Wednesday, 25 February 2015

Gemalto: NSA, GCHQ invaded our LANs – but didn't snatch SIM keys

Top SIM card maker Gemalto has conducted an investigation into the NSA's and GCHQ's infiltration of its computers, and says while the agencies did get into its network, they didn't get in far enough to siphon out crucial phone-call encryption keys.
Files leaked by intelligence whistleblower Edward Snowden appeared to show the US and UK had broken into Gemalto's systems to obtain thousands, if not millions, of secret encryption keys (Ki) which are baked into every SIM – and used to safeguard conversations from eavesdroppers.
In a statement sent to El Reg, the Dutch giant's "investigation into the intrusion methods described in the [Snowden] document and the sophisticated attacks that Gemalto detected in 2010 and 2011 give us reasonable grounds to believe that an operation by NSA and GCHQ probably happened."
The company reached that conclusion after revisiting some cyber-attacks it encountered in those years, which it says were repelled although it did not (or could not) identify the perps.
"While the intrusions described above were serious, sophisticated attacks, nothing was detected in other parts of our network", the statement continued, adding:
No breaches were found in the infrastructure running our SIM activity or in other parts of the secure network which manage our other products such as banking cards, ID cards or electronic passports. Each of these networks is isolated from one another and they are not connected to external networks.
The attacks therefore "could not have resulted in a massive theft of SIM encryption keys." This is assuming Gemalto could detect a deep invasion by the likes of the NSA and GCHQ; the spies could have snatched and grabbed without being seen, although the SIM maker isn't saying anything on that.
And even if Western spies had been able to get deeper into its networks and stolen the vital keys, Gemalto reckons any eavesdropping using the nicked data would have been limited to 2G networks. With much of the world having moved to 3G or 4G, any follow-up snooping would have been hampered, it's alleged.
Gemalto claimed:
In 2010-2011 most operators in the targeted countries were still using 2G networks. The security level of this second generation technology was initially developed in the 1980s and was already considered weak and outdated by 2010. If the 2G SIM card encryption keys were to be intercepted by the intelligence services, it would be technically possible for them to spy on communications when the SIM card was in use in a mobile phone. This is a known weakness of the old 2G technology and for many years we have recommended that operators deploy extra security mechanisms.
However, even if the encryption keys were intercepted by the intelligence services they would have been of limited use. This is because most 2G SIMs in service at that time in these countries were prepaid cards which have a very short life cycle, typically between 3 and 6 months.
(To be fair, 3G and 4G is not widespread in the countries the NSA is interested in, if you believe it really is going after Mid-East terrorists and suchlike. Tracking a target for six months on 2G is more than enough for the Five Eyes alliance; people can be drone'd by their SIM card very easily in Pakistan, Yemen, Somalia, and beyond.)
Back to today's press statement, Gemalto also says the Snowden documents get a few important details wrong. "Gemalto has never sold SIM cards to four of the twelve operators listed in the documents, in particular to the Somali carrier where a reported 300,000 keys were stolen," the statement says.
Another error concerns "a list claiming to represent the locations of our personalization centers" that "shows SIM card personalization centers in Japan, Colombia and Italy." Gemalto denies that it operated such centres in those countries at the time of the alleged hacks.
The corporate retort – issued days after the company's stock plunged – offers more detail on Gemalto's security practices and why they make an attack like that suggested by Snowden's leaked documents unlikely.
The statement is confident, detailed by the standards of such documents and, most importantly, definitive. If it is shown to be substantially wrong, Gemalto just threw its credibility into a black hole – it will come out the other side as reconstituted atoms.
Just what this statement means for Snowden's reputation remains to be seen.

How the NSA’s Firmware Hacking Works and Why It’s So Unsettling


One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen. The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. The module, named “nls_933w.dll”, is the first of its kind found in the wild and is used with both the EquationDrug and GrayFish spy platforms Kaspersky uncovered.
It also has another capability: to create invisible storage space on the hard drive to hide data stolen from the system so the attackers can retrieve it later. This lets spies like the Equation Group bypass disk encryption by secreting documents they want to seize in areas that don’t get encrypted.
Kaspersky has so far uncovered 500 victims of the Equation Group, but only five of these had the firmware-flashing module on their systems. The flasher module is likely reserved for significant systems that present special surveillance challenges. Costin Raiu, director of Kaspersky’s Global Research and Analysis Team, believes these are high-value computers that are not connected to the internet and are protected with disk encryption.
Here’s what we know about the firmware-flashing module.

How It Works

Hard drive disks have a controller, essentially a mini-computer, that includes a memory chip or flash ROM where the firmware code for operating the hard drive resides.
When a machine is infected with EquationDrug or GrayFish, the firmware flasher module gets deposited onto the system and reaches out to a command server to obtain payload code that it then flashes to the firmware, replacing the existing firmware with a malicious one. The researchers uncovered two versions of the flasher module: one that appears to have been compiled in 2010 and is used with EquatinoDrug and one with a 2013 compilation date that is used with GrayFish.
The Trojanized firmware lets attackers stay on the system even through software updates. If a victim, thinking his or her computer is infected, wipes the computer’s operating system and reinstalls it to eliminate any malicious code, the malicious firmware code remains untouched. It can then reach out to the command server to restore all of the other malicious components that got wiped from the system.
Even if the firmware itself is updated with a new vendor release, the malicious firmware code may still persist because some firmware updates replace only parts of the firmware, meaning the malicious portions may not get overwritten with the update. The only solution for victims is to trash their hard drive and start over with a new one.
The attack works because firmware was never designed with security in mind. Hard disk makers don’t cryptographically sign the firmware they install on drives the way software vendors do. Nor do hard drive disk designs have authentication built in to check for signed firmware. This makes it possible for someone to change the firmware. And firmware is the perfect place to conceal malware because antivirus scanners don’t examine it. There’s also no easy way for users to read the firmware and manually check if it’s been altered.
The firmware flasher module can reprogram the firmware of more than a dozen different hard drive brands, including IBM, Seagate, Western Digital, and Toshiba.
“You know how much effort it takes to land just one firmware for a hard drive? You need to know specifications, the CPU, the architecture of the firmware, how it works,” Raiu says. The Kaspersky researchers have called it “an astonishing technical accomplishment and is testament to the group’s abilities.”
Once the firmware is replaced with the Trojanized version, the flasher module creates an API that can communicate with other malicious modules on the system and also access hidden sectors of the disk where the attackers want to conceal data they intend to steal. They hide this data in the so-called service area of the hard drive disk where the hard disk stores data needed for its internal operation.

Hidden Storage Is the Holy Grail

The revelation that the firmware hack helps store data the attackers want to steal didn’t get much play when the story broke last week, but it’s the most significant part of the hack. It also raises a number of questions about how exactly the attackers are pulling this off. Without an actual copy of the firmware payload that gets flashed to infected systems, there’s still a lot that’s unknown about the attack, but some of it can be surmised.
The ROM chip that contains the firmware includes a small amount of storage that goes unused. If the ROM chip is 2 megabytes, the firmware might take up just 1.5 megabytes, leaving half a megabyte of unused space that can be employed for hiding data the attackers want to steal.
This is particularly useful if the the computer has disk encryption enabled. Because the EquationDrug and GrayFish malware run in Windows, they can grab a copy of documents while they’re unencrypted and save them to this hidden area on the machine that doesn’t get encrypted. There isn’t much space on the chip for a lot of data or documents, however, so the attackers can also just store something equally as valuable to bypass encryption.
“Taking into account the fact that their GrayFish implant is active from the very boot of the system, they have the ability to capture the encryption password and save it into this hidden area,” Raiu says.
Authorities could later grab the computer, perhaps through border interdiction or something the NSA calls “customs opportunities,” and extract the password from this hidden area to unlock the encrypted disk.
Raiu thinks the intended targets of such a scheme are limited to machines that are not connected to the internet and have encrypted hard drives. One of the five machines they found hit with the firmware flasher module had no internet connection and was used for special secure communications.
“[The owners] only use it in some very specific cases where there is no other way around it,” Raiu says. “Think about Bin Laden who lived in the desert in an isolated compound—doesn’t have internet and no electronic footprint. So if you want information from his computer how do you get it? You get documents into the hidden area and you wait, and then after one or two years you come back and steal it. The benefits [of using this] are very specific.”
Raiu thinks, however, that the attackers have a grander scheme in mind. “In the future probably they want to take it to the next level where they just copy all the documents [into the hidden area] instead of the password. [Then] at some point, when they have an opportunity to have physical access to the system, they can then access that hidden area and get the unencrypted docs.”
They wouldn’t need the password if they could copy an entire directory from the operating system to the hidden sector for accessing later. But the flash chip where the firmware resides is too small for large amounts of data. So the attackers would need a bigger hidden space for storage. Luckily for them, it exists. There are large sectors in the service area of the hard drive disk that are also unused and could be commandeered to store a large cache of documents, even ones that might have been deleted from other parts of the computer. This service area, also called the reserved are or system area, stores the firmware and other data needed to operate drives, but it also contains large portions of unused space.
An interesting paper (.pdf) published in February 2013 by Ariel Berkman, a data recovery specialist at the Israeli firm Recover, noted “not only that these areas can’t be sanitized (via standard tools), they cannot be accessed via anti-virus software [or] computer forensics tools.”
Berkman points out that one particular model of Western Digital drives has 141 MB reserved for the service area, but only uses 12 MB of this, leaving the rest free for stealth storage.
To write or copy data to service area requires special commands that are specific to each vendor and are not publicly documented, so an attacker would need to uncover what these are. But once they do, “[b]y sending Vendor Specific Commands (VSCs) directly to the hard-drive, one can manipulate these [service] areas to read and write data that are otherwise inaccessible,” Berkman writes. It is also possible, though not trivial, to write a program to automatically copy documents to this area. Berkman himself wrote a proof-of-concept program to read and write a file of up to 94 MB to the service area, but the program was a bit unstable and he noted that it could cause some data loss or cause the hard drive to fail.
One problem with hiding large amounts of data like this, however, is that its presence might be detected by examining the size of the used space in the service area. If there should be 129 MB of unused space in this sector but there’s only 80 MB, it’s a dead giveaway that something is there that shouldn’t be. But a leaked NSA document that was written in 2006 but was published by Der Spiegel last month suggests the spy agency might have resolved this particular problem.

NSA Interns to the Rescue

The document (.pdf) is essentially a wish list of future spy capabilities the NSA hoped to develop for its so-called Persistence Division, a division that has an attack team within it that focuses on establishing and maintaining persistence on compromised machines by subverting their firmware, BIOS, BUS or drivers. The document lists a number of projects the NSA put together for interns to tackle on behalf of this attack team. Among them is the “Covert Storage” project for developing a hard drive firmware implant that can prevent covert storage on disks from being detected. To do this, the implant prevents the system from disclosing the true amount of free space available on the disk.
“The idea would be to modify the firmware of a particular hard drive so that it normally only recognizes, say, half of its available space,” the document reads. “It would report this size back to the operating system and not provide any way to access the additional space.” Only one partition of the drive would be visible on the partition table, leaving the other partitions—where the hidden data was stored—invisible and inaccessible.
The modified firmware would have a special hook embedded in it that would unlock this hidden storage space only after a custom command was sent to the drive and the computer was rebooted. The hidden partition would then be available on the partition table and accessible until the secret storage was locked again with another custom command.
How exactly the spy agency planned to retrieve the hidden data was unclear from the eight-year-old document. Also unclear is whether the interns ever produced a firmware implant that accomplished what the NSA sought. But given that the document includes a note that interns would be expected to produce a solution for their project within six months after assignment, and considering the proven ingenuity of the NSA in other matters, they no doubt figured it out.

SSL-busting code that threatened Lenovo users found in a dozen more apps

The list of software known to use the same HTTPS-breaking technology recently found preinstalled on Lenovo laptops has risen dramatically with the discovery of at least 12 new titles, including one that's categorized as a malicious trojan by a major antivirus provider. Trojan.Nurjax, a malicious program Symantec discovered in December, hijacks the Web browsers of compromised computers and may download additional threats. According to a blog post published Friday by a security researcher from Facebook, Nurjax is one such example of newly found software that incorporates HTTPS-defeating code from an Israeli company called Komodia. Combined with the Superfish ad-injecting software preinstalled on some Lenovo computers and three additional applications that came to light shortly after that revelation, there are now 14 known apps that use Komodia technology.
"What all these applications have in common is that they make people less secure through their use of an easily obtained root CA [certificate authority], they provide little information about the risks of the technology, and in some cases they are difficult to remove," Matt Richard, a threats researcher on the Facebook security team, wrote in Friday's post. "Furthermore, it is likely that these intercepting SSL proxies won't keep up with the HTTPS features in browsers (e.g., certificate pinning and forward secrecy), meaning they could potentially expose private data to network attackers. Some of these deficiencies can be detected by antivirus products as malware or adware, though from our research, detection successes are sporadic."
Komodia, a company that brazenly calls one of its software development kits as an "SSL hijacker," is able to bypass secure sockets layer protections by modifying the network stack of computers that run its underlying code. Specifically, Komodia installs a self-signed root CA certificate that allows the library to intercept encrypted connections from any HTTPS-protected website on the Internet. This behavior is by no means unique to Komodia, Superfish, or the other programs that use the SSL-breaking certificates. Antivirus apps and other security-related wares often install similar root certificates. What sets Komodia apart from so many others is its reuse of the same digital certificate across many different computers.
Researchers have already documented that the password protecting most or all of the Komodia certificates is none other than "komodia". It took Errata Security CEO and whitehat hacker Rob Graham only three hours to crack this woefully weak password. From there, he used the underlying private key in the Komodia certificate to create fake HTTPS-enabled websites for Bank of America and Google that were fully trusted by Lenovo computers. Despite the seriousness of Graham's discovery and the ease other security researchers had in reproducing his results, Superfish CEO Adi Pinhas issued a statement on Friday saying Superfish software posed no security risk.
According to Facebook's Richard, more than a dozen software applications other than Superfish use Komodia code. Besides Trojan.Nurjax, the programs named included:
  • CartCrunch Israel LTD
  • WiredTools LTD
  • Say Media Group LTD
  • Over the Rainbow Tech
  • System Alerts
  • ArcadeGiant
  • Objectify Media Inc
  • Catalytix Web Services
  • OptimizerMonitor
A security researcher who goes by the Twitter handle @TheWack0lian said an additional piece of software known as SecureTeen also installed Komodia-enabled certificates. Over the weekend, the researcher also published findings documenting rootkit technology in Komodia code that allows it to remain hidden from key operating system functions.
Web searches for many of these titles uncover forum posts in which computer users complain that some of these applications are hard to remove once they're installed. Richard noted that he was unable to find documentation from any of the publishers explaining what effect Komodia software had on end-user PCs such as its ability to sniff passwords and other sensitive data from encrypted Web sessions.
Richard went on to publish the SHA1 cryptographic hashes he used to identify software that contained the Komodia code libraries. He invited fellow researchers to use the hashes to identify still more potentially dangerous software circulating online.
"We're publishing this analysis to raise awareness about the scope of local SSL MITM software so that the community can also help protect people and their computers," he wrote. "We think that shining the light on these practices will help the ecosystem better analyze and respond to similar situations as they occur."

Windows And Linux More Secure? Mac OS X And iOS Top List Of Most Vulnerable Operating Systems

Conventional wisdom in years past was that hackers didn’t bother to exploit Apple’s OS X operating system because its relatively insignificant market share didn’t warrant wasting resources to exploit it. The reasoning was, why bother with OS X when Windows was pushing over 90 percent of the worldwide OS market?
However, in recent years, Apple has seen an uptick in Mac sales and pretty much dominates the field when it comes to notebooks priced over $1,000. The higher sales profile for Macs running OS X also means more attention from nefarious parties that are ready to strike. The latest report from GFI shows that both of Apple’s major operating systems sat atop the leaderboard when it came to security vulnerabilities during 2014.
According to GFI, OS X took top honors with 147 vulnerabilities, 64 of which were labeled as “high risk”. iOS took the number two position with 127 vulnerabilities, 32 of which were high risk. Rounding out the top three was the Linux kernel, with 119 total vulnerabilities including 24 high risk.

(Source: GDI)
In total, there were 7,038 new security vulnerabilities reported during 2014 according to GDI, which was a marked increase from 4,794 the previous year. Of those 7,038 vulnerabilities, a total of 24 percent were high risk.
“2014 was a tough year for Linux users from a security point of view, coupled with the fact that some of the most important security issues of the year were reported for applications that usually run on Linux systems,” said GDI’s Christian Florian. “Heartbleed, for example, is a critical security vulnerability detected in OpenSSL while Shellshock is a vulnerability that affects GNU Bash.”
OS X Yosemite
We have some questions/reservations about GDI’s numbers, and it relates to how the operating system vulnerabilities are being reported (we’ve reached out to GDI for clarification). First off, it appears that all versions of OS X (Lion, Mountain Lion, Mavericks, Yosemite, etc.) are lumped together under a single “OS X” line entry. However, all major Windows versions (Windows 7, Windows 8, Windows 8.1, Windows Vista, etc.) are given their own separate line entries. It’s possible that this was done because there is a lot of duplication among Windows versions when it comes to vulnerabilities (the number of total, high, medium, and low vulnerabilities among all Windows operating systems is remarkably similar). Regardless, it would be nice to have seen similar metrics used for all operating systems.
On a second note, Android has always been a very popular target for hackers but it’s not specifically called out in this study. Android is likely being lumped in with all Linux kernel operating systems, but again, it would be nice to see some distinctions made here to make a more reasoned comparison between platforms.
When it comes to applications, Microsoft’s Internet Explorer led the list with 242 total vulnerabilities, nearly twice that of the next closest entry, Google Chrome, with 124 total vulnerabilities. The number of high risk vulnerabilities was also troubling for Microsoft, as 220 were reported versus Google Chrome’s 86.

(Source: GDI)
Adobe Flash Player, always a headline maker when it comes to security vulnerabilities, surprisingly came in “only” fourth place (76 total vulnerabilities) behind Mozilla Firefox (117 total vulnerabilities).
In light of all the hoopla surrounding Lenovo and the Superfish adware, we all should remain vigilant when it comes to computer security, regardless of what platform we use. GFI suggests common sense steps to protect yourself including keeping your operating system, Internet browsers, and Java software fully patched. GFI also wisely suggests that Internet users simply ditch Adobe products like Flash Player and Reader altogether to avoid becoming the victim of malicious hackers.

Apple wants to track iPhones – even when they’re turned off

Apple could soon be able to track phones even when they’re turned off.
The plan, for which Apple was awarded a patent at the end of January, would allow phones to go into a kind of zombie mode ­– apparently shut off, but actually tracking the phone’s movements.
But while the feature might sound like a way of Apple and other governments tracking your location, it will likely make the phones more secure.
Apple’s Find My iPhone service allows users to track phones if they’re lost or stolen, allowing them to be traced and found. But at the moment, thieves can simply turn the phones off, stopping the tracking feature.
Tracking features and other innovations such as kill switches have cut smartphone theft in half, and also allow phones to be recovered if they are stolen.
The patent shows plans to ask users to enter their security code when powering down the phone. If it isn’t entered correctly, the phone will go into a mode where it looks to have been turned off but is still running location services and connecting to the internet or sending information through text messages.

The phone could also conserve battery by turning back on at regular intervals, transmitting its location before shutting itself down again.
It also lays out other ways of keeping the camera secure. In the shut down state, users could activate the camera, it says – either to scan a QR code to unlock it, or to take photos of the person that has stolen it.
The patent was filed in April 2014 and granted on January 29.
Apple files many patents at all times of the year, many of which don’t come to fruition for some time or are never integrated into phones at all. But the plans often indicate what Apple is working on in its upcoming phones – and extra security feature have been rolled out with most recent major updates.