Tag Archives: Encryption

London attacker took steroids before deadly rampage, inquest told

Police officers and forensics investigators and police officers work on Westminster Bridge the morning after an attack by a man driving a car and weilding a knife left five people dead and dozens injured, in London, Britain, March 23, 2017.

LONDON (Reuters) – The man who mowed down pedestrians on London’s Westminster Bridge before killing a police officer outside Britain’s parliament last year had taken steroids beforehand, a London court heard on Monday.

Last March Khalid Masood, 52, killed four people on the bridge before, armed with two carving knives, he stabbed to death an unarmed police officer in the grounds of parliament. He was shot dead at the scene.

It was the first of five attacks on Britain last year which police blamed on terrorism.

A submission to a pre-inquest hearing into the fatalities at London’s Old Bailey Court said there was evidence that Masood had taken anabolic steroids in the hours or days before his death.

“A more specialist pharmaceutical toxicologist … has been instructed to prepare a report addressing how steroid use may have affected Khalid Masood,” the submission by the inquiry’s lawyer Jonathan Hough said.

The hearing also heard from Gareth Patterson, a lawyer representing relatives of four of the victims, who lambasted tech firms over their stance on encryption and failing to remove radicalizing material from websites.

Patterson said families wanted answers about how Masood, who was known to the UK security service MI5, was radicalized and why shortly before his attack, he was able to share an extremist document via WhatsApp.

He said victims’ relatives could not understand “why it is that radicalizing material continues to be freely available on the internet”.

“We do not understand why it’s necessary for WhatsApp, Telegram and these sort of media applications to have end-to-end encryption,” he told the hearing at London’s Old Bailey court.

Patterson told Reuters following the hearing that he was “fed up” of prosecuting terrorism cases which featured encryption and particularly the WhatsApp messaging service.

“How many times do we have to have this?” he said.

The British government has been pressurizing companies to do more to remove extremist content and rein in encryption which they say allows terrorists and criminals to communicate without being monitored by police and spies, while also making it hard for the authorities to track them down.

However, it has met quiet resistance from tech leaders like Facebook, Google and Twitter and critics say ending encryption will weaken security for legitimate actions and open a back door for government snooping.

Samantha Leek, the British government’s lawyer, said the issues over encryption and radicalization were a matter of public policy and too wide for an inquest to consider.

Police say Masood had planned and carried out his attack alone, despite claims of responsibility from Islamic State, although a report in December confirmed he was known to MI5 for associating with extremists, particularly between 2010 and 2012, but not considered a threat.

Coroner Mark Lucraft said the inquest, which will begin in September, would seek to answer “obvious and understandable questions” the families might have.

(Reporting by Michael Holden; editing by Guy Faulconbridge)

Trump administration to order agencies to adopt new email security standards

Jeanette Manfra, Acting Deputy Undersecretary for Cybersecurity at the DHS, testifies about Russian interference in U.S. elections to the Senate Intelligence Committee in Washington, U.S., June 21, 2017.

By Dustin Volz

WASHINGTON (Reuters) – The Trump administration on Monday will order federal agencies to adopt common email security standards in an effort to better protect against hackers, a senior Department of Homeland Security official said.

DHS Assistant Secretary for Cybersecurity Jeanette Manfra, speaking at an event in New York, said the agency would issue a binding directive to require implementation of two cyber security measures, known as DMARC and STARTTLS, intended to guard against email spoofing and phishing attacks.

The new requirements are “discrete steps that have scalable, broad impact” that will improve federal government cyber security, Manfra said.

DMARC, or domain-based message authentication, reporting and conformance, is a popular technical standard that helps detect and block email impersonation, such as when a hacker might try to pose as a government official or agency.

STARTTLS is a form of encryption technology that protects email traveling between servers, making it more difficult for a third-party to intercept.

 

(Reporting by Dustin Volz; Editing by Chizu Nomiyama and Bill Trott)

 

FBI paid more than $1.3 million to break into San Bernardino iPhone

Apple Logo

By Julia Edwards

WASHINGTON (Reuters) – Federal Bureau of Investigation Director James Comey said on Thursday the agency paid more to get into the iPhone of one of the San Bernardino shooters than he will make in the remaining seven years and four months he has in his job.

According to figures from the FBI and the U.S. Office of Management and Budget, Comey’s annual salary as of January 2015 was $183,300. Without a raise or bonus, Comey will make $1.34 million over the remainder of his job.

That suggests the FBI paid the largest ever publicized fee for a hacking job, easily surpassing the $1 million paid by U.S. information security company Zerodium to break into phones.

Speaking at the Aspen Security Forum in London, Comey was asked by a moderator how much the FBI paid for the software that eventually broke into the iPhone.

“A lot. More than I will make in the remainder of this job, which is seven years and four months for sure,” Comey said. “But it was, in my view, worth it.”

The Justice Department said in March it had unlocked the San Bernardino shooter’s iPhone with the help of an unidentified third party and dropped its case against Apple Inc <AAPL.O>, ending a high-stakes legal clash but leaving the broader fight over encryption unresolved.

Comey said the FBI will be able to use software used on the San Bernardino phone on other 5C iPhones running IOS 9 software.

There are about 16 million 5C iPhones in use in the United States, according to estimates from research firm IHS Technology. Eighty-four percent of iOS devices overall are running iOS 9 software, according to Apple.

The FBI gained access to the iPhone used by Rizwan Farook, one of the shooters who killed 14 people in San Bernardino, California on Dec. 2.

The case raised the debate over whether technology companies’ encryption technologies protect privacy or endanger the public by blocking law enforcement access to information.

(Reporting by Julia Edwards in Washington; additional reporting by Julia Love in San Francisco; Editing by Simon Cameron-Moore)

ISIS Using Encryption To Avoid FBI

FBI Director James Comey admitted to lawmakers that ISIS and other terrorist groups are using encryption methods as a way to avoid federal investigators.

“This is not your grandfather’s al Qaeda,” he told a Senate panel.

Comey said that ISIS has been effective in using social media outlets like Twitter where they have over 22,000 English-language followers.

“[It’s like a] devil in their pocket all day long that says ‘Kill, kill, kill,” Comey said.  “There is simply no doubt that bad people can communicate with impunity in a world of universal strong encryption.”

“We cannot break strong encryption,” Comey told lawmakers on the Senate Intelligence Committee. “I think people watch TV and think the bureau can do lots of things. We cannot break strong encryption.”

Comey cited as an example the case of Usaamah Rahim, the Boston man killed when he attacked FBI and Boston Police as they tried to question him.  The agents tracking him couldn’t see his exact plans because they went into an encrypted site.

The FBI calls that “going dark.”

“ISIL does something al-Qaida would never imagine: they test people by tasking them,” Comey told the senators. “Kill somebody and we’ll see if you are really a believer. And these people react in a way that is very difficult to predict. What you saw in Boston is what the experts say is flash-to-bang being very close. You had a guy who was in touch in an encrypted way with these ISIL recruiters and we believe was bent on doing something on July 4th. He woke up one morning, June 2nd, and decided he was going to go kill somebody.”