Can the CIA and NSA Be Trusted With Cyber Hacking Tools? — UK: Government’s surveillance powers to be challenged in High Court — Israel’s Mossad sets up fund to acquire new spy techniques — EU: states invited to form units to report terrorist content on the web
WASHINGTON — In 2015, when the news broke that the Pentagon had mistakenly shipped samples of live anthrax virus around the world, officials immediately faced tough questions from reporters. A review was ordered. The military equivalent of a grand jury investigation was launched into the question of leadership failures.
This week, the fruits of another risky American government experiment wreaked havoc, but the response was much different.
A sophisticated cyber attack disrupted companies and governments in the U.S. and abroad. The malware used in the attack capitalized on vulnerabilities in Microsoft’s operating system that had been stockpiled by, and were stolen from, the National Security Agency, former NSA officials told NBC News. Dubbed Petya by some, the attack was similar to the WannaCry virus, which spread in May to 150 countries and was also developed to attack a software flaw revealed in an NSA leak, former officials said.
The Government’s anti-terror surveillance powers are being threatened by a legal challenge after the High Court granted permission for a judicial review of the Investigatory Powers Act.
The High Court has agreed to the human rights group Liberty’s request for part of the controversial law, dubbed by critics as the “Snoopers’ Charter”, to be challenged with a judicial review.
The challenge will focus on three powers outlined in the act that grant the security services’ widespread surveillance abilities: the permission to hack into computers, the mass interception and collection of communications data, and the acquisition of personal data sets from companies and organisations.
Theresa May has said the law is designed to keep the public safe and that it upholds citizens’ privacy and security.
But critics say it is invasive and threatens citizens’ privacy, giving GCHQ, MI6, MI5 and the police the power to hack into computers without a warrant and requiring communications service providers to collect information about citizens’ internet browsing habits for 12 months.
Israel’s Mossad intelligence agency has set up an investment fund to help development of new cloak-and-dagger know-how and is offering grants of up to 2 million shekels (about $570,000) per project to bring in new ideas.
A government statement on Tuesday said Mossad was seeking technologies in various fields, including robotics, miniaturization and encryption as well as new automated methods of gleaning information from documents and new ways of carrying out operations more stealthily.
A statement by the new fund, called Libertad, said it would be willing to give grants of up to 2 million shekels per project in exchange for non-exclusive rights to the technology.
Developers would retain the rights to their product and could sell it on, it said.
“The Mossad wants to encourage innovation and creation of groundbreaking technology … the technology developed will be implemented by us, in cooperation between the parties,” Libertad explained in a document.
It advised potential applicants to “closely observe” areas of interest on its website and said that calls for proposals would be posted publicly.
The Commission calls on all European Union (EU) states to set up terrorist reporting units on the web in order to combat the phenomenon of online radicalisation.
The report came on Thursday during its eighth report on the Security Union. The European executive will also soon set up a group of experts on radicalisation “to facilitate the formulation of new EU policies in this field and increase their impact”.
To deal with cyber threats, President Juncker’s team also announced a series of measures. It will release, among other things, a funding envelope of nearly 11 million euros to strengthen several national centres for responding to computer security incidents. The European Center for Combating Cybercrime will have new IT specialists.
The Commission also announced on Thursday that it is looking into possible legislative measures to improve cross-border access to digital evidence.
INTEL TODAY DIARY– July 2 2017