El Reg blows lid on NCA’s ‘colocation’ dream with IT security bods

17 Sep 2015 at 22:21, Alexander J Martin

Cloudsec The UK’s National Crime Agency – Blighty’s equivalent of the FBI – wants its staff to “colocate” with private-sector IT security companies around the world. In other words, investigators and infosec employees placed alongside each other to sniff out cyber-criminals.

This will apparently help the agency reach across jurisdictions, and bust underworld gangs around the planet. This is according to a keynote address delivered on Thursday at the Cloudsec event in London – a presentation the media was banned from attending.

Speaking at the conference, Oliver Gower, Head of Strategy, Partnerships, and Transformation for the NCA’s National Cyber Crime Unit (NCCU), said a globally scaled security threat required a globally scaled security response.

Such a response should emulate the cosy Five Eyes spy relationship between America, the UK, Australia, Canada and New Zealand, said Gower, in that agents and employees in friendly countries and businesses should work shoulder-to-shoulder to combat cyber-crime.

He is keen to get beneath the sheets with information security outfits amid this international tie-up – having already bagged memorandums of understanding with Trend Micro and Intel Security.

As well as lauding the trans-jurisdictional efforts of the Joint Cybercrime Action Taskforce and the European Cybercrime Task Force, Gower mentioned a model the NCA was especially keen to copy:

The US’s National Cyber-Forensics and Training Alliance (NCFTA), which is based in Pittsburgh, and “colocates” law enforcement agents with private sector security companies.

As the alliance states: “The NCFTA is a productive environment because we operate as one unit with our private and public sector partners. Our partners are located both on-site and off-site, and come from private industry, law enforcement, academia, and government.”

Noted in a single slide of Gower’s talk was the Five Eyes Law Enforcement Group. Known previously as the Strategic Alliance Group Principals’ Meeting, the shadowy organization was formed post-Snowden to “seek to reduce the international threat and impact of organised crime.”

Although its methodology is unclear, it is, we’re told, not a counter-terrorism intelligence partnership, though membership of the group is comprised of the anglophone Five Eyes nations.

Running a trans-jurisdictional effort to combat organized crime is more difficult than you’d imagine, Gower suggested. Police investigators struggle to accept their technical limitations, and need the help of talented information security types to keep up with progress.

Deconfliction between difference police forces is increasingly an issue for crime-busting coalitions, too. The possibility of undercover cyber-cops having their investigations blown by blue-on-blue bungling – an officer in one country interrupting and scuppering the work of another – is increasingly an issue.

Data glut

Gower also confessed that the NCA is struggling to deal with the volumes of data and intelligence it receives. The agency increasingly gets its information and evidence from “seized media” – confiscated memory cards, server hard drives, and so on, we assume.

Now these piles of data are mounting up and straining resources – putting pressure particularly on officers investigating pedophiles handling child-abuse images.

As a result of these “resource challenges,” house visits by officers are not always possible. Some miscreants – such as those launching denial-of-service attacks against websites – simply receive warning emails. These missives are shared in cybercrime forums, usually accompanied with the usual prison-rape jokes, much to the delight of the agency: it means the miscreants are spreading the cops’ message for them.

The NCA is also keeping a close eye on mobile malware and Tinba – or the Tiny Banker Trojan. Ranging from a mere 20KB to 100KB in size, the bank-account-raiding software nasty surfaced in 2012.

Interestingly, he also asked: “Can government take action to systematically remove malware from everybody’s computers without them knowing it?”

“Probably not,” came his firmly comforting reply.

The Register was told by the Cloudsec organisers that the agency wouldn’t allow journalists in its session. Which is odd given that the keynote slides were widely photographed and tweeted by attendees without issue. Of course, this vulture pulled up a pew anyway and watched on. ®

Back To The Future: Canada’s Future From The Past=> The Five Eyes

Posted on September 19, 2015 by CanucksBanter

The United Kingdom – United States of America Agreement (UKUSA, /juːkuːˈsɑː/ ew-koo-SAH)^[1]^[2] is a multilateral agreement for cooperation in signals intelligence between the United Kingdom, the United States, Canada, Australia, and New Zealand. The alliance of intelligence operations is also known as Five Eyes.^[3]^[4]^[5]^[6]^[7] In classification markings this is abbreviated as FVEY, with the individual countries being abbreviated as GBR, USA, CAN, AUS, and NZL respectively.^[8]

Emerging from an informal agreement related to the 1941 Atlantic Charter, the secret treaty was renewed with the passage of the 1943 BRUSA Agreement, before being officially enacted on 5 March 1946 by the United Kingdom and the United States. In the following years, it was extended to encompass Canada, Australia and New Zealand. Other countries, known as “third parties”, such as West Germany, the Philippines and several Nordic countries also joined the UKUSA community.^[9]^[10]

Much of the sharing of information is performed via the ultra-sensitive STONEGHOST network, which has been claimed to contain “some of the Western world’s most closely guarded secrets”.^[11] Besides laying down rules for intelligence sharing, the agreement formalized and cemented the “Special Relationship” between the UK and the USA.^[12]^[13]

Due to its status as a secret treaty, its existence was not known to the Prime Minister of Australia until 1973,^[14] and it was not disclosed to the public until 2005.^[13] On 25 June 2010, for the first time in history, the full text of the agreement was publicly released by Britain and the United States, and can now be viewed online.^[9]^[15] Shortly after its release, the seven-page UKUSA Agreement was recognized by Time magazine as one of the Cold War‘s most important documents, with immense historical significance.^[13]

Currently, the global surveillance disclosure by Edward Snowden has shown that the intelligence-sharing activities between the First World allies of the Cold War are rapidly shifting into the digital realm of the Internet.^[16]^[17]^[18

The Five Eyes are cooperating with various 3rd Party countries in at least two groups:

The “Nine Eyes”, consisting of the Five Eyes plus Denmark, France, the Netherlands and Norway.
The “Fourteen Eyes”, consisting of the same countries as the Nine Eyes plus Germany, Belgium, Italy, Spain and Sweden.^[44] The actual name of this group is SIGINT Seniors Europe (SSEUR) and its purpose is coordinating the exchange of military signals intelligence among its members.^[45]

In 2013, Canadian federal judge Richard Mosley strongly rebuked the Canadian Security Intelligence Service (CSIS) for outsourcing its surveillance of Canadians to overseas partner agencies. A 51-page ruling says that the CSIS and other Canadian federal agencies are illegally enlisting U.S. and British allies in global surveillance dragnets, while keeping domestic federal courts in the dark.^[56]^[57]^[58]

NSA’s relationship with Canada’s CSEC

NSA document on a joint espionage operation with Canada’s CSEC agency during the G8 and G20 summits in Toronto in 2010

Resources squandered on UK war machine could save 100s of millions from starvation

Posted on July 12, 2015 by CanucksBanter

Daniel Jakopovich 11 July 2015. Posted in http://stopwar.org.uk/

Look at what could be done with the £37 billion Britain spends annually on its military and foreign wars.

The UK government has committed itself to a 2 per cent of GDP military spending target for the next five years on the basis of demands for more foreign military interventions.

In each of the last 100 years Britain has been involved in military conflict somewhere on Earth. It is a habitual invader of other countries. Intense Anglo-American imperialist violence has played a key role in creating the current vicious and expanding cycle of conflict in the Middle East, North Africa and other parts of the Third World.

The wars in Afghanistan, Iraq, Libya and elsewhere have been a colossal waste of resources and of lives. A million people (as well as millions of animals) have been killed in the Second Iraq War and, according to a recent study, as many as 2 million people may have died as a result of the global terroristic “war on terror”.

Apart from continuing to cause extreme and mass suffering, these conflicts create immense bitterness against the West, Britain and the US in particular. More than a decade of savage war has shown that violence only breeds more violence and that hatred and bombing cannot bring peace. More interventions will only add fuel to this inferno of hatred and inhumanity.

War constitutes the sunset of civilisation. It should be obvious that money should instead be used to generously invest in re-building these wretched, war-stricken countries, to invest in education and human development, and to build bridges instead of creating more enemies for the West.

Britain’s military spending is already much higher than that of other European countries. Furthermore, the political elite is planning to squander £100 billion of public money on the new generation of Trident nuclear weapons. Military spending increased by 19 per cent in real terms between 1998 and 2008. More than 37 billion pounds are spent each year on the military and on foreign wars (the full figure is much higher and includes the increasing budget given to the security services, the cost of healthcare for veterans, etc.).

A recent report stated that the global cost of war last year alone was US$14 trillion. By comparison, the Food and Agriculture Organization of the UN claims that $30 billion a year would be sufficient to eradicate world hunger, which affects hundreds of millions of people. Professor Jean Ziegler (the UN’s former Special Rapporteur on the Right to Food) stated that around 36 million people are dying as a result of hunger and malnutrition every year. According to these figures, around half of the UK annual military budget would be sufficient to save the lives of tens of millions of starving people each year. The resources squandered on the UK military budget could therefore save the lives of hundreds of millions of people in the space of a single decade. We are living under an evil, grotesquely anti-human system.

Increased military spending is particularly wrong at a time when the Conservative government is implementing severe cuts in the budgets for healthcare, education and welfare. These are core public services which are essential for creating and sustaining civilised public life.

Instead of enriching private military corporations and the rest of the military establishment, resources should be channelled towards improving the education system, building a greener economy, housing the homeless, feeding the poor, and providing the best possible medical care for Britain’s population. Hundreds of thousands of people are facing homelessness in Britain, each year tens of thousands of people die of hypothermia because they cannot afford heating, thousands of people are facing long delays for cancer treatment and thousands of poor children are left to suffer and die each year due to a lack of funds for potentially life-saving cancer treatment. Real existential threats which affect a large segment of the British population are being callously disregarded while the causes and the extent of the terrorist threat are being intentionally misrepresented. One report found that more US citizens die each year due to being crushed by their own furniture than have died as a result of Islamist terrorism since 9/11. Besides, it is the brutal and cynical Anglo-American policy of permanent war and imperialist control which is fomenting extremism and violence. True human security is being sacrificed at the altar of the militarist Moloch. What are we actually defending when we’re shutting down hospitals and fire stations?

The peace movement needs to continually reveal the links between the British establishment’s commitment to perpetual war abroad and permanent structural violence at home. As Tony Benn wrote in 2005: “The Stop the War movement might even be regarded as a Start the Peace movement dedicated to challenging the capitalist concept of globalisation involving exploitation and bloodshed by offering a perspective of internationalism, cooperation and solidarity”.

Militarism and neoliberal austerity are inextricably linked, which is why the anti-war and anti-austerity movements have to work closely together. It is not possible to truly challenge either without challenging both at the same time. Stop the War Coalition is committed to maintaining its vital role in this united struggle for peace and social justice.

Daniel Jakopovich is a writer and a national organiser of the Stop the War Coalition.

Things you can do:

• Petition in your workplace/college against the increase in the military budget
• Join Stop the War
• Get involved in your local Stop the War group or set one up
•Get your trade union branch/trades council/community group to affiliate to Stop the War

Source: Stop the War Coalition

Majority of zero hours contracts favour employers

Posted on August 5, 2013 by CanucksBanter

05 Aug 2013 https://www.unison.org.uk

Commenting on research from the CIPD that there could be one million workers on zero hours contracts, Dave Prentis, General Secretary of UNISON, said:

“The vast majority of workers are only on these contracts because they have no choice. They may give flexibility to a few, but the balance of power favours the employers and makes it hard for workers to complain.

“Not knowing from week to week what money you have coming in to buy food and pay your bills is extremely nerve-wracking. Having your working hours varied at short notice is also stressful and it makes planning, childcare arrangements and budgeting hard.

“The growing number of zero hours contracts also calls into question Government unemployment figures. It is clear that many people working on these contracts are not included as unemployed even if they have no work at all – at the very least we have hundreds of thousands who are under-employed. In turn, this plays havoc with the benefit and tax credit system.

“UNISON would like to see the use of these contracts banned – at the very least the Government needs an official investigation to confirm the true scale of the problem.”

A recent FOI by UNISON showed that 97% of councils use homecare contracts that don’t guarantee care providers any work from one week to the next. This uncertainty is passed on to already low paid care workers in the form of zero hours contracts. The union is highly critical of the rise in the use of such contracts because they are leading to worse services for the elderly and some of the most vulnerable people in our society.

Majority of zero hours contracts favour employers New Figures Reveal

Posted on August 5, 2013 by CanucksBanter

BACKROUND:

A zero-hour contract is a contract of employment used in the United Kingdom which while meeting the terms of the Employment Rights Act 1996 by providing a written statement of the terms and conditions of employment contains provisions which create an ‘on call’ arrangement between employer and employee. It does not oblige the employer to provide work for the employee, or for the employee to accept the work offered.^[1] The employee agrees to be available for work as and when required, so that no particular number of hours or times of work are specified.^[2] The employee is expected to be on-call and receives compensation only for hours worked.

In the United Kingdom, under the National Minimum Wage Act 1998, workers operating under a zero-hour contract on stand-by time, on-call time, and downtime must be paid the national minimum wage for hours worked. Prior to the introduction of the Working Time Regulations 1998 and the National Minimum Wage Regulations 1999, the flexibility provided by zero-hour contracts was often used to “clock-off” staff during quiet periods while retaining them on site so they could be returned to paid work should the need arise. National Minimum Wage Regulations now require that employers pay the national minimum wage for the time workers are required to be at the workplace even if there is no “work” to do.^[8]^[9] Despite being guaranteed no hours of work employees subject to a zero-hour contract may be required to obtain permission of their employer before accepting other work.

http://en.wikipedia.org

_____________________________________________________________

05 Aug 2013 https://www.unison.org.uk

More than 1 million British workers could be employed on zero-hours contracts, new figures released on Monday reveal, suggesting that British business is deploying the controversial employment terms far more widely than previously thought.

The figure – derived from a poll of more than 1,000 employers conducted by the Chartered Institute of Personnel and Development (CIPD) – prompted renewed calls for the government to launch a full inquiry into the use of the contracts, after a week in which a string of organisations – from retail chains to Buckingham Palace – have faced criticism for hiring staff but offering no guarantee of work and pay each week. Employees on zero-hours contracts often get no holiday or sick pay and have to ask permission before seeking additional work elsewhere.

The CIPD found that 38% of zero-hours contract workers describe themselves as employed full-time, typically working 30 hours or more a week. One third of voluntary sector employers use the contracts, and one in four public sector organisations.

The latest numbers also call into question the accuracy of official data on the topic. Last week, the Office for National Statistics increased its estimate of the number of UK zero-hours workers by 25%, to around 250,000.

Peter Cheese, the chief executive of the CIPD, said: “Our research suggests they [zero-hours contracts] are being used more commonly than the ONS figures would imply.

“There does need to be a closer look at what is meant by a zero-hours contract, the different forms that they take, and clearer guidance on what good and bad practice in their use looks like. And this needs to consider both the advantages and disadvantages in practice for businesses and employees.”

Last week, retailer Sports Direct became the focus of controversy on zero-hours when it emerged that the company employs around 20,000 of its 23,000 staff on the contracts. The retailer’s use of the contracts was followed by details of a string of other companies using the deals, including cinema chain Cineworld and Buckingham Palace, which uses them for its 350 summer workers. Pub group JD Wetherspoon has 24,000 of its staff – 80% of its workforce – on the terms.

The business secretary, Vince Cable, is conducting a review of zero-hours, although Labour has criticised it as being “totally inadequate” and not comparable to a formal inquiry.

Vidhya Alakeson, deputy chief executive of thinktank the Resolution Foundation, added: “If it’s true that there are in the region of 1 million people on zero-hours contracts, then that would be a substantial portion of the workforce – this could no longer be dismissed as an issue affecting only a tiny minority.

“The new estimate underlines the urgent need for a deep and thorough review of zero-hours by the government, which takes into account not only the scale of the problem but the effect these contracts have on workers’ employment rights, earning capacity and personal well-being.”

Unions and poverty campaign groups have accused employers of pressuring staff into signing the contracts as a way to evade their responsibilities and cut staff benefits.

Dave Prentis, general secretary of the trade union Unison, said: “The vast majority of workers are only on these contracts because they have no choice. They may give flexibility to a few, but the balance of power favours the employers and makes it hard for workers to complain.”

Workers on zero-hours contracts are often only told how many hours they will work when weekly or monthly rotas are worked out, but are expected to be on call for extra work at short notice. They should be entitled to holiday pay in line with the number of hours they work, but do not qualify for sick pay.

The National Trust, which employs many of its seasonal workers on zero-hours contracts, said it offered the same pay and benefits to those workers, pro rata, as full-time staff, but needed some workers to be on a more flexible arrangement.

“We believe zero-hours contracts are essential in our organisation, as we are very weather-dependent,” a spokeswoman said. “Our properties have told us it’s important to be able to reorganise staff rotas quickly to respond to the weather and zero-hours contracts allow us to that this.”

Labour’s Shadow Business Secretary, Chuka Umunna, said the contracts should be the exception to the rule.

“While some employees welcome the flexibility of such contracts, for many zero-hours contracts leave them insecure, unsure of when work will come, and undermining family life,” he said.

“The ‘review’ the business secretary has established is clearly inadequate given the seriousness of this issue and the mounting evidence of abuse. Nothing less than a proper consultation with a formal call for evidence will do.”

Several observers have argued that the flexibility of zero-hours contracts may have allowed the UK to avoid higher levels of unemployment during the economic downturn, while the CIPD research suggests that only 16% of those on zero-hours contracts report that their employer frequently fails to provide them with sufficient hours each week.

The institute’s figures also suggest that 17% of employers in the private sector made use of zero-hours contracts, considerably lower than the 34% of organisations in the voluntary sector and 24% in the public sector.

Industries where employers were most likely to report at least one person on a zero-hours contract were hotels, catering and leisure (48%), education (35%) and healthcare (27%).

Andrew Phillip Chernoff

The Outer Limits To The Inner Depths

Tag Archives: united kingdom

Britain’s FBI wants ‘Five Eyes’ cosy hookups with infosec outfits