Posts

What an Overbroad Section 215 Order Looks Like

/30 Comments/in , , /by

Screen shot 2013-06-05 at 10.02.05 PMGlenn Greenwald has a tremendous scoop, for the first time I know of publishing a Section 215 warrant — in this case one asking for all US-based traffic metadata from Verizon Business Services from April until July.

Now, I think that this actually affects just a subset of all Verizon traffic: the business-focused traffic rather than Verizon Wireless or similar consumer products most people subscribe to (and if that’s so, the shitstorm that is about to break out will be all the more interesting given that rich businessmen will be concerned about their privacy for once).

Also, this does not ask for call content. It asks only for metadata, independent of any identifying data.

In other words, they’re using this not to wiretap the conversations of Occupy Wall Street activists but to do pattern analysis on the telecom traffic of (I think) larger businesses.

The request does, however, ask for location data (and Verizon does offer bundles that would include both cell and cloud computing). So maybe the FBI is analyzing where all Verizon’s business customers are meeting for lunch.

My extremely wildarsed guess is that this is part of hacking investigation, possibly even the alleged Iranian hacking of power companies in the US (those stories were first reported in early May).

I say that because cybersecurity is a big part of what Verizon Enterprise (as I believe they now go by) sells to its business customers; the infographic above, warning of data breaches when you least expect it (heh), is part of one they use to fear-monger its customers. Energy consumers are one of its target customer bases. And the case studies it describes involve several Smart Grid projects. Precisely the kind of thing the government is most freaked out about right now.

After all, aside from Medicare fraud, the government simply doesn’t investigate businesses, ever. Certainly not the kind of bankster businesses we’d like them to investigate. One of the few things they investigate business activities for is to see if they’ve been compromised. Moreover, the Section 215 order requires either a counterintelligence or a counterterrorist nexus, and the government has gone to great lengths to protect large businesses, like HSBC or Chiquita, that have materially supported terrorists.

Anyway, that’s all a wildarsed guess, as I said.

Ah well. If the government can use Section 215 orders to investigate all the Muslims in Aurora, CO who were buying haircare products in 2009, I’m sure big business won’t mind if the government collects evidence of their crimes in search of Iran or someone similar.

Update: Note, this order seems to show a really interesting organizational detail. This is clearly an FBI order (I’m not sure who, besides the FBI, uses Section 215 anyway). But the FISA Court orders Verizon to turn the data over to the NSC. This seems to suggest that FBI has NSA store and, presumably, do the data analysis, for at least their big telecom collections in investigations. That also means the FBI, which can operate domestically, is getting this for DOD, which has limits on domestic law enforcement.

Someone Hacked Our Memory: “Retaliation,” “Deterrence,” “Escalation”

/7 Comments/in /by

The WSJ has a story developing on earlier WSJ and NYT reporting that someone — believed to be Iran — was using cyberattacks on energy companies in preparation to sabotage operations.

And while the WSJ responsibly includes a short paragraph noting that the US “has previously launched its own cyberattacks” on Iran to sabotage its nuke program, none of the people they interview seem to remember that we struck Iran first and that this should be regarded as retaliation to our own provocation, not vice versa.

In response, U.S. officials warn that Iran is edging closer to provoking U.S. retaliation.

“This is representative of stepped-up cyber activity by the Iranian regime. The more they do this, the more our concerns grow,” a U.S. official said. “What they have done so far has certainly been noticed, and they should be cautious.”

[snip]

Underscoring the Obama administration’s growing concern, the White House held a high-level meeting late last month on how to handle the Iranian cybersecurity threat. No decisions were made at that meeting to take action, however, and officials will reconvene in coming weeks to reassess, a U.S. official said.

“It’s reached a really critical level,” said James Lewis, a cybersecurity specialist at the Center for Strategic and International Studies, who frequently advises the White House and Capitol Hill. “We don’t have much we can do in response, short of kinetic warfare.”

The Obama administration sees the energy-company infiltrations as a signal that Iran hasn’t responded to deterrence, a former official said.

In October, then-Defense Secretary Leon Panetta issued a veiled threat to Iran, which he did not name in his speech, by warning the Saudi Aramco hack represented a dangerous escalation in cyberwarfare. Since then, the Iranian attacks have only ramped up. [my emphasis]

One of the reasons we’re likely left with little to do in response short of “kinetic warfare,” of course, is we’ve already economically sabotaged Iran’s economy with sanctions, gutting the already fewer targets we might hit to strike back. (Also, the countries that have exemptions to trade with Iran for oil likely would frown on any attempt on our part to further devastate Iran’s energy sector.)

You’d think someone would have thought of this entirely predictable state of affairs before advising the most cyber-vulnerable nation on earth to pioneer the use of syberwar to sabotage key infrastructure, huh?