Scribd
Upload
133 views26 pages

Surveillance

The document discusses surveillance programs deployed by the Five Eyes intelligence alliance (FVEY) consisting of the United States, United Kingdom, Canada, Australia, and New Zealand. It reveals secret NSA programs like PRISM, BULLRUN, TEMPORA, and XKEYSCORE that allow direct access to user data. The FVEY alliance also uses malware injected via fake websites and emails to covertly siphon data from targets' computers through programs like SECONDDATE, WILLOWVIXEN, and TURBINE. The document provides techniques for defending against such surveillance like using encryption, anonymity tools like TOR, and open-source software.

Uploaded by

sandhya vivek
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
133 views26 pages

Surveillance

The document discusses surveillance programs deployed by the Five Eyes intelligence alliance (FVEY) consisting of the United States, United Kingdom, Canada, Australia, and New Zealand. It reveals secret NSA programs like PRISM, BULLRUN, TEMPORA, and XKEYSCORE that allow direct access to user data. The FVEY alliance also uses malware injected via fake websites and emails to covertly siphon data from targets' computers through programs like SECONDDATE, WILLOWVIXEN, and TURBINE. The document provides techniques for defending against such surveillance like using encryption, anonymity tools like TOR, and open-source software.

Uploaded by

sandhya vivek
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 26

Anti-Surveillance approach to

prevails MAILWARE deployed by


FIVE EYES
Sandhya Sarma, Hemraj Lamkuche
Agenda

• Introduction
• Ed. Snowden Revelations
• Surveillance Program
• Injecting FVEY’s MALWARE
• Techniques to Defend against MALWARE
Surveillance
Introduction: Surveillance
• Surveillance: is the monitoring of the behavior,
activities or changing information,
• When it comes to computer: it includes
inspecting the activities in computer or device or
data stored or data being transferred over
internet.
• Surveillance: at 1st it is Purposeful;
2nd it is Routine; 3rd it is
Systematic;
Cont…
• The growing adaption of mass “passive”
surveillance programs gravely affects people’s
privacy over WWW.
• This type of surveillance is against the existing
law and policy protecting confidentiality of public
communications (private).
• Massive surveillance have broader & more
damaging consequences than previously
understood
Edward Snowden

Former System Admin (CIA)


Former Counter Intelligence (DIA)
Former DELL Contractor to NSA (U.S.)
Later, Infrastructure Analyst (NSA)
@BOOZ_ALLEN_HAMILTON

(Charged for leaking Millions of Top &


core secret documents)

Current Location: asylum in RUSSIA.


Edward Snowden: Revelations
• From 9 June 2013 onwards, Ed Snowden
exposed Secret NSA programs.
• NSA Director Keith Alexander initially estimated
that Snowden had copied anywhere from 50,000
to 200,000 NSA documents.
• Later estimates by U.S. officials were on the
order more than 1.7 Million (July 2014)
• NSA implants with counterparts so called ‘FVEY’
FVEY alliance or Five Eyes ?
FVEY !!!
• USA – “NSA” (National Security Agency)
• UK – “GCHQ” (Govt’ Comm’ HQ)
• CAN – “CSEC” (Comm’ Security Estb’ Canada)
• AUS – “SIGINT” (Signals Intelligence)
• NZ – “GCSB” (Govt’ Comm’ Security Bureau)
Surveillance Program
• SWIFT: Society for Worldwide Interbank
Financial Telecommunication.
• With SWIFT the intelligence agency
concerned about spying on the world
finance system.
• Monitored credit card transactions from
service provider: VERIZON, AT&T,
SPRINT NEXTEL.
//SECRET/ PRISM
• NSA’s direct access to servers of
Cont…
//SECRET/ BULLRUN
• Used to penetrate targets defenses.
• Groundbreaking capabilities
• Cracked internet encryption
GCHQ: //SECRET/ TEMPORA
• It’s Britain surveillance program to
monitored internet, emails, phone calls,
messages, GPS activity using OFC
cables.
• NSA’s Underwater OFC cables to
EUROPE @ 4372 GBPS
• ASIA PACIFIC @ 2721 GBPS
• Latin America @ 2384 GBPS
//SECRET/ XKEYSCORE
• Whatever you type on keyboard (Online)
all your logged keys will automatically
transmitted to NSA’s database.
• It is one of the core secret program run by
FVEY alliance.
//SECRET/ MUSCULAR
• Secret NSA programs for breaking the main
communication links of YAHOO and GOOGLE
data centers over the world.

• Then //SECRET/TURMOIL program is used for


processing the data collected from MUSCULAR
• Intelligently uses DATA-MINING techniques.
//SECRET/ MUSCULAR
Five Eyes Malware
• It is the best way to breach system security.
• Intentional flaws:
– Malicious Programs
– Non-Malicious Programs
• Unintentional flaws:
– Validation errors
– Domain errors
– Logical and bounding condition errors.
Cont…
• Uses fake facebook server
• Uses social media sites as launching pad to
infect target’s computer.
• Emails laced with malicious code
• Traversing user to fake servers
• NSA covertly siphon out data from hard drives.
• Lots of //SECRET programs runs by NSA
How malware works 
Cont…
Cont…
• //SECRET/ SECONDDATE is a program
used to influence real-time communication
between server-clients with NSA malware
server called FOXACID
• //WILLOWVIXEN: for Browser Exploitation
• //TURBINE: program to poisoned millions
of computer around the world using
malware.
Techniques to Defends against
such Malware
• Encrypt every single communication
• Use True End-to-End encryption
• Entrust Open-Source (Preferable)
• Anonymize yourself with TOR
• Off-The-Record OTR Chat services
• Use PGP for email protection
• TAILS OS – The Incognito Live System.
Still Need Privacy !!!
• Stay away from…
• GOOGLE, FACEBOOK, SKYPE
• AOL, YAHOO, VERIZON
• APPLE
• WhatsApp, Etc…*

And Read LICENSE AGREEMENT before


installing any software or application.
Lastly…

• SHARING is CARING !!!

- Anonymous
“If you think technology can solve your security
problems, then you don’t understand the
problems and you don’t understand the
technology.”

– Bruce Schneier

You might also like