Online PC Support

OPS Technical Solutions : +1 833-522-1003

Welcome

‘New’ White House Policy Permits NSA to Hide Security Flaws

Post Heartbleed bug, we are aware of bugs which are capable of exploiting vulnerable websites. Hence, the ‘New’ White House Policy declared that National Security Agency should disclose most major security vulnerabilities to avoid such widespread security threats caused by Heartbleed bug recently. However, President Obama has allowed the agency to keep some minor flaws secret for “a clear national security or law enforcement need”, as confirmed by a senior administration official.

Agency used Heartbleed bug for last two years

Although NSA rebuffed, but a Bloomberg report revealed that National Security Agency knew about the Heartbleed bug and agency has known about the security flaw for more than two years and also, used it to spy and gather intelligence. Hence, NSA’s spying efforts to keep Heartbleed flaws under the wraps has posed massive threat for all Internet users. As per the report, “NSA was able to obtain passwords and other basic data that are the building blocks of the sophisticated hacking operations at the core of its mission, but at a cost.” The report has also added that “Millions of ordinary users were left vulnerable to attack from other nations’ intelligence arms and criminal hackers.”

NSA denied use of Heartbleed bug

Friday, NSA has rebuffed what the report claimed and has issued a denial of the “knowledge or use of” Heartbleed bug. The Office of the Director of National Intelligence has claimed to have learned about the existence of Heartbleed bug and the security flaw as it was exposed by a cybersecurity report. The agency has clearly stated that “NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private-sector cybersecurity report. Reports that say otherwise are wrong.”

NSA needs to keep certain level of security flaws secret that they can exploit to gather intelligence, however, if such bugs are not alarmed, expose our online accounts and Internet usage exploitable by cyber criminals.

In addition to keeping secret of such security flaws, NSA is also known to acquire flaws by “covert purchases of software vulnerabilities” from malware vendors as well as creating such vulnerabilities, as per Snowden documents which were uncovered to Reuters last year.

NSA Hacked and Installed Malware on More Than 50,000 Computer Networks

Earlier in September, British intelligence service (GCHQ) was reported to have planted malware on computer via SlashDot and LinkedIn on the to trace Belgacom’s Engineers. Yesterday, another new revelation surfaced when a PowerPoint slide has been released by Dutch newspaper NRC Handelsblad. According to the document, the American security agency has spread malware computer networks to infiltrate and conduct spy operations. NSA has hacked more than 50,000 computer networks, as per the new PowerPoint slide released by former NSA-employee Edward Snowden and found by the newspaper. In that slide, the document contains a global map that demonstrates that more than 50,000 computer networks mapped as “world-wide implants”. The malware is written to infiltrate those networks to extract sensitive information.

How NSA breaks into computer security?

The management presentation slide dated in 2012 proved that the National Security Agency uses Computer Network Exploitation (CNE) which covered those 50,000 computer networks spotted as hacked by NSA. Computer Network Exploitation is a covert infiltration process in which NSA installs malicious software on the network to steal information they require.

NSA employs hackers?

According to public sources, NSA computer network infiltrations are performed by hackers. A dedicated department of NSA called Tailored Access Operations (TAO) is designated to perform such hacking activities; the department is known to recruit more than one thousands of hackers to conduct this covert cyber operations. Earlier in 2008, NSA had installed about 20,000 implants as revealed by Wall Street Journal. Later, the count of CNE operations went on to become 50,000 and proved increased incidence of such secret malware installation by NSA. As shown in the map, Venezuela and Brazil are the two countries to be highly targeted for such malware install and hacking operations as the chances of being detected in those countries are slim. Once implanted, the malware is controlled remotely, to turn on and off. Moreover, the malware or the “sleeper cells” can be simply activated with just a push of a button.

The Important Role of Cyber Wars in Creating National Security Issues

The former White House advisor Richard A. Clarke recently wrote a book named Cyber War: The Next Threat To National Security And What To Do About It. In the book, he mentioned that Microsoft was a successful business organization with low quality products. According to him, Microsoft built their billion dollar empire with market dominance and poor standard of goods.

Clarke has been well known for his talent and foresight as he even warned the White House about the September 11, 2001 attack on Twin Towers. He became an important public figure on security issues after the incident and everything he says are taken seriously.

Danger to America due to Cyber war

In the book, Clarke said that America has more disadvantages than most other countries in the cyber war and the civilians and civilian organizations have more chance to get harmed by the cyber war than the government itself as they are directly related with the civilian system.

An imaginary situation

He quotes the example of the Distributed Denial of Service (DDoS). In the book, Clarke describes an imaginary situation. He asks you to think of yourself as the President’s Assistant of the Homeland Security. If you find a message in you cell phone from the National Security Agency, stating that a severe malware is taking over the internet within USA territory and causing some massive damage. However, by the time you reach your office, one of the main networks of DoD has crashed and the malware is spreading very fast, causing some of the major security breaches all over America. Air traffic system can collapse, data storages in FBI, CIA and NSA can have a major blockage, the whole country will have black outs. The question is what you should do.

The book caught the eyes of most of the chief magazines including Fresh Air, Wired, and Wall Street Journal, that made reviews on the book. Most of them supported Clarke’s ideas and supported his suggestion to take necessary security steps.

Permanent solutions for Cyber war scare

Clarke blamed the government regulations for the delay in decisions to take necessary steps against the problem and he made a list of the companies that can be severely affected in the country. In his list, Microsoft took the 5th place among the seven business associations. He said that Microsoft has always been one of the major donors for the American government; but this is a way of telling them to use their products in places like the Pentagon, causing a huge volume of security flaws in the programs. He claimed that by making the large donation, Microsoft wants to keep the government’s mouth shut about their business with China.

Clarke does mention that Microsoft never claimed that their products are designed to work with critical networks; however his methods were unsuccessful in making a good impression. He said that the goal of Microsoft is to sell their product at a low cost without caring about the quality.

Several of the suggestions made by Clarke have faced criticism by the technology reviewers and his scary story about Microsoft was also not well accepted by all.

Call Now: +1 833-522-1003
Call Now: +1 833-522-1003
Call Now: +1 833-522-1003