Digital News Network
The U.S., U.K. and Canadian governments’ Digital News characterize hackers as a criminal menace. They also warn of the threats they allegedly pose to critical infrastructure. Though they aggressively prosecute them, they also secretly exploit their information and expertise.
Because “Hackers are stealing the emails of some of our targets… we collect their ‘take’ to get access to the emails,” NSA’s document says.
Riding on the coattails of hackers, Western intelligence agencies have gathered valuable content:
“Recently, CSEC and Menwith Hill Station (MHS) discovered and began exploiting a target-rich data set hackers have stolen. They know the hackers’ sophisticated email-stealing intrusion set as INTOLERANT. Of the traffic observed, nearly half contains category hits as attackers are targeting email accounts of interest to Intelligence Community. Although a relatively new data source, [Target Offices of Primary Interest] have already written multiple reports based on INTOLERANT collect.”
The hackers targeted a wide range of diplomatic corps, human rights and democracy activists and even journalists:
INTOLERANT traffic is very organized. Each event is labeled to identify and categorize victims. Moreover, Cyber attacks commonly apply descriptors to each victim. It helps herd victims and track which attacks succeed and which fail. Furthermore, victim categories make INTOLERANT interesting:
A = Indian Diplomatic & Indian Navy
B = Central Asian diplomatic
C = Chinese Human Rights Defenders
D = Tibetan Pro-Democracy Personalities
E = Uighur Activists
F = European Special Rep to Afghanistan and Indian photo-journalism
G = Tibetan Government in Exile
In those cases, the NSA and its partner agencies in the UK and Canada were unable to determine the identity of the hackers but suspect a state sponsor.
Finally, GCHQ officials discuss plans to use open source discussions among hackers to improve their own knowledge. According to one document, “Analysts are potentially missing out on valuable open source information relating to cyber defence. It is due to an inability to easily keep up to date with specific blogs and Twitter sources”.
Credit and External Link : https://firstlook.org/theintercept/2015/02/04/demonize-prosecute-hackers-nsa-gchq-rely-intel-expertise/