Electronic warfare by drone and SMS - Russia-backed separatist #propaganda in the #Donbas
▻https://medium.com/dfrlab/electronic-warfare-by-drone-and-sms-7fec6aa7d696 #Russia #Russie #guerre_électronique #electronic_warfare #EW #Ukraine
Electronic warfare by drone and SMS - Russia-backed separatist #propaganda in the #Donbas
▻https://medium.com/dfrlab/electronic-warfare-by-drone-and-sms-7fec6aa7d696 #Russia #Russie #guerre_électronique #electronic_warfare #EW #Ukraine
As reported by the Russian Ministry of Defense, the Russian-made RB-341V “Leer-3” electronic warfare systems use three Orlan-10 unmanned aerial vehicles (UAVs) connected to a KamAZ-5350 truck that serves as the command and control post to affect a six-kilometer (3.7-mile) radius. The UAVs jam nearby cellular communication towers through a combination of jammers installed on the UAVs and disposable jammers that are dropped on the ground. The UAVs are then able to send SMS text messages and audio messages, effectively hijacking nearby cellular transmissions. Though originally designed to function with GSM networks, the Leer-3 is known to more recently be used with 3G and 4G networks.
These specific electronic warfare systems are officially known to be used by Russia in Syria. The OSCE Special Monitoring Mission (SMM) to Ukraine observed an Orlan-10 on May 13, 2017, flying from separatist-controlled Makiivka to Donetsk city. In a statement at the OSCE 822nd FSC Plenary Meeting, the Ukrainian delegation presented evidence of the “Leer-3” electronic warfare system in Donetsk city.
> Leer-3 is known to more recently be used with 3G and 4G networks
Je vois bien comment brouiller les BTS légitimes pour y substituer un BTS pirate en MITM - le GSM n’authentifie rien... Mais en 4G le réseau est censé être authentifié par le terminal (cf. ▻https://www.troopers.de/wp-content/uploads/2011/10/TR12_TelcoSecDay_Schneider_LTE.pdf) et s’introduire là-dedans est une autre paire de manches... Il me semble que pour y arriver il faut avoir compromis certains éléments de l’infrastructure. S’ils y parviennent, c’est fort.
D’après ▻https://twitter.com/GuyPlopsky/status/868352180612284416 l’upgrade de Leer-3 pour traiter 3G et 4G a été annoncé mais personne n’a encore témoigné de son efficacité opérationnelle.
American and British Spy Agencies Targeted In-Flight Mobile Phone Use
▻https://theintercept.com/2016/12/07/american-and-british-spy-agencies-targeted-in-flight-mobile-phone-use
In the trove of documents provided by former National Security Agency contractor Edward Snowden is a treasure. It begins with a riddle : “What do the President of Pakistan, a cigar smuggler, an arms dealer, a counterterrorism target, and a combatting proliferation target have in common ? They all used their everyday GSM phone during a flight.” This riddle appeared in 2010 in SIDtoday, the internal newsletter of the NSA’s Signals Intelligence Directorate, or SID, and it was classified “top (...)
#NSA #smartphone #écoutes #GCHQ #Air_France
Australia General Skilled Migration Program
▻http://www.permitsandvisas.com/australia-general-skilled-migration-program
Australia General Skilled Migration Program General Skilled Migration (GSM) is a 2-step points based program designed by the Australian government to offer permanent resident visa to professionals and skilled workers who wish to migrate to Australia, take up the job opportunities in Australia, live and settle down on a permanent basis. The first step to […]
KeySweeper: RF-based keystroke sniffer for Microsoft Wireless Keyboards, disguised ad USB charger (Samy Kamkar)
KeySweeper is a stealthy Arduino Pro Mini-based device, camouflaged as a functioning USB wall charger, that wirelessly and passively sniffs 2.4Ghz, decrypts, logs and reports back (over 2G GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity.
All keystrokes are logged online and locally on flash storage. SMS alerts are sent upon trigger words, usernames or URLs, exposing passwords. If unplugged, KeySweeper continues to operate using its internal battery and auto-recharges upon repowering. A web based tool allows live keystroke monitoring.
The video is very interersting and gives you the details about the construction of the device.
The souce code can be found here:
Even thought it already surfaced in January 2015,
▻http://arstechnica.com/security/2015/01/meet-keysweeper-the-10-usb-charger-that-steals-ms-keyboard-strokes
it is only recently that the cyber division of the FBI issued an alert about it because more than just Microsoft wireless keyboards are vulnerable to the device.
Wireless Keystroke Logger Disguised as USB Device Charger Targets Wireless Keyboards
▻https://publicintelligence.net/fbi-keysweeper
The pdf:
▻https://info.publicintelligence.net/FBI-KeySweeper.pdf
“If placed strategically in an office or other location where individuals might use wireless devices, a malicious cyber actor could potentially harvest personally identifiable information, intellectual property, trade secrets, passwords, or other sensitive information,” the advisory says. “Since the data is intercepted prior to reaching the CPU, security managers may not have insight into how sensitive information is being stolen.”
Remark from the builder of the device since that FBI publication:
“The interesting thing to note is that when I released KeySweeper, only 1 out of 11 of their wireless keyboards had AES encryption. I’m looking now, and I believe all but one now have AES encryption,”
▻https://threatpost.com/fbi-mum-on-real-world-keysweeper-attacks/118260
Les signaux (radio) secrets qui organisent nos réseaux de transports.
Les trains, avions et bateaux génèrent un grand traffic d’ondes radio pour leur gestion ; 2 artistes ont créé une installation révélant ces énormes échanges d’information par les airs.
The secret signals that rule our transport networks
– Planes, we found, are the easiest to track
– In looking at how transport systems communicate with each other, we can also learn something about the data itself
– Global System for Mobile Communications Railway (GSM-R)
– Automatic Identity System (AIS)
– Automatic Dependent Surveillance-Broadcast (ADS-B) transponder
– software-defined radio (SDR)
▻http://www.bbc.com/future/story/20160426-the-invisible-language-of-trains-boats-and-planes
FAMILIARS (Lighthouse Arts) is a collaboration between sound artist Wesley Goatley and technology anthropologist Georgina Voss.
▻http://www.familiars.org
Symantec Discovers ’Regin’ Spy Code Lurking on Computer Networks
▻http://bits.blogs.nytimes.com/2014/11/24/symantec-discovers-spy-code-lurking-on-computer-networks
The security company indicated that a powerful program that could only have been created by a “nation state” has been finding its way into computer systems for six years.
“In the world of malware threats, only a few rare examples can truly be considered groundbreaking and almost peerless,” Symantec wrote. “What we have seen in Regin is just such a class of malware.”
Second reference (cited in the Guardian article):
Secret Malware in European Union Attack Linked to U.S. and British Intelligence
▻https://firstlook.org/theintercept/2014/11/24/secret-regin-malware-belgacom-nsa-gchq
Researchers Uncover Government Spy Tool Used to Hack Telecoms and Belgian Cryptographer
▻http://www.wired.com/2014/11/mysteries-of-the-malware-regin
Dubbed “Regin” by Microsoft
But perhaps the most significant aspect of Regin is its ability to target GSM base stations of cellular networks. The malicious arsenal includes a payload that Kaspersky says was used in 2008 to steal the usernames and passwords of system administrators of a telecom somewhere in the Middle East.
Regin: Nation-state ownage of GSM networks
(contains detailed explanations)
▻http://securelist.com/blog/research/67741/regin-nation-state-ownage-of-gsm-networks
Sur Seenthis:
►http://seenthis.net/messages/315454
Americans’ Cellphones Targeted in Secret U.S. Spy Program
IMSI-catchers on small US Government planes (Cesna) act as fake cell towers (BTS - base transceiver station) and thus capture civilian’s registration and location info on the ground. These dirtboxes exploit a weakness in the GSM specification which does not require the operator network to show credentials i.e. identify itself as legitimate.
Cellphones are programmed to connect automatically to the strongest base station signal. The devices they use identifies themselves as having the closest, strongest signal, even though they do not, and force all the phones that can detect its signal to send in their unique registration information. Having encryption on a phone doesn’t prevent this process.
The technology is aimed at locating cellphones linked to individuals under investigation by the government, including fugitives and drug dealers, but it collects information on cellphones belonging to people who aren’t criminal suspects, these people said. They said the device determines which phones belong to suspects and “lets go” of the non-suspect phones.
[...]
The program cuts out phone companies as an intermediary in searching for suspects. Rather than asking a company for cell-tower information to help locate a suspect, which law enforcement has criticized as slow and inaccurate, the government can now get that information itself.
[...]
Within the Marshals Service, some have questioned the legality of such operations and the internal safeguards, these people said. They say scooping up of large volumes of information, even for a short period, may not be properly understood by judges who approve requests for the government to locate a suspect’s phone.
▻http://online.wsj.com/news/article_email/americans-cellphones-targeted-in-secret-u-s-spy-program-1415917533-lMyQj
#imsi-catcher : ▻http://en.wikipedia.org/wiki/IMSI-catcher
#dirtbox : DRT : ▻http://electrospaces.blogspot.com/2013/11/drtbox-and-drt-surveillance-systems.html
#BTS : ▻http://en.wikipedia.org/wiki/Base_transceiver_station
#MITM
#surveillance
Rogue #GSM BTS - good for interceptions, good for SMS drive-by spam too !
▻http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-mobile-cybercriminal-underground-market-in-china.pdf (pages 4-5) #mobile #security
“In #lebanon, many of us will remember the practice of giving a “missed call” when #cellphone #rates...”
▻http://levant.tumblr.com/post/72579160572
“In Lebanon, many of us will remember the practice of giving a “missed call” when cellphone...
#missed_call #cell #cellular #gsm
The GSM Security Map compares the protection capabilities of mobile networks. Check how weak your network is: ▻https://gsmmap.org
Networks are rated in their protection capabilities relative to a reference network that implements all protection measures that have been seen “in the wild”. The reference is regularly updated to reflect new protection ideas becoming commercially available. Networks, therefore, have to improve continuously to maintain their score, just as hackers are continuously improving their capabilities.
GNU Radio - OpenBTS - gnuradio.org
▻http://gnuradio.org/redmine/projects/gnuradio/wiki/OpenBTS
Hands-on guide to sysmoBTS, a small BTS built with open source software:
►http://www.h-online.com/open/features/The-open-GSM-future-arrives-1723580.html?view=print - the open future of GSM has arrived.