1 00:00:00,520 --> 00:00:06,760 As well as mass surveillance there is also what you call active surveillance or simply hacking tools 2 00:00:06,760 --> 00:00:13,540 can be installed using the same type of malicious malware and spyware used by Sonna criminals onto machine 3 00:00:13,600 --> 00:00:14,500 or phone. 4 00:00:14,650 --> 00:00:20,860 If your target tools for passive and active surveillance are sold by security companies to governments 5 00:00:21,340 --> 00:00:26,660 if the governments don't develop themselves or even if they do if they want to buy extra tools. 6 00:00:26,800 --> 00:00:29,970 There is a large and very active mark in such tools. 7 00:00:30,130 --> 00:00:35,830 And when the hacking team group was hacked themselves it was revealed that they were doing that. 8 00:00:35,860 --> 00:00:41,850 Let me introduce you to the catalog to give you an idea the sort of tools that governments and any well-resourced 9 00:00:42,160 --> 00:00:45,080 threat agent have available to them. 10 00:00:45,100 --> 00:00:47,790 The catalog is a leaked document. 11 00:00:47,800 --> 00:00:54,070 The NSA is hacking and spying tool set circa around 2008. 12 00:00:54,070 --> 00:01:01,710 So first let's discuss a passive RF retro ultra high frequency reflector. 13 00:01:02,050 --> 00:01:04,220 If we go down here I can show you some 14 00:01:08,210 --> 00:01:09,480 and there we are. 15 00:01:09,710 --> 00:01:17,090 These can be extremely small electronic devices that need only micro amps of power or in some cases 16 00:01:17,090 --> 00:01:18,750 need no power at all. 17 00:01:18,800 --> 00:01:21,310 Meaning that they can remain active for years. 18 00:01:21,350 --> 00:01:26,550 They don't radiate any RF energy so sweeping light you see in the movies doesn't work. 19 00:01:26,690 --> 00:01:31,550 They can also be made with commercially off the shelf electronics making them on traceable. 20 00:01:31,550 --> 00:01:37,310 One such example is code named loud Auto which is basically an audio listening book. 21 00:01:37,790 --> 00:01:46,160 And we can see here audio based RF retro reflector provides room or audio from targeted space using 22 00:01:46,160 --> 00:01:49,460 radar basic post-processing. 23 00:01:49,460 --> 00:01:54,830 So what that means is in order to listen to this device a person needs to be at a distance somewhere 24 00:01:55,310 --> 00:02:01,910 and then send a focus be of radio frequency energy targeted at that retro reflector. 25 00:02:01,910 --> 00:02:04,240 They are then able to listen to the rooms or radio. 26 00:02:04,340 --> 00:02:08,230 The device is only active when it reradiate back to the sender. 27 00:02:08,330 --> 00:02:14,270 Otherwise it's totally passive radiation no RF so undetectable and uses virtually no power. 28 00:02:14,300 --> 00:02:17,960 These retroflex can be used for all sorts of interesting things. 29 00:02:17,960 --> 00:02:19,080 Let me show you something else 30 00:02:22,560 --> 00:02:24,470 if you look here under keyboard's 31 00:02:29,440 --> 00:02:39,310 data RF retro reflector provides return modulated with Target data keyboard low data rate digital device 32 00:02:39,810 --> 00:02:43,080 when illuminated with radar. 33 00:02:43,110 --> 00:02:50,340 So this is installed in a keyboard an observer pointing one of those Focus beams of radio frequency 34 00:02:50,340 --> 00:02:56,250 energy targeted that the reflector will be able to record all the keystrokes on the keyboard. 35 00:02:56,310 --> 00:03:05,030 Again passive radiation there are so undetectible and uses virtually no power and there's also rangemaster 36 00:03:11,570 --> 00:03:19,550 RF retroflex that provides an enhanced radar cross-section for vagrant collection is concealed in a 37 00:03:19,550 --> 00:03:21,850 standard computer video graphics array. 38 00:03:21,920 --> 00:03:30,470 BGA cable you can see there between the video card and video monitor is typically installed in the ferrite 39 00:03:31,010 --> 00:03:38,240 on the video cable so they can watch what you're doing on your monitor again I see how tiny this thing 40 00:03:38,240 --> 00:03:39,090 is. 41 00:03:39,140 --> 00:03:44,560 Passive radiation no RF so undetectible and uses virtually no power. 42 00:03:44,750 --> 00:03:51,350 Obviously these things need to be installed and this process is called interdiction which means the 43 00:03:51,350 --> 00:03:55,670 devices are placed in physical before you get them or after. 44 00:03:55,950 --> 00:04:03,160 But even if you're not a target of specific interdiction you are a target of general interdiction. 45 00:04:03,170 --> 00:04:09,720 So for example there is Jepp plow which is here 46 00:04:13,370 --> 00:04:21,740 hire is a firm where persistent implant for Cisco PIX series NASA firewall's persist the anti banana 47 00:04:21,790 --> 00:04:23,630 GLI software plan. 48 00:04:23,640 --> 00:04:31,330 JetBlue also has a persistent back door capability D.A. by the way is a contractor to the NSA that provides 49 00:04:31,330 --> 00:04:32,640 all the hacking tools. 50 00:04:32,780 --> 00:04:36,540 If you're not aware firmware is a physical chip on the device. 51 00:04:36,560 --> 00:04:41,480 So in this case is a physical chip on this router or firewall firmware. 52 00:04:41,490 --> 00:04:46,290 Persistence means it will survive a re-install of the operating system. 53 00:04:46,370 --> 00:04:49,360 It can be considered a firmware rootkit. 54 00:04:49,370 --> 00:04:55,790 So what this is showing is here is documented evidence that Cisco and Juniper devices which are really 55 00:04:55,790 --> 00:05:02,050 the backbone of the Internet that we use are compromised and will be used for surveillance. 56 00:05:02,060 --> 00:05:08,990 If you're wondering about the strange code names to assign to a project randomly like Biji then a human 57 00:05:08,990 --> 00:05:13,160 creates a name so you end up with banal and Gilleo or something strange like that. 58 00:05:13,280 --> 00:05:16,780 But strange names like that do help people remember them. 59 00:05:16,910 --> 00:05:19,420 Let's have a look at some of the other interesting ones. 60 00:05:24,770 --> 00:05:26,480 Here we have nightstand. 61 00:05:28,650 --> 00:05:33,760 An active eighty two point eleven wireless exploitation injection tool. 62 00:05:33,870 --> 00:05:41,080 That's why fine payload exploit delivery into otherwise denied target space. 63 00:05:41,140 --> 00:05:46,990 Nightstand is typically used in operations where wired access to the target is not possible. 64 00:05:47,040 --> 00:05:53,460 So that's basically a wife by cracka and interestingly leaked e-mails of Expo's plans by hacking team 65 00:05:53,500 --> 00:06:00,780 and a Boeing subsidiary to deliver spyware via drones for sale to government agencies which would essentially 66 00:06:00,780 --> 00:06:04,410 be this device on a drone. 67 00:06:04,800 --> 00:06:10,320 So there are ways to counter this though which will go through as part of a cause. 68 00:06:10,320 --> 00:06:13,170 Another interesting one is irate Monck 69 00:06:19,220 --> 00:06:26,340 irate provides software application persistence on desktop and laptop computers by implanting the hard 70 00:06:26,340 --> 00:06:33,870 drive firmware to gain execution through Master Boot Record substitution. 71 00:06:33,870 --> 00:06:36,360 Again that means total persistence. 72 00:06:36,540 --> 00:06:43,720 So if they get access to or if this is installed on your machine then formatting the hard drive reinstalling 73 00:06:43,770 --> 00:06:45,300 the operating system. 74 00:06:45,330 --> 00:06:46,500 None of that is going to help. 75 00:06:46,500 --> 00:06:47,710 None of it is going to shift. 76 00:06:47,700 --> 00:06:50,950 It can be virtually impossible to detect. 77 00:06:51,030 --> 00:06:56,140 The only thing that would work in this case would be to actually throw the hard disk away. 78 00:06:56,640 --> 00:07:03,930 But obviously if they have tools like this that are implants in the firmware of the motherboard then 79 00:07:04,170 --> 00:07:10,380 you have to throw your entire computer away to get rid of this type of malware. 80 00:07:10,380 --> 00:07:14,160 Another interesting one is monkey calendar 81 00:07:20,670 --> 00:07:30,400 which is here and this is actually a SIM card so you may not be aware that SIM card issue commands to 82 00:07:30,400 --> 00:07:31,450 the handset. 83 00:07:31,620 --> 00:07:38,580 So this is a SIM card that issues commands to your handset and then sends out as M-S messages informing 84 00:07:38,670 --> 00:07:43,920 what you're doing in your location and whatever else or the information that they desire. 85 00:07:44,160 --> 00:07:52,870 And the last one that I'm going to show you that's interesting is Candygram mic GSM cell tower of a 86 00:07:52,920 --> 00:08:00,320 target network capable of operations 900 1800 or 1000 megahertz. 87 00:08:00,490 --> 00:08:06,070 Whenever a target handset enters the Candygram base stations area of influence the system sends out 88 00:08:06,070 --> 00:08:10,970 an S M S through the external network to ready to watch films. 89 00:08:11,260 --> 00:08:13,000 So this is a fake base station. 90 00:08:13,000 --> 00:08:20,480 They will set up as Vodafone and then monitor and track you and hack you through it. 91 00:08:23,400 --> 00:08:27,280 And these are from circa 2008 2009. 92 00:08:27,450 --> 00:08:34,950 Imagine what they might have now if your government is an active threat to you or anyone of sufficient 93 00:08:34,950 --> 00:08:40,950 means motive and opportunity then I hope you can see that if you are a target. 94 00:08:40,950 --> 00:08:46,510 The only way to be anonymous online is to be anonymous offline as well. 95 00:08:46,590 --> 00:08:51,010 And we'll talk more about this later as we go through the course. 96 00:08:51,300 --> 00:08:59,620 You can see that there are also hobbyists who are recreating these tools based on what they've seen. 97 00:08:59,640 --> 00:09:06,640 And we're also working on similar tools so you can see here is a wife by hacker. 98 00:09:06,690 --> 00:09:15,300 You have retro reflectors active radio injection hardware implants passive radio interception. 99 00:09:15,450 --> 00:09:21,900 So there's no reason why a highly resourced criminal organization and hacking groups won't be utilized 100 00:09:21,900 --> 00:09:28,090 in search tools going forward for further information on NSA M-14 I spying. 101 00:09:28,140 --> 00:09:35,640 Check out the video through a prism darkly for general information on CIA hacking tools. 102 00:09:35,690 --> 00:09:44,190 Look at WikiLeaks vault seven and eight and generally look at WikiLeaks for government spying type information. 103 00:09:44,300 --> 00:09:51,140 The Intercept is also a good place for scoops from time to time on information about what's going on 104 00:09:51,200 --> 00:09:53,000 in terms of government spying. 105 00:09:53,030 --> 00:09:58,590 No to use good judgment with all these resources I'm pointing to to evaluate what you read. 106 00:09:58,610 --> 00:10:03,400 Some will be true some speculative and some are just inaccurate. 107 00:10:03,760 --> 00:10:10,340 And to conclude there's no secret at all that well-resourced governments are spying and hacking on everybody 108 00:10:10,340 --> 00:10:11,750 to gather intel. 109 00:10:11,750 --> 00:10:17,120 There have been leaks about the likes of the U.S. and the U.K. but countries like Russia we haven't 110 00:10:17,120 --> 00:10:18,970 seen many leaks yet. 111 00:10:19,040 --> 00:10:25,820 Well they are engaging in serious cyber warfare against their adversaries the U.S. the U.K. the Ukraine 112 00:10:25,820 --> 00:10:31,700 and messing around the elections our governments are in a cyber war that seems to be getting more and 113 00:10:31,700 --> 00:10:35,270 more heated and as citizens are in the middle of it.