Category Archives: International Cyber Policy

12/3/12

Bitcoin and Policy Makers

gATO ReAd- that holiday madness spending increased by 35% by smart mobile devices – like phones and Pad devices these new devices are also the target of digital currencies everywhere. Companies see the need to integrate digital currencies no matter what into their revenue stream. Here are a few attempts:

American Express is the first financial giant to enter the Digital Virtual Currency game, it has payed 30-mill for Sometrics – a game money processor gamecoins.com so AE has taken the first steps into Virtual Digital Currency it see’s a future in this new revenue stream and their rewards packages so it’s a fit made in gamer heaven and American Express customer base.

American Express Gamer Digital Virtual Currency

Facebook is also on the fast track to makes it’s Payment business grow it’s Facebook Credits. The requirements for money transmitter licenses vary from state to state but in the global scale Facebook is ready to get it’s digital virtual currency into the Facebook arena.  From FaceBook filings -Payments. We provide an online payments infrastructure that enables Platform developers to receive payments from our users in an easy-to-use, secure, and trusted environment.

Google Bucks stopped short of launching – Google still made the code available- “bitcoinJ” still stand tall in googles codebase  — http://code.google.com/p/bitcoinj/  — .

Moba-coin In Japan DeNA available to players in the Mobage Digital gaming reports second quarter earnings – bringing in 700 million in Japan alone. Moba-coin rose outside Japan to about 30 Million. DeNa reports a 45% year to year 627 million up 38 percent over operational profits. Digital currencies are popping up everywhere local, regional to worldwide. Mastercard is also on the gray area of a deal in Bitcoin with BitInstant.com they are one of the gatekeepers of the Digital Virtual Currency marketplace and into Bitcoins -BTC -BitStamp, -DWolla or Mt.Gox and many more like a simple MoneyPak from Walmart and your in the Bitcoin business it’s that simple..

Bitinstant is one of the leaders in Cash to anything:

MoneyPak From:—  MoneyGram – CVS – Jewel/Osco – Duane Reade – Stater Bros. – Albersons – Walmart -

A Bitcoin WALLET is simple as apple pie – all Bitcoin are numbers/letters you want to send me some Bitcoins – HERE – 1DhBiBeYD4JNZvim4EefnEoFV2WMFc7e5d -  send it to my wallet. Were is my wallet well Online- you can have a wallet on your computer and of course have a paper backup of your primary key. Or you can us a service to keep your wallet but you have it encrypted  and you can have a backup of your wallet to your computer and once again on paper. Since the wallet is only needed to connect to the p2p Bitcoin network well you can get you money anywhere you have a connection and at least your paper key backup. https://blockchain.info/wallet is a good Wallet service and one they have lots of Bitcoin information to boot and yes gAtO stores his wallet here. I trust them but I have a backup.

How a bit coin Transaction Works:

http://occupycorporatism.com/wp-content/uploads/2012/11/06Bitcoin-1338412974774.jpg

Then we hear about Iran and Bitcoins:

Hyperinflation has made Iraian money dollar-less so now they are turning to (DC) Digital Currency Bitcoins. The advantage is that they can be swapped for US currency and kept outside the country. Iran is not the only one – As we see in Syria there Internet closure not only does it stop communication but it’s slowed down money escaping the country into cyberspace. This is another way for a government to stop the Digital Currency from expanding but these are drastic ways that cannot be kept up for long. The Internet will come back and so will the new digital dollars like Bitcoins.

So Iranians are poking holes by using Bitcoins with VPN’s and Tor :No I been checking TorStatus and Yes Syria has no Tor OR at all and Iran has 3-4 open ToR and a few Bad ones. So Tor is not a connection but a new outlet is the Internet in a suitcase used by the U.S during the Arab Spring is the same pokes and peeks that the dissidents are using to get to the outside world. But the fact is that they can get around and register offshore accounts that are protected from the Iranian government or economy. If Iranian keep using Bitcoins when they come out of sanctions and restrictions they are a major Oil country and Bitcoins may be intrenched into their economy. What happens to this currency???

Bitcoin has come out on top of most attempts to stop it but on it’s 4th birthday Jan 9 2013 this 4 year old is ready to pounce the worlds financial markets. Now Belgium-based Society Worldwide International Financial Transfer (SWIFT) is one of the gate-keepers that must be challenged. They serve as an International Financial Law interpreters like it blocks any Iranian bank blacklisted by the EU Union from using it’s International payment system. Do you think SWIFT wants a competition like Bitcoins with just about 0% transaction fees- that cuts to much into it’s base income model. The velocity of transfer is being deleted more and more by new digital currencies Bitcoin is just one of the first to survive.

Yeah I’a a Bitcoin supporter now but it’s still beta ware people, 21 million Bitcoins we need Bitcoin 2.0 for a world market economy maybe google BitcoinJ is the model??? - gAtO oUt 

Virtual Currency

 

System-D

Google Bucks

http://code.google.com/p/bitcoinj/

FaceBook Credits

http://www.americanbanker.com/issues/177_35/facebook-credits-money-transmitter-license-bank-regulation-1046825-1.html

American Express

Sometrics – Game Dollars

http://techcrunch.com/2011/09/20/american-express-buys-virtual-currency-monetization-platform-sometrics-for-30m/

High retail sales expected to drive revenue growth

Canada’s MintChip

BitCoin

Mastercard/Bitcoin

http://www.forbes.com/sites/abegarver/2012/08/24/bitcoin-mastercard-everywhere-you-shouldnt-be/

 

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2012/12/DC_0202.tiffDigg ThisSubmit to reddit
07/9/12

Latino Hacktivist on the Rise

gAtO cHeKs –  http://pastebin.com/trends“>http://pastebin.com/trends  – every day or so just to get a pulse on the hacktivist movement. One thing has change I see more and more Latinos getting involved in social cyber activist. Below is a break down of what I saw it’s good to see Latino nation using the social media for political dialog. As more of the world understands the importance of the new ways of connecting via the matrix, we will have more freedom of speech in cyberspace for everyone.

Let’s take a look at what my Latino brothers and sisters, si – Latina women are very much in the hacktivist roles all over Twitter sphere (#tangodown #dos ). Let’s take a look at today Sunday 1407 July,8 2012 -

A few post – goes out to the new cyber latino hacktivist and of course give thanks to Sweden and Italy brothers and sisters that have help the education of the spanish crowd-source with cyber hacktivist 101. But this was a big hit to -.MX Mexico is becoming a new cyber hot-bed for these cyber strikes –/ I have seen more and more hacktivist attacks at the Mexican politicals like MEGAMARCHA- against  “Public Radio International” or their message../ mAyBe nO-sI –-  it’s about the PRI Mexican Party, corruption and the protesters went for both, that party and the Radio noise that helped them.

Besides Mexico, you have a push at UASD from a few sources with the Spanish hacktivist–/  a -DoX from Columbia I think  and a plan for the Olympics cyber lulz. From the Latino community this is a big show and tell on pasternBin.com  – gAtO oUt

Reference:

.02.) Mexico 1. http://pastebin.com/CRu8raYU #PrimaveraMexicana—— #Anonymous #Opmexico #Megamarcha #ExigimosDemocracia #PrimaveraMexicana#PrimaveraMexicana

 

.01.) Mexico MEGAMARCHA -MEGAMARCHA! this was the new dump: http://pastebin.com/HcCN7kCv

  1. MADE BY CONDOR SECTOR404. SALUDOS HERMANOS
  2. MEGAMARCHA VS el pri a le horas que usteden quierena empezamos:
  3. SALUDOS LATINOAMERICA,IBEROAMERICA,ANONEXICO,ANONIMOUSMEXICO,BRASIL,OPCOSTARICA,OPINDIA,ANONSWEDEN,ITALY

 

Latino Hacktavist- gAtOmAlO2

Latino Hacktavist- @gAtOmAlO2

 

1.) Mexico 1. #Anonymous México. #OpMarchaPacifica – Untitled  http://pastebin.com/S8kZ02Ua

2.) Operación #OPSalvemos a la #UASD, Gracias por Leer esto #Op Salvemos la UASD. –http://pastebin.com/z1qTzz3n

3.) FALSA BANDERA OLIMPIADAS 2012 (NUEVOS AÑADIDOS) -Olympic Plans Overview – This is a planing stage Olympics latino based in London http://pastebin.com/T5Gu6p6s

4.) A spanish DoX – DOXEO JUAN PABLO FRANZONI http://pastebin.com/2WGmPgcx 

5.) Dominican Anonymous.-Anonymous Explica como esta hackiando la pagina de la UASD. http://pastebin.com/G5yE6uGr  – Administrators or webmaster of the site of the #UASD

6.) Mexico – Leaks Name & Password http://pastebin.com/GjTGdC6k -@Anonymousbr11  @Anon_central @AnonymousOIC  Target:http://www.isc.gob.mx

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2012/07/cyber_latino.tiffDigg ThisSubmit to reddit
05/28/12

We live in a cyber surveillance Planet

We live in a cyber surveillance Planet- On this memorial day I think of my brothers in Vietnam who never made it back, Chet and Monty never came back. Well Monty came back but half of his brain was gone and so was my friend who taught me to play guitar. Chet taught me how to get a girl to kiss me, while learning the pentatonic scales on my first guitar in L.I.C high School– They are the reason why I’m writing this today in their honor, in their name.

Chet, Monty welcome home—

gAtO tHiNkInG- your OS is spying on you and so is your: application, your browser plugins, Cookies, Extensions, Shockwave/Flash, Java, QuickTime, PDF and DOC, XLS, PPT any time you open a document you leak information, you leave a digital bread crumb that they can collect it, and sell it on the open market and you have no say so. Meanwhile they scare you be telling you only the criminals use the ToR network, why because they cannot collect information about you, you are invisible to them and they don’t like it when you play there game by your rules not theirs.

silent information is being collected about us

silent information is being collected about us -in the cyber surveillance World

— cameras are everywhere you have nothing to worry about from these device -because your cell phone is your worse enemy, it carries more personal information about you than you think and they -business, politicians and law enforcement knows it. Just take a picture with your iPhone, the geo-location information and other data will be part of the metadata that is in the picture, that’s the way they caught the hacker w0rmer -Teamp0is0n growp-  he took a picture of his girlfriends boobies…She lived in Australia and they traced it back to Texas and got him…

 

Higinio O. Ochoa III: FBI led to Anonymous hacker after his girlfriend

www.dailymail.co.uk/…/Higinio-O-Ochoa-III-FBI-led-Anonymous-h…

Apr 13, 2012 – The picture shows a woman from the neck down with a sign attached to her stomach, reading: ‘PwNd by w0rmer & CabinCr3w 

In order to control us (the sheep and dogs) the political’s in their essence of powers that we give them, seek to extend the ability of law enforcement agencies to have access to all Internet traffic data, a power that they largely already have when it come to conventional telecommunications, or email services. But they want more and more. Everything that you have typed as a message: the identity and time of your facebook chats, your facebook likes, your twitter feeds and mentions too, the log of the visits to all web-pages, the clicks on on-line polls, the location data your phone sends to access on-line location services, the times and places you were in the same chat room with your friends, your on-line friends, etc.

Basically it’s like having a cyber policeman following you around 24h a day / 7 days a week, and making notes about where you have been, what you have looked at, who you are talking to, what you are doing, where you are sleeping (and with whom), everything you bought, every political and trade union meeting you went to, … – Traffic data provide an X-ray of your whole life, and the policy suggests they should be available to law enforcement and the intelligence services without any judicial oversight (only political review or police oversight). That is why the ToR network comes at a time like this when all this is happening.

Who Uses the ToR network:

  • Normal people
  • ? Law Enforcement
  • ? Human Rights Activists
  • ? Business Execs
  • ? Militaries
  • ? Abuse Victims
  • ? https://torproject.org/torusers
  • Governments

Here is a recent example of cyber covert war:

These are some of the covert-cyber-Ops that our government is doing. They use ToR network so the enemy does not see a .gov or .mil address, in the matrix you could be from Germany to China your information is confidential and you can proceed with your hacking at the enemies website and they will never know it’s you.

pOwEr tO tHe pEoPlE

May 24, 2012 Clinton Reveals Cyber-Warfare Tatics Against Al-Qaida:

Mrs Clinton said the hacking was conducted by the Centre for Strategic Counterterrorism Communications, based at the State Department, with expertise drawn from the military and the intelligence community. The State Department’s activities are part of online efforts to stem the spread of radical Islamist ideology that stretch back at least a decade.

The US Central Command had a team that monitors blogs and forums, targeting those that are moderate in tone and engaging with users, said Major David Nevers, former chief of the team. ”We try to concentrate our energy and efforts … [on] those who haven’t been radicalised. The idea is to go where the conversation is taking place, using … extremist commentary or propaganda as a jumping-off point to people who are listening in.”

Evan Kohlmann, a terrorism consultant who tracks jihadist websites, said the tactic could harm al-Qaeda’s image among potential recruits but questioned its effectiveness on the ground.

”If you’re already living in Yemen and in a tribal area, you probably don’t need to go to a website to join al-Qaeda,” he said.

Read more: http://www.smh.com.au/it-pro/security-it/us-hackers-take-cyber-war-to-alqaeda-sites-20120524-1z7rs.html#ixzz1w7P5y7S6

This was a lame hack in my humble gAtO opinion

We don’t need a total surveillance state- we already have one and they are monitoring us, and we are under cyber surveillance at all times. So escape use the ToR network and be a little more secure. When the Bilderberg group or the Skull and Cross or other groups of political/monetary influence meet their number one fear is that the mass now have a way for total anonymity. They (dogs) want to know what the sheep are doing, the need to herd the sheep is ingrained in their dna- to rule us- to protect us-.

This “ruling class” think’s that they can scare into not using the ToR network, telling us it’s only the criminals that use the ToR Network. The cyber surveillance world we live in is fracturing, and they want total information control about US, but not on them——— join us in the .onion network and be free from surveillance— gAtO oUt. 

ToRProject.org

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2012/05/me.gifDigg ThisSubmit to reddit
01/27/12

Predictive Behavioral Security Analysis part 1:

Predictive Behavioral Security Analysis part 1:

gAtO bEeN -watching a mouse hole called Twitter lately, it’s an OSINT Open Source Intelligence source that monitors real events in real time. OSINT – is a form of intelligence collection management that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence.

 

cool dashboard – internet Storm Center - http://isc.sans.edu/dashboard.html

gAtO bEeN -watching World Web War (WWW) hacktivismn has jumped started this new year, #OpMegaUpload upset lot’s of people and the organization structure of Anonymous is getting more refine. Things happened in #poland #ireland and during the middle of a DoS attack Anonymous told their warrior on twitter:

 

http://trendsmap.com/

@AnonyOps: #DDOS of European Parliament must stop NOW. They’re not the ones #ACTA

Later they tweeted this:@AnonyOps: europarl.europa.eu back up after #DDOS. Thanks for listening to logic #Anonymous.go persuade the MEPs:

http://www.msisac.org/apps/dashboard/

Command and Control in your face and people responded to this organized movement. Each new attack everyone get’s better more coordination Anonymous is growing up. Just look at the causes #SOPA #PIPA  #ACTA #OpMegaUpload #poland #Ireland #SOPAIreland #France #Belgium  #FreeTopiary. The Anonymous thingy has grown up it’s a social conscious mindset created, manipulated, organic, ???? leaderless ????. The evolution of this movement has spawned OWS the Occupy Wall Street political movement has it’s roots in Anonymous, but you can see the worldwide community support for this group that is anyone. This movement will grow and mature.

http://www.fsisac.com/

Think about it.

This Week gAtO Learned mUcHo-mUcHo, we have not only the technical means but now the social monitoring needs that can be used to gather information like no other time before. Of course our governments are getting in on the fun.

Homeland Security DHS- Human Factors/Behavioral Sciences Projects:

  • Actionable Indicators and Countermeasures Project
  • Biometric Detector Project
  • Community Perceptions of Technology Panel Project
  • Community Resilience Project
  • Enhancing Public Response and Community Resilience Project
  • Future Attribute Screening Technology (FAST) Project
  • Hostile Intent Detection – Automated Prototype Project
  • Hostile Intent Detection – Validation of Observable Indicators of Suspicious Behavior Project
  • Human Systems Engineering Project
  • Human Systems Research Project
  • Insider Threat Detection Project
  • Mobile Biometrics System Project
  • Multi-modal Biometrics Project
  • Passive Methods for Precision Behavioral Screening Project
  • Predictive Screening Project
  • Quantitative Psychosocial Impacts Index Project
  • Rapid DNA Project
  • Risk Prediction Project
  • Violent-Intent Modeling and Simulation Project

http://www.dhs.gov/files/programs/gc_1218480185439.shtm

http://k.root-servers.org/

And the CIA got into the fun[1] way before it was hip to monitor the web. We know the government has all kinds of databases of all kinds of things they collect remember echelon and carnivore the FBI first grab at data. Then we yell at the CHinese for doing the same thing we did, they learned from us about gathering information about people. Now cyberspace ties us in even tighter with SMS, streaming video, encrypted mobile chats for the masses. But as more is piled on more tools are developed. Recorded Future[2] was a little geek company sucking in the data and developing Analytical tools for Intelligence forecasting and the CIA loves them.

Predictive Behavioral Security Analysis is just monitoring choice which is freedom for it is predictive and can then be manipulated to plant an idea, a spark, a tweet. “Egypt can be free” this little spark is setting the fuel for the flames that will burn in Cairo by it’s people via Twitter, Facebook and any other social media. The Arab Awakening -Arab Spring was an simple idea, manipulated in cyberspace by protester, dissidents and governments in Tunisia, Bahrain, Syria and others, we will see Iraq’s move in March of this years with it’s election, they are closing down their Internet but will the idea of freedom explode anyway. We will be monitoring this – gAtO OuT

 

References:

[1] CIA Invest in ‘Future’ of Web Monitorin http://www.wired.com/dangerroom/2010/07/exclusive-google-cia/

[2] https://www.recordedfuture.com/

 

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2012/01/tweetScreen_01.pngDigg ThisSubmit to reddit
01/14/12

US -Monitors Social Media

 

Social Media Web Sites Monitored by the NOC 

This is a representative list of sites that the NOC will start to monitor in order to provide situational awareness and establish a common operating picture under this Initiative. Initial sites listed may link to other sites not listed. The NOC may also monitor those sites if they are within the scope of this Initiative. Tool  Link  User/Password Required 
General Search 
Collecta http://collecta.com No
RSSOwl http://www.rssowl.org/ No
Social Mention http://socialmention.com/ No
Spy http://www.spy.appspot.com No
Who’s Talkin http://www.whostalkin.com/ No
Shrook RSS reader http://www.utsire.com/shrook/ No
Video 
Hulu http://www.hulu.com No
iReport.com http://www.ireport.com/ No
Live Leak http://www.liveleak.com/ No
Magma http://mag.ma/ No
Time Tube http://www.dipity.com/mashups/timetube No
Vimeo http://www.vimeo.com No
Youtube http://www.youtube.com No
MySpace Video http://vids.myspace.com/ No
Maps 
Global Incident Map http://globalincidentmap.com/ No
Google Flu Trends http://www.google.org/flutrends/ No
Health Map http://www.healthmap.org/en No
IBISEYE http://www.ibiseye.com/ No
Stormpulse http://www.stormpulse.com/ No
Trends Map http://www.trendsmap.com No
Photos 
Flickr http://www.flickr.com/ No
Picfog http://picfog.com/ No
Twicsy http://www.twicsy.com No
Twitcaps http://www.twitcaps.com No
Twitter/API 
Twitter/API http://www.twitter.com Yes
Twitter Search 
Monitter http://www.monitter.com/ No
Twazzup http://www.twazzup.com No
Tweefind http://www.tweefind.com/ No
Tweetgrid http://tweetgrid.com/ No
Tweetzi http://tweetzi.com/ No
Twitter Search http://search.twitter.com/advanced No
Twitter Trends 
Newspapers on Twitter http://www.newspapersontwitter.com/ No
Radio on Twitter http://www.radioontwitter.com/ No
Trendistic http://trendistic.com/ No
Trendrr http://www.trendrr.com/ No
TV on Twitter http://www.tvontwitter.com/ No
Tweet Meme http://tweetmeme.com/ No
TweetStats http://tweetstats.com/ No
Twellow http://www.twellow.com/ No
Twendz http://twendz.waggeneredstrom.com/ No
Twitoaster http://twitoaster.com/ No
Twitscoop http://www.twitscoop.com/ No
Twitturly http://twitturly.com/ No
We Follow http://wefollow.com/ No
Facebook 
It’s Trending http://www.itstrending.com/news/ No
Facebook http://www.facebook.com Yes
MySpace  http://www.myspace.com Yes
MySpace (limited search) http://www.myspace.com No
Blogs Aggs 
ABCNews Blotter http://abcnews.go.com/Blotter/ No
al Sahwa http://al-sahwa.blogspot.com/ No
AllAfrica http://allafrica.com/ No
Avian Flu Diary http://afludiary.blogspot.com/ No
BNOnews http://www.bnonews.com/ No
Borderfire http://www.borderfirereport.net/ No
Borderland Beat http://www.borderlandbeat.com/ No
Brickhouse Security http://blog.brickhousesecurity.com/ No
Chem.Info http://www.chem.info/default.aspx No
Chemical Facility Security News http://chemical-facility-security-news.blogspot.com/ No
ComputerWorld Cybercrime Topic Center http://www.computerworld.com/s/topic/82/Cybercrime+and+Hacking No
Counter-Terrorism Blog http://www.counterterrorismblog.com/ No
Crisisblogger http://crisisblogger.wordpress.com/ No
Cryptome http://cryptome.org/ No
Danger Room http://www.wired.com/dangerroom/ No
Drudge Report http://drudgereport.com/ No
El Blog Del Narco http://elblogdelnarco.blogspot.com/ No
Emergency Management Magazine http://www.emergencymgmt.com No
Foreign Policy Passport http://blog.foreignpolicy.com/ No
Global Security Newswire http://gsn.nti.org/gsn/ No
Global Terror Alert http://www.globalterroralert.com/ No
Global Voices Network http://globalvoicesonline.org/-/world/americas/haiti/ No
Google Blog Search http://blogsearch.google.com No
Guerra Contra El Narco http://guerracontraelnarco.blogspot.com/ No
H5N1 Blog http://crofsblogs.typepad.com/h5n1/ No
Homeland Security Today http://www.hstoday.us/ No
Homeland Security Watch http://www.hlswatch.com/ No
Huffington Post http://huffingtonpost.com/ No
Hurricane Information Center http://gustav08.ning.com/ No
HurricaneTrack http://www.hurricanetrack.com/ No
InciWeb http://www.inciweb.org/ No
Informed Comment http://www.juancole.com/ No
Jihad Watch http://www.jihadwatch.org/ No
Krebs on Security http://krebsonsecurity.com/ No
LA Now http://latimesblogs.latimes.com/lanow/ No
LA Wildfires Blog http://latimesblogs.latimes.com/lanow/wildfires/ No
Livesay Haiti Blog http://livesayhaiti.blogspot.com/ No
LongWarJournal http://www.longwarjournal.org/ No
Malware Intelligence Blog http://malwareint.blogspot.com/ No
MEMRI http://www.memri.org/ No
MexiData.info http://mexidata.info/ No
MS-13 News and Analysis http://msthirteen.com/ No
Narcotrafico en Mexico http://narcotraficoenmexico.blogspot.com/ No
National Defense Magazine http://www.nationaldefensemagazine.org No
National Terror Alert http://www.nationalterroralert.com/ No
NEFA Foundation http://www.nefafoundation.org/ No
Newsweek Blogs http://blog.newsweek.com/ No
Nuclear Street http://nuclearstreet.com/blogs/ No
NYTimes Lede Blog http://thelede.blogs.nytimes.com/ No
Plowshares Fund http://www.ploughshares.org/news-analysis/blog No
Popular Science Blogs http://www.popsci.com/ No
Port Strategy http://www.portstrategy.com/ No
Public Intelligence http://publicintelligence.net/ No
ReliefWeb http://www.reliefweb.int No
RigZone http://www.rigzone.com/ No
Science Daily http://www.sciencedaily.com/ No
STRATFOR http://www.stratfor.com/ No
Technorati http://technorati.com/ No
Terror Finance Blog http://www.terrorfinance.org/the_terror_finance_blog/ No
The Latin Americanist http://ourlatinamerica.blogspot.com/ No
Threat Level http://www.wired.com/threatlevel/ No
Threat Matrix http://www.longwarjournal.org/threat-matrix/ No
Tickle the Wire http://www.ticklethewire.com/ No
Tribuna Regional http://latribunaregional.blogspot.com/ No
TruckingInfo.com http://www.truckinginfo.com/news/index.asp No
United Nations IRIN http://www.irinnews.org/ No
Ushahidi Haiti http://haiti.ushahidi.org/ No
War on Terrorism http://terrorism-online.blogspot.com/ No
WikiLeaks http://wikileaks.org/ No
WireUpdate http://wireupdate.com/ No

The Office of Operations Coordination and Planning (OPS), National Operations Center (NOC), will launch and lead the Publicly Available Social Media Monitoring and Situational Awareness (Initiative) to assist the Department of Homeland Security (DHS) and its components involved in fulfilling OPS statutory responsibility (Section 515 of the Homeland Security Act (6 U.S.C. § 321d(b)(1)) to provide situational awareness and establish a common operating picture for the federal government, and for those state, local, and tribal governments, as appropriate. The NOC and participating components1 may also share this de-identified information with international partners and the private sector where necessary and appropriate for coordination. While this Initiative is not designed to actively collect Personally Identifiable Information (PII), OPS is conducting this update to the Privacy Impact Assessment (PIA) because this initiative may now collect and disseminate PII for certain narrowly tailored categories. For example, in the event of an in extremis situation involving potential life and death, OPS will share certain PII with the responding authority in order for them to take the necessary actions to save a life, such as name and location of a person calling for help buried under rubble, or hiding in a hotel room when the hotel is under attack by terrorists. In the event PII comes into the Department’s possession under circumstances other than those itemized herein, the NOC will redact all PII prior to further dissemination of any collected information. - gAtO oUt

Reference: http://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_ops_publiclyavailablesocialmedia_update.pdf

1.2 What are the sources of the information in the system? 

Members of the public as well as first responders, press, volunteers, and others provide publicly-available information on social medial sites including online forums, blogs, public websites, and message boards. OPS is permitted to establish user names and passwords to form profiles on social media sites listed in Appendix A and to use search tools under established criteria and search terms such as those listed in Appendix B for monitoring that supports providing situational awareness and establishing a common operating picture.

1.3 Why is the information being collected, used, disseminated, or maintained? 

The NOC will identify, use, disseminate, and maintain this information to comply with its statutory mandate to provide situational awareness and establish a common operating picture for the entire federal government, and for state, local, and tribal governments as appropriate and to ensure that this information reaches government decision makers. The aggregation of data published via social media sites should make it possible for the NOC to provide more accurate situational awareness, a more complete common operating picture, and more timely information for decision makers.

1.4 How is the information collected? 

The NOC will identify information directly from third-party social media services. The NOC will access and collect information from various informational streams and postings that the NOC, as well as the broader public, view and monitor. See Appendix A for a list of the types of sites that may be viewed for information. See Appendix B for the types of search terms used in social media monitoring.

1.5 How will the information be checked for accuracy? 

The NOC will identify information from third-party social media services submitted voluntarily by members of the public and compares that information with information available in open source reporting and through a variety of public and government sources. By bringing together and comparing many different sources of information, the NOC will attempt to provide a more accurate picture of contemporaneous activities.

1.6 What specific legal authorities, arrangements, and/or agreements defined the collection of information? 

Congress requires the NOC “to provide situational awareness and establish a common operating picture for the entire federal government and for state, local, and tribal governments as appropriate, in the event of a natural disaster, act of terrorism, or other manmade disaster; and ensure that critical terrorism and disaster-related information reaches government decision-makers.” Section 515 of the Homeland Security Act (6 U.S.C. § 321d(b)(1)). While the NOC may receive PII, PII is not actively collected. Much of the data within this system does not pertain to an individual; rather, the information pertains to locations, geographic areas, facilities, and other things or objects not related to individuals. However, some personal information may be captured. Most information is stored as free text and any word, phrase, or number is searchable.

1.7 Privacy Impact Analysis: Given the amount and type of data Privacy Impact Assessment Office of Operations Coordination and Planning Publicly Available Social Media Monitoring and Situational Awareness Initiative Update Page 6

collected, discuss the privacy risks identified and how they were mitigated. 

There is a risk that the NOC will receive PII or other identifiable information that is not relevant to this Initiative. The NOC has a clear policy in place that any PII incidentally received outside the scope of the discrete set of categories discussed above will be redacted immediately. Also, under this initiative OPS will not: 1) actively seek PII; 2) post any information; 3) actively seek to connect with other internal/external personal users; 4) accept other internal/external personal users’ invitations to connect; and 5) interact on social media sites. Information collected to provide situational awareness and establish a common operating picture originates from publicly available social media sites and is available to the public.

Section 2.0 Uses of the Information 

The following questions are intended to delineate clearly the use of information and the accuracy of the data being used.

2.1 Describe all the uses of information. 

The NOC will use Internet-based platforms that provide a variety of ways to follow activities by monitoring publicly-available online forums, blogs, public websites, and message boards. Through the use of publicly-available search engines and content aggregators, the NOC will continuously monitor activities on social media sites, such as those listed in Appendix A, using search terms, such as those listed in Appendix B, for information. The NOC will gather, store, analyze, and disseminate relevant and appropriate information to federal, state, local, and foreign governments, and private sector partners requiring and authorized to receive situational awareness and a common operating picture.

2.2 What types of tools are used to analyze data and what type of data may be produced? 

NOC analysts will be responsible for monitoring and evaluating information provided on social media sites and will use tools offered by third-party social media sites to aid them in this overall effort. The final analysis will be used to provide situational awareness and establish a common operating picture.

2.3 If the system uses commercial or publicly available data please explain why and how it is used. 

Publicly-available, user-generated data can be useful to decision-makers as it provides “on-the-ground” information to help corroborate information received through official sources.

2.4 Privacy Impact Analysis: Describe any types of controls that may be in place to ensure that information is handled in accordance with the above described uses. 

The risk is that PII will be sent to the NOC unintentionally. This has been mitigated by the clear policy that PII, outside the scope of the discreet set of categories discussed above, inadvertently collected shall be redacted immediately before further use and sharing. The Department is providing notice of all uses of information under this Initiative through this PIA. The NOC will not actively collect or use any PII Privacy Impact Assessment Office of Operations Coordination and Planning Publicly Available Social Media Monitoring and Situational Awareness Initiative Update Page 7

outside the scope of the discreet set of categories discussed above.

Section 3.0 Retention 

The following questions are intended to outline how long information will be retained after the initial collection.

3.1 What information is retained? 

The NOC will retain only user-generated information posted to publicly-available online social media sites. Information posted in the public sphere that the Department uses to provide situational awareness or establish a common operating picture becomes a federal record and the Department is required to maintain a copy.

3.2 How long is information retained? 

The NOC will retain information for no more than 5 years to provide situational awareness and establish a common operating picture. This five-year retention schedule is based on the operational needs of the Department.

3.3 Has the retention schedule been approved by the component records officer and the National Archives and Records Administration (NARA)? 

Yes.

3.4 Privacy Impact Analysis: Please discuss the risks associated with the length of time data is retained and how those risks are mitigated. 

The risk associated with retention of information is that PII will be retained when it is not necessary and that the information will be kept longer than is necessary. The NOC has mitigated this risk by redacting PII outside the scope of the discreet set of categories discussed above that it inadvertently collects and is working with NARA on a retention schedule to immediately delete PII, upon the approval of this schedule by NARA, as well as to maintain records necessary for further use by the Department.

Section 4.0 Internal Sharing and Disclosure 

The following questions are intended to define the scope of sharing within the Department of Homeland Security.

4.1 With which internal organization(s) is the information shared, what information is shared and for what purpose? Privacy Impact Assessment Office of Operations Coordination and Planning Publicly Available Social Media Monitoring and Situational Awareness Initiative Update Page 8

Information will be shared within the NOC and with government leadership who have a need to know. The NOC is sharing this information for the statutorily mandated purpose of providing situational awareness and establishing a common operating picture.

4.2 How is the information transmitted or disclosed? 

Information will be transmitted via email and telephone and by other electronic and paper means within the NOC and to government leadership where necessary and appropriate. PII will not actively be collected outside the scope of the discreet set of categories discussed above. However, if PII is inadvertently pushed to the NOC, it will be redacted by the NOC before information is shared. The remaining data is analyzed and prepared for reporting.

4.3 Privacy Impact Analysis: Considering the extent of internal information sharing, discuss the privacy risks associated with the sharing and how they were mitigated. 

The risk associated with sharing this information is that PII will be inadvertently collected and shared. The NOC has mitigated this risk by establishing effective policies to avoid collection of PII outside the scope of the discreet set of categories discussed above and to redact it if collected inappropriately. The NOC will only monitor publicly accessible sites where users post information voluntarily.

Section 5.0 External Sharing and Disclosure 

The following questions are intended to define the content, scope, and authority for information sharing external to DHS which includes federal, state and local government, and the private sector.

5.1 With which external organization(s) is the information shared, what information is shared, and for what purpose? 

The NOC will use this Initiative to fulfill its statutory responsibility to provide situational awareness and establish a common operating picture for the entire federal government, and for state, local, and tribal governments as appropriate, and to ensure that critical disaster-related information reaches government decision makers. Information may also be shared with private sector and international partners where necessary, appropriate, and authorized by law.

5.2 Is the sharing of personally identifiable information outside the Department compatible with the original collection? If so, is it covered by an appropriate routine use in a SORN? If so, please describe. If not, please describe under what legal mechanism the program or system is allowed to share the personally identifiable information outside of DHS. 

PII will not actively be collected. However, if pushed to the NOC and outside the scope of the discreet set of categories discussed above, the PII will be redacted. Any sharing will be compatible with DHS/OPS – 003 Operations Collection, Planning, Coordination, Reporting, Analysis, and Fusion SORN (75 Privacy Impact Assessment Office of Operations Coordination and Planning Publicly Available Social Media Monitoring and Situational Awareness Initiative Update Page 9

FR 69689, published November 15, 2010) and the newly published Department of Homeland Security Office of Operations Coordination and Planning – 004 Publicly Available Social Media Monitoring and Situational Awareness Initiative System of Records. Information is only collected to provide situational awareness and to establish a common operating picture.

5.3 How is the information shared outside the Department and what security measures safeguard its transmission? 

Information will be shared by phone, email, and other paper and electronic means.

5.4 Privacy Impact Analysis: Given the external sharing, explain the privacy risks identified and describe how they were mitigated. 

External sharing risks are minimal as the Initiative will only share PII on a narrowly-tailored category of individuals; only information collected to provide situational awareness and to establish a common operating picture is shared. Any sharing will be compatible with DHS/OPS – 003 Operations Collection, Planning, Coordination, Reporting, Analysis, and Fusion SORN (75 FR 69689, published November 15, 2010). Further, as part of the PCR, DHS has decided to publish DHS/OPS-004 Publicly Available Social Media Monitoring and Situational Awareness Initiative System of Records to provide additional transparency.

Section 6.0 Notice 

The following questions are directed at notice to the individual of the scope of information collected, the right to consent to uses of said information, and the right to decline to provide information.

6.1 Was notice provided to the individual prior to collection of information? 

Yes, notice is provided through this PIA and through DHS/OPS – 003 Operations Collection, Planning, Coordination, Reporting, Analysis, and Fusion SORN (75 FR 69689, published November 15, 2010), and the newly published Department of Homeland Security Office of Operations Coordination and Planning – 004 Publicly Available Social Media Monitoring and Situational Awareness Initiative System of Records

6.2 Do individuals have the opportunity and/or right to decline to provide information? 

Information posted to social media websites is publicly accessible and voluntarily generated. Thus, the opportunity not to provide information exists prior to the informational post by the user.

6.3 Do individuals have the right to consent to particular uses of the information? If so, how does the individual exercise the right? 

Individuals voluntarily post information on social media sites and have the ability to restrict access to their posts as they see fit. Any information posted publicly can be used by the NOC in providing situational awareness and establishing a common operating picture. Privacy Impact Assessment Office of Operations Coordination and Planning Publicly Available Social Media Monitoring and Situational Awareness Initiative Update Page 10

6.4 Privacy Impact Analysis: Describe how notice is provided to individuals, and how the risks associated with individuals being unaware of the collection are mitigated. 

There is no requirement to provide notice to individuals under the framework applied under this Initiative. Information posted to social media approved for monitoring under this Initiative is publicly accessible and voluntarily generated.

Section 7.0 Access, Redress and Correction 

The following questions are directed at an individual’s ability to ensure the accuracy of the information collected about them.

7.1 What are the procedures that allow individuals to gain access to their information? 

Social media are public websites. All users have access to their own information through their user accounts. Individuals should consult the privacy policies of the services they subscribe to for more information.

For those included in the limited category of individuals upon whom PII may be collected who are seeking access to any record containing information that is part of a DHS system of records, or seeking to contest the accuracy of its content, they may submit a Freedom of Information Act (FOIA) or Privacy Act (PA) request to DHS. Given the nature of some of the information in the SWO and NOC Tracker Logs (sensitive law enforcement or intelligence information), DHS may not always permit the individual to gain access to or request amendment of his or her record. However, requests processed under the PA will also be processed under FOIA; requesters will always be given the benefit of the statute with the more liberal release requirements. The FOIA does not grant an absolute right to examine government documents; the FOIA establishes the right to request records and to receive a response to the request. Instructions for filing a FOIA or PA request are available at: http://www.dhs.gov/xfoia/editorial_0316.shtm.

The FOIA/PA request must contain the following information: Full Name, current address, date and place of birth, telephone number, and email address (optional). Privacy Act requesters must either provide a notarized and signed request or sign the request pursuant to penalty of perjury, 28 U.S.C. §1746. Please refer to the DHS FOIA web site for more information at www.dhs.gov/foia.

7.2 What are the procedures for correcting inaccurate or erroneous information? 

See above.

7.3 How are individuals notified of the procedures for correcting their information? 

Individuals are notified through this PIA, DHS/OPS-003 and DHS/OPS-004. Privacy Impact Assessment Office of Operations Coordination and Planning Publicly Available Social Media Monitoring and Situational Awareness Initiative Update Page 11

7.4 If no formal redress is provided, what alternatives are available to the individual? 

There is no specified procedure for correcting information to DHS; if there were, it relates to a social media-provided process and not a DHS process. Individuals may change their PII as well as the accessibility of their content posts at any time they wish through their user account management tools on the social media sites. Individuals should consult the privacy policies of the services to which they subscribe for more information.

7.5 Privacy Impact Analysis: Please discuss the privacy risks associated with the redress available to individuals and how those risks are mitigated. 

The information available on social networking websites is largely user-generated, which means that the individual chooses the amount of information available about himself/herself as well as the ease with which it can be accessed by other users. Thus, the primary account holder should be able to redress any concerns through the third-party social media service. Individuals should consult the privacy policies of the services they subscribe to for more information.

Section 8.0 Technical Access and Security 

The following questions are intended to describe technical safeguards and security measures.

8.1 What procedures are in place to determine which users may access the system and are they documented? 

All NOC Media Monitoring analysts have access to media feed aggregation tools and sites which are publicly available. The analysts also have access to the MMC application which is only accessible via a physical connection to an isolated private network established at the NOC Media Monitoring Watch room. In addition to the physical security, the program requires an assigned username and password for access. The system cannot be remotely accessed.

8.2 Will Department contractors have access to the system? 

Yes, as it is required in the performance of their contractual duties at DHS. However, access to the MMC application is limited to NOC authorized analysts who are physically present at the NOC Media Monitoring Watch desk.

8.3 Describe what privacy training is provided to users either generally or specifically relevant to the program or system? 

All DHS employees and contractors are required to take annual privacy training. In addition, media monitoring analysts get specific PII training.

8.4 Has Certification & Accreditation been completed for the system or systems supporting the program? Privacy Impact Assessment Office of Operations Coordination and Planning Publicly Available Social Media Monitoring and Situational Awareness Initiative Update Page 12

No. Tools and sites being used for information collection are publicly available, third-party services. Any certification & accreditation has not been completed for MMC application since the system is housed on non-government furnished equipment on an isolated private network.

8.5 What auditing measures and technical safeguards are in place to prevent misuse of data? 

This PIA will be reviewed every six months to ensure compliance. This will be done in conjunction with a Privacy Office-led PCR of the Initiative and of OPS social media monitoring internet based platforms and information technology infrastructure.

As recommended by the Privacy Office, efforts are underway to implement auditing at the router level for all outbound http(s) traffic and generate audit reports which will be available for each compliance review and upon request. Also, information on sources used to generate all reports can be provided for review by Privacy officials. The MMC application server resides on a secure, firewalled, isolated private network that does not allow inbound access or connection.

8.6 Privacy Impact Analysis: Given the sensitivity and scope of the information collected, as well as any information sharing conducted on the system, what privacy risks were identified and how do the security controls mitigate them? 

Media feed aggregation tools/sites are publicly-available, third-party services. Information is collected by the service itself to establish an account. Thereafter, users determine their level of involvement and decide how “visible” they wish their presence on any given service to be. The ability to choose how much information to disclose, as well as the short period of retention for any information collected by the NOC serves to mitigate any privacy risk.

The only PII collected is of a very limited scope within the discreet set of categories discussed above. However, even that limited amount is secure. NOC does not retain any raw material reviewed during the collection phase. All data entered into the MMC application is carefully reviewed to ensure compliance with the guidelines provided in this PIA. The MMC application is not designed to share information by any means other than sending reports to a pre-approved, predetermined distribution list. The only way to access data in the application is for an authorized user physically connected to a contained system to pull out data, create a separate file and then share that file. Because the system cannot be accessed remotely, and the collected PII is very limited, privacy compromise risks are low.

Section 9.0 Technology 

The following questions are directed at critically analyzing the selection process for any technologies utilized by the system, including system hardware, RFID, biometrics and other technology.

9.1 What type of project is the program or system? 

Third-parties control and operate social media services. Users should consult with representatives of the service provider in order to make themselves aware of technologies utilized by the system.

9.2 What stage of development is the system in and what project Privacy Impact Assessment Office of Operations Coordination and Planning Publicly Available Social Media Monitoring and Situational Awareness Initiative Update Page 13

development lifecycle was used? 

Social media is active at all times and is third-party owned and operated.

9.3 Does the project employ technology which may raise privacy concerns? If so please discuss their implementation. 

Individuals should consult the privacy policies of the services they subscribe to for more information.

Responsible Officials 

Donald Triner

Director (Acting), National Operations Center

Office of Operations Coordination and Planning

Department of Homeland Security

Share on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
09/22/11

Cyber China Spy Threat | Cyber Espionage and Influence

China’s growing spy threat is a great article. It points to everything I have said before.

The top priority of Chinese

•            Industrial espionage aimed at defense industry and high tech sectors

•            Infiltration of critical infrastructure and military targets

•            Nexus of organized cybercrime and terrorist fundraising

•            Monitoring and Disrupting Dissidents

We need to understand the Chinese government mindset to understand them, paranoia, saving face and economic these are the 3 pillars of the new communism in China. Let’s start with paranoia. One of China’s prime paranoia, lack of trust of anything not created in China it must have back doors. Look at all the discussion on the Chinese company Huawei, installing back doors in our telecom infrastructure. We did it to them and nowel gatoMalo they’re paying us back. The Chinese know they are putting backdoors in our electronics because they can, they own our manufacturing. China worked very hard in creating kylin (Unix). They have to use Microsoft because some applications only run on it but it’s too easy to hack and “made in America” didn’t make them happy. This is why Google left; they refuse to give the Chinese the keys to the code.

On the same paranoia crazy train.  One of the top priorities of Chinese espionage efforts—foreign and domestic—is monitoring and disrupting dissidents, according to defectors, experts, and official documents.

Anyone who talks bad about China will pay the price, monitoring, I’m currently on there radar (popular posts, referrers and keywords stats on my blogs & sudden twitter followers, say so much) and so is everyone who write about China especially cyber security.

Let’s talk economics. China has been looked at as a source of cheap labor only, they don’t want our breadcrumbs, they want to become leaders not followers and I can’t blame them. As a nation I want to be seen as a leader in Technology, in Finance not the errand boy of the west. (Saving face). The facts are that the last 10 years China has been using it’s money wisely investing in companies around the world (influence), while America has been bombing people all over the world. They create new alliances we destroy our alliance with drone planes. And to top it off they are going after our political elite. According to experts, China uses bribes, blackmail, women, lavish vacations in China, and other means to compromise officials worldwide. I just wrote about this about our current presidential front runner Rick Perry in bed with the Chinese companies – Huawei just opened it’s door in Texas and so did 12 other Chinese corporations, what do you think there doing in the U.S.( http://uscyberlabs.com/blog/2011/09/11/cyber-warfare-rick-perry-mitt-romney-opening-u-s-cyber-infrastructure-china-huawei/).

Sorry I just had to put down these words after reading the article.

 

Time to get down of the soapbox.

 

Read More -

http://the-diplomat.com/2011/09/19/chinas-growing-spy-threat/5/

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2011/08/chinese-hackers-300x211.jpgDigg ThisSubmit to reddit
07/23/11

Addressing a Global Problem

Georgi Ivanov in NationalNational Security July 22, 2011

From WikiLeaks to the Chinese attacks on U.S. government information infrastructures, cyber attacks are becoming more prevalent and threatening every day. The most lucrative target of these attacks remains America, but the rest of the international community is not immune to hacking either: policymicIt is only a matter of time before we see a coordinated hacking attempt at Germany, France, or Britain.

The defense establishment in Washington has every right to concern itself with IT protection, but a better solution will incorporate U.S. security efforts in a supranational framework to minimize the impact of hacking attacks that have the potential to bring entire states to their knees.

What would such a supranational regime look like? At first, it will be a very formative regulatory design, based out of the existing precedents on hacking attacks: WikiLeaks, Anonymous, and attacks from China. The first steps are to produce a graded scale on the intensity of the attack and make it a criminal offense against the sovereignty of a state: Both state and non-state actors should be potentially responsible. If such an organization ever emerges, it is essential to open it to worldwide membership. The reliance on information technology is only going to intensify over the course of the century, and international cooperation would strengthen our network of defense.

The next step is to harmonize state laws to have common criteria on the definition of the crimes and the corresponding punishments. The administration of justice can be overseen by the International Court of Justice (ICJ) and courts on the national level may enforce the harmonized laws under its sanction.

read more via >>>  http://www.policymic.com/article/show/id/1104#reply-4677

gatoMalo MeWo -

I disagree with you on so many levels.

MeOw mEwO1st. - Global cooperation, self interested corporations and governments are the reason for the real cyber-espionage crimes that steals technology, information and financial data. http://ChinaCyberWarfare.wordpress.com It was The SUN who hacked dead people phones and made tons of money $$$. The SUN even had top UK Police and Interpol officials corrupted. You want the legal crooks guarding the outcome of the bad crooks. It’s a conflict of intrest for the legal good guys.

2nd. - If your going after hacktivist they deface websites, cause cyber mayhem but if you look at their release of email and passwords and other data they released. Do you know how much money they could of made $$$ ( follow the money ), but the fact is they didn’t ( ZERO 0 $$$ ). The analysis of the cyber attack data shows us “hay your security is weak – fix it or else…” it also means “…people like The SUN (the real legal international corporation hackers (made BIG $$$ )” -may hack you ask Hugh Grant the actor ( News Corp empire of media mogul Rupert Murdoch-phone-hacking scandal in the UK hacked Mr. Hugh Grants Phone )

CyberSpace belong to all of US -not the powerful and influential. – CyberSpace -BELONG TO ALL OF US – FREEDOM

I disagree with you, but a good piece it made me stop and think. Good Job Georgi and thanks. Think outside the box more than once -hackers do, knowledge is power. Hacker Moto:-be hidden, be silent, listen and don’t get DOX. 

gatoMalo_at_usCyberLabs_dot_com

 

 

Cuddly British actor Hugh Grant, who’s been the leading celebrity critic of the British tabloid hounds who have long tormented him, must be feeling vindicated.

The metastasizing phone-hacking scandal in the UK, which he helped call attention to, has shaken the government and the News Corp empire of media mogul Rupert Murdoch, and launched a spreading examination of the too-cozy relationship between the British press, politicians and police.

 

 

Share on TumblrSubmit to StumbleUponhttp://www.policymic.com/users/48/avatar.pngDigg ThisSubmit to reddit