Keep Our Service Free-Donate

Wednesday, March 8, 2017

A better understanding how the CIA spies on you & the world


 

Poor Man Survival

Self Reliance tools for independent minded people…


ISSN 2161-5543

A Digest of Urban Survival Resources

 


So you have a better understanding of what

Wickileaks revealed about the CIA & how they’ve been spying on you & the world

 

It happened again-- another spying scandal in the Land of the Free.

Yesterday Wikileaks released 8,761 CIA documents detailing the agency’s hacking of smart phones, routers, computers, and even televisions.

These files reveal that the CIA can and has hacked devices that were supposedly secure--  iPhones, iPads, and Android devices.

The documents further reveal that the CIA is deliberately infecting personal computers with spyware, including Windows, Mac OS/X, Solaris, Linux, and other operating systems.

They’re also hacking WiFi routers to deploy software that monitors Internet activity, and have even figured out how to bypass anti-virus software so that their spyware cannot be detected.

They’ve also managed to make the rest of the world believe that Russian hackers, not the CIA, are behind all this malware and spyware.

 

People have such a low expectation of their government now, and have become so accustomed to the government routinely violating their civil liberties, that there’s hardly any public outrage anymore about these spying scandals.

Wikileaks latest leak of near 9000 CIA documents once more reminds all the extent to which the NSA and CIA wish to eavesdrop into the lives of potentially every person on the planet, friend or foe does not matter for the CIA seeks to surveil everyone and everything through hacking of a myriad of internet connected devices from Android and Apple smartphone's to Samsung smart TV's, to the more traditional PC's infected with malware and web cam hacking routes. ALL used to surveil, record, catalog and process near infinite amounts of data across a network of huge data centers that have sprung up across remote areas of the United States during the past 15 years that tap into an estimated 98.6% of the worlds internet traffic generated by web connected devices.

Wikileaks Exposure of CIA Vault-7 Hacking Tools for total Surveillance:

7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency.

The first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones.

Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency's hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA's hacking capacities.

By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware. Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.

CIA malware targets iPhone, Android, smart TVs


CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA's DDI (Directorate for Digital Innovation). The DDI is one of the five major directorates of the CIA (see this organizational chart of the CIA for more details).

The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.

The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell's 1984, but "Weeping Angel", developed by the CIA's Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.

The attack against Samsung smart TVs was developed in cooperation with the United Kingdom's MI5/BTSS. After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.



CIA malware targets Windows, OSx, Linux, routers


The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware. This includes multiple local and remote weaponized "zero days", air gap jumping viruses such as "Hammer Drill" which infects software distributed on CD/DVDs, infectors for removable media such as USBs, systems to hide data in images or in covert disk areas ( "Brutal Kangaroo") and to keep its malware infestations going.

Many of these infection efforts are pulled together by the CIA's Automated Implant Branch (AIB), which has developed several attack systems for automated infestation and control of CIA malware, such as "Assassin" and "Medusa".

Attacks against Internet infrastructure and webservers are developed by the CIA's Network Devices Branch (NDB).

The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB's "HIVE" and the related "Cutthroat" and "Swindle" tools, which are described in the examples section below.

Evading forensics and anti-virus


A series of standards lay out CIA malware infestation patterns which are likely to assist forensic crime scene investigators as well as Apple, Microsoft, Google, Samsung, Nokia, Blackberry, Siemens and anti-virus companies attribute and defend against attacks.

"Tradecraft DO's and DON'Ts" contains CIA rules on how its malware should be written to avoid fingerprints implicating the "CIA, US government, or its witting partner companies" in "forensic review". Similar secret standards cover the use of encryption to hide CIA hacker and malware communication (pdf), describing targets & exfiltrated data (pdf) as well as executing payloads (pdf) and persisting (pdf) in the target's machines over time.

CIA hackers developed successful attacks against most well known anti-virus programs. These are documented in AV defeats, Personal Security Products, Detecting and defeating PSPs and PSP/Debugger/RE Avoidance. For example, Comodo was defeated by CIA malware placing itself in the Window's "Recycle Bin". While Comodo 6.x has a "Gaping Hole of DOOM".

CIA hackers discussed what the NSA's "Equation Group" hackers did wrong and how the CIA's malware makers could avoid similar exposure.

UMBRAGE


The CIA's hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a "fingerprint" that can be used by forensic investigators to attribute multiple different attacks to the same entity.

This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible. As soon one murder in the set is solved then the other murders also find likely attribution.

The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.

With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from.

UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques.

Fine Dining

Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out. The questionnaire is used by the agency's OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically "exfiltrating" information from computer systems) for specific operations. The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff. The OSB functions as the interface between CIA operational staff and the relevant technical support staff.

Among the list of possible targets of the collection are 'Asset', 'Liason Asset', 'System Administrator', 'Foreign Information Operations', 'Foreign Intelligence Agencies' and 'Foreign Government Entities'. Notably absent is any reference to extremists or transnational criminals. The 'Case Officer' is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types. The 'menu' also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained. This information is used by the CIA's 'JQJIMPROVISE' software (see below) to configure a set of CIA malware suited to the specific needs of an operation.

Improvise (JQJIMPROVISE)

'Improvise' is a toolset for configuration, post-processing, payload setup and execution vector selection for survey/exfiltration tools supporting all major operating systems like Windows (Bartender), MacOS (JukeBox) and Linux (DanceFloor). Its configuration utilities like Margarita allows the NOC (Network Operation Center) to customize tools based on requirements from 'Fine Dining' questionairies.

HIVE

HIVE is a multi-platform CIA malware suite and its associated control software. The project provides customizable implants for Windows, Solaris, MikroTik (used in internet routers) and Linux platforms and a Listening Post (LP)/Command and Control (C2) infrastructure to communicate with these implants.

The implants are configured to communicate via HTTPS with the webserver of a cover domain; each operation utilizing these implants has a separate cover domain and the infrastructure can handle any number of cover domains.

While Wikileaks provides further details of the total surveillance state that the NSA and CIA have been busy constructing, what's new is that the CIA / NSA actually PAY corporations to PRESERVE vulnerabilities in their systems and software, backdoors that the CIA is able to exploit, which means users are permanently exposed to hackers, criminals and other nations. So the CIA is actively PREVENTING CYBER SECURITY IN ITS OWN INTERESTS FOR RETAINING BACKDOOR ACCESS TO SYSTEMS!

In reality we already knew of the total surveillance game that the CIA has been playing for many years, as this reminder of what the intelligence agencies crime syndicate tends to get upto from back in 2013 when Edward Snowden first blew wide open the degree to which the NSA surveils everything and everyone, when they tried to defend themselves by stating that they only collected meta data rather than content which has remained the blanket propaganda response since to the CIA / NSA's full spectrum surveillance programs such as PRISM.

The CIA and NSA's response was to LIE, it's obvious the NSA not only collected meta-data but everything, even back in 2013, for it is quite straightforward for US intelligence agencies to bypass any badly worded Congressional limits to just collating meta-data rather than content as well, which is to use a third party and so in comes Britain's GCHQ, where just one of its surveillance programs TEMPORA involves the UK directly tapping ALL communications across ALL of the 300 or so fiber optic cables that pass through the UK. This content is in totality then made available to the NSA and in fact all US intelligence agencies and virtually all US intelligence contractors (commercial operations) and thereby the NSA subverts Congressional limits for recording meta-data whilst at the same time having full total access to CONTENT as well via GCHQ and other national intelligence agencies such as of Canada and Australia.




For more on how the US intelligence agencies such as the NSA subvert the US constitution then see the following excerpt from the 2013 article -

08 Jun 2013 - Internet is Intelligence Agencies Virtual PRISM for Total State Surveillance And Control

The PRISM  [which I began to write about back in 1998] system for the all prevailing global phone calls and internet access super surveillance state should not come as any surprise to most readers as new technologies are ALWAYS subverted by the state to spy on its citizens, and so citizens of the world have been given a glimpse into the current state of the surveillance state following leaks of the US operation PRISM which concerns ALL of your private phone calls, transactions, communications, accesses and interactions with virtually all of the major communications and web services from tech giants such as Verizon, AT&T, Google, Microsoft, Amazon, AOL, Yahoo and even Apple, who gave us the anti big brother sales propaganda against IBM near 30 years ago (1984), only now to be revealed that Apple too is part and parcel of the state security apparatus

It is increasingly becoming apparent that one of the primary reasons why the internet remains mostly FREE is because it is an excellent tool for not only spying on all aspects of ordinary citizens activities but also on their thought processes which is ultimately what intelligence agencies desire, to control the thought processes of individuals which they aim to seek through conditioning via tools such as the mainstream media, pseudo democracies and state education with further triggers reinforced through individual interactions with state agencies.

 

Meanwhile the CIA and most of the worlds intelligence agencies operate thousands of secret Gulag prisons containing many tens of thousands of political prisoners that the likes of past dictators such as Stalin would be proud of.

The intelligence agencies are arms of the elite, and that politicians and democracies are merely fronts for the elite to control as most of the population are taught in state schools to become docile debt slaves… central banks which is how the elite accumulate their wealth and through which they disenfranchise the mass of the population into owning nothing i.e. people with mortgages own nothing! All mortgage holders are just glorified renters, where if you stop paying the mortgage (rent) then you will be ejected from your home!

 

Yours for better living,

Bruce, the Poor Man


A Final Note…

You Have a 16-Cylinder Brain-Learn How to Use It and Reawaken the Genius Inside You!

 
 

 

Contributors and subscribers enable the Poor Man Survivor to post 150+ free essays annually. It is for this reason they are Heroes and Heroines of New Media. Without your financial support, the free content would disappear for the simple reason that I cannot keep body and soul together on my meager book sales & ecommerce alone.

Additional Resources

Contact! A Tactical Manual for Post Collapse Survival

 


Self Defense Training DVDs-New

 


Tactics for Self Defense III Defensive Mental Weapons Tactics DVD NEW


Tactics For Self Defense II (Tactical Edged Weapons I / Tactical Pistol II

Defensive Tactics Techniques Volume 2 Personal Protection Instruction DVD NEW


Defensive Tactics Principles Volume 1 Personal Protection Instruction DVD NEW

These items are brand new DVD Defensive Training Technique. Learn from a veteran instructor through this DVD series you will benefit from David's decades of operational and training experience.

$14.95 each- Media mail shipping included.  Find these & other useful items at:

http://retroguy.net/

 

Support our efforts by shopping my storefront…


 

 A Smoking Frog Feature, Shallow Planet Production

 

4 comments:

DAR said...

Great insight-no wonder we don't trust our government

MaryAnne said...

How right you are-do I feel any safer? Hell no. I feel condemned to live in nation which should be renamed 1984!

Larry said...

I have little doubt that Obama ordered our intelligence agencies to spy on Trump as he's proven he is untrustworthy. What did it for me was when I learned that he secretly paid $350,000 to undermine the election in Israel in 2012 then got all high and mighty when he blamed the Russians for supposedly interfering with the DNC during our election-what a two-faced jerk.

Mary Ann said...

I think I might need to join the Amish.