reuters reporting that the CIA was involved in the spying operation that led to the man’s recruitment. But German officials have confirmed little about the investigation, saying only that a 31-year-old man was arrested July 2 on suspicion of spying for a foreign government.

So Chancellor Merkel, who is on a trip to China this week, was cautious when asked about the case on Monday. “If this is true, then I believe we are dealing with a very serious development,” she told a news conference in Beijing. “I would see this as a clear contradiction to what I understand as trusting cooperation of intelligence services as well as of partners.”

Not everyone in the German leadership has been so diplomatic. After their long experience living under the watch of their own secret police — first the Nazi gestapo and then the East German Stasi — the German public is particularly sensitive to issues of individual privacy. So they were especially alarmed last year when Edward Snowden, the NSA whistle-blower, revealed how millions of German citizens, including Chancellor Merkel, had been caught up in the NSA’s dragnet surveillance programs.

William Binney, another NSA whistle-blower, testified last week before the ongoing parliamentary inquiry into the Snowden leaks in Germany, and his characterization of U.S. spying practices as “totalitarian” and “senseless” made headlines across the country. The latest set of spying allegations came out against this background, and the public reaction was summed up nicely over the weekend by German President Joachim Gauck, who said if the allegations are true, “It’s really time to say, ‘Enough already!’”

What makes the most recent scandal particularly galling is not the scale of the spying so much as its apparent clumsiness, says Sylke Tempel, the editor of a leading foreign-affairs journal in Berlin, Internationale Politik. The suspected double agent at the BND was apparently not even providing the U.S. any groundbreaking intelligence. According to the German media reports, he approached the U.S. embassy in Berlin offering a small stash of secret files, some of which were related to the German Parliament’s probe into the Snowden leaks. “They could have gotten that same information just from talking to German lawmakers,” says Tempel. Instead, the U.S. reportedly paid the man about $34,000 for his secrets.

Asked to respond to these accusations on Monday, White House spokesman Josh Earnest said the U.S. would “work with the Germans to resolve the situation appropriately.” But he declined to say whether any of the claims were true. “What I can say, more generally, though, is the relationship that the United States has with Germany is incredibly important,” Earnest said.

But if the U.S. had wanted to repair some of the damage to that relationship, it could have informed the BND that one of its employees was hawking secrets, says Constanze Stelzenmüller, a senior fellow at the German Marshall Fund in Berlin, a think tank focusing on U.S.-German ties. “That would have been a huge help in rebuilding trust,” she says. “So I don’t know what our American friends were thinking. This is just awful incompetence.”

So far, the scandal doesn’t seem likely to cause any sudden rupture in relations, but the broader lack of trust is sure to eat away at Germany’s willingness to help the U.S. on a variety of issues. By the end of this year, the U.S. is hoping to sign a free-trade and investment deal with the E.U., where Germany has a decisive vote. In the Western standoff with Russia over Ukraine, the U.S. also needs to maintain solidarity across the Atlantic, and it could find support dwindling for new sanctions against Moscow if Germany turns away. “The spying just adds to the feeling of exasperation, disillusionment, fatigue with America,” says Tempel. “It becomes so much harder to defend the transatlantic relationship.”

That issue becomes more important — especially for younger German voters — as each new spying scandal breaks, and that has made it costlier for a German politician to tout the U.S. as a trusted friend and ally. “This is indicative of larger trust issues,” says Stelzenmüller of the German Marshall Fund. “This isn’t something that just blows over.” Yet when the U.S. ambassador arrived on Friday to address the Fourth of July party, he made no mention of the scandals that all his guests were talking about. “We are a nation of forests and fields and farmlands,” Emerson assured them from the stage before the band began to play. “Of mountains high and deserts wide.” But to a growing part of the German electorate, the U.S. has come to feel a bit like a nation of spies.

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser
Follow

Get every new post delivered to your Inbox.

Join 46,386 other followers