The Swedish Kings of Cyberwar

President Barack Obama with then Swedish Foreign Minister Carl Bildt at Stockholm Arlanda Airport, September 2013. At a joint press conference with then Swedish Prime Minister Fredrik Reinfeldt the same day, Obama discussed surveillance by the NSA.
Pete Souza/White House

President Barack Obama with then Swedish Foreign Minister Carl Bildt at Stockholm Arlanda Airport, September 2013. At a joint press conference with then Swedish Prime Minister Fredrik Reinfeldt the same day, Obama discussed surveillance by the NSA.

On April 24, 2013, just weeks before Edward Snowden went public with his leaks about mass surveillance by the National Security Agency, General Keith B. Alexander, then the head of the NSA, welcomed a group of Swedish intelligence officials to a secret three-day meeting at NSA headquarters in Fort Meade, Maryland. In the delegation were Ingvar Åkesson, the longtime director of Sweden’s National Defense Radio Establishment (known as the FRA, for Försvarets radioanstalt), a shadowy Swedish government intelligence agency, and five members of Åkesson’s senior staff. One of the aims of the meeting was to discuss Sweden’s growing importance to the NSA.

In a 2008 law, the FRA had been given expansive powers by the Swedish government to vacuum up all communications traveling over fiber optic networks into and out of Sweden—including e-mails, text messages, and telephone calls. This was of great interest to the NSA, not least because a large percentage of Russian communications traveled through Sweden. In 2011, the Swedes began sharing their surveillance data with the NSA, which included—as NSA officials described it at the time of the meeting—a “unique collection [of communications data] on high-priority Russian targets such as leadership, internal politics, and energy.”

Noting the Swedish spy agency’s unusual technical abilities and reputation for secrecy, NSA officials also viewed it as an ideal collaborator on its hacking and cyberwarfare project, called Quantum. One of the Quantum programs was an ambitious operation called WINTERLIGHT, which aimed at secretly hacking into high-value foreign computers and computer networks to obtain not only communications data but also any information stored on the hard drives or servers in question. Possible targets might be the administrators of foreign computer networks, government ministries, oil, defense, and other major corporations, as well as suspected terrorist groups or other designated individuals. Similar Quantum operations have targeted OPEC headquarters in Vienna, as well as Belgacom, a Belgian telecom company whose clients include the European Commission and the European Parliament.

According to NSA documents, WINTERLIGHT was using a complex attack strategy to secretly implant a malware program on the targeted computer or network. The NSA’s malware would then divert any signals between those computers and the Internet through “rogue” high-speed surveillance servers, called “FoxAcid” servers, allowing the NSA to access in stealth almost any of the user’s personal data—and even to tamper with data traveling from one user to another. The implications for both spying and offensive cyber operations were far-reaching. Wired has described how the attack on the Belgian telecom was able to

[map] out the digital footprints of chosen workers, identifying the IP [internet protocol] addresses of work and personal computers as well as Skype, Gmail and social networking accounts such as Facebook and LinkedIn. Then they set up rogue pages, hosted on FoxAcid servers, to impersonate, for example, an employee’s legitimate LinkedIn profile page.

Significantly, while WINTERLIGHT was a joint effort between the NSA, the Swedish FRA, and the British GCHQ, the hacking attacks on computers and computer networks seem to have been initiated by the Swedes. The FRA was setting up the implants on targeted computers—known in NSA parlance as “tipping”—to redirect their signals to the surveillance servers, thus allowing the GCHQ and the NSA to access their data, in what are called “shots.” At the time of the April 2013 meeting, the NSA reported that “last month, we received a message from our Swedish partner that GCHQ received FRAQUANTUM tips that led to 100 shots.”

Since the extraordinary revelations that the Russian government sought to influence the 2016 US presidential election with information hacked from the computers of the Democratic National Committee and top Democratic officials, cybersecurity has become an urgent national priority. As US officials point out, the DNC hacking is only the latest in an accelerating series of Russia-linked cyberattacks aimed at political and other institutions in the West, including the Estonian government and media in 2007, the German Bundestag in 2015, Ukraine’s power grid in 2015, and the Swedish media in March 2016. Far less noted, however, has been the extent to which the US itself has coordinated with Sweden and other allies to develop hacking and surveillance tools that are far more advanced than the e-mail “phishing” strategies used in the recent Russian attacks. A major target of this technology is Russia itself.

NSA officials describe their Swedish counterparts as “extremely competent, technically innovative, and trusted,” and praised them for being “proficient in collecting a wide variety of communications.” Notably, the Swedish FRA had been given access to the NSA’s most powerful analytic tool, called XKeyscore, which, according to NSA documents, enables the retrieval from mass surveillance data of “nearly everything a user does on the Internet.”

The NSA further noted in its April 2013 report that the FRA “continues to gain access to more data from additional telecommunications companies” and that new Swedish legislation had also given the FRA expanded counterterrorism powers. According to the American agency, the broad leeway given to the FRA had made Sweden a more reliable surveillance ally than Great Britain. One document about the NSA’s WINTERLIGHT program reports that “continued GCHQ involvement may be in jeopardy due to British legal/policy restrictions, and in fact NSA’s goal all along has been…a bilat[eral arrangement] with the Swedish partner.”

Source:  http://www.nybooks.com/articles/2017/01/19/the-swedish-kings-of-cyberwar/

About Ove Svidén

Ove Svidén was born on March 10, 1937 at 12:15 in Stockholm, Sweden. M.Sc., 1960, Aircraft Engineering, KTH, Royal Inst. of Technology, Stockholm. B.A., 1980, Psychology, Education, Politics at Linköping University. Received a Ph.D. 1989, on Scenarios, Dept. Management and Economics, Linköping University. Futures Research 1988-91, Systems Engineering and Consensus Formation Office at Drive Project, DGXIII, Brussels. CEO at ARISEeeig on Road Transport Informatics, 1992-99, Brussels. President, World Peace Foundation from 2001-, Stockholm (www.peace.se).
This entry was posted in Communicaton, Economy, Education, Politics. Bookmark the permalink.

2 Responses to The Swedish Kings of Cyberwar

  1. Ove Svidén says:

    Trump vs. the CIA

    Paul Craig Roberts

    When I read Trump’s defenders, such as Daniel Lazare, having to balance their defense with denunciations of Trump, I think the CIA’s propaganda is working. In his article, Lazare asks the rhetorical question, “Is a military coup in the works?” He then goes on to describe the CIA and presstitute coup against Trump unfolding before our eyes. https://consortiumnews.com/2017/01/14/the-scheme-to-take-down-trump/

    Having described the unprecedented frame-up of the president-elect of the United States by the CIA and the Western media, Lazare has to square himself with those doing the frame-up:
    “This is not to say that the so-called President-elect’s legitimacy is not open to question. . . . Trump is a rightwing blowhard whose absurd babblings about Saudi Arabia, Iran and Yemen reveal a man who is dangerously ignorant about how the world works.”

    Note that Lazare goes beyond the CIA and the presstitutes by elevating Trump from someone not sufficiently suspicious of Vladimir Putin to “dangerously ignorant.” I suppose Lazare means dangerously ignorant like Bill and Hillary Clinton, George W. Bush, and Obama. If this is what Lazare means, why is Trump any less qualified to be president than his three most recent predecessors and his opponent in the election?

    Of course, Lazare has no idea what he means. He is simply afraid he will be called a “Trump deplorable,” and he stuck in some denuciatory words to ward off his dismissal as just another Russian agent.

    At other times I conclude that the CIA is discrediting itself with its fierce and transparently false attack on the president elect. The attack on Trump from the CIA and its media agents at the New York Times, Washington Post, CNN, the network TV channels, the BBC, the Guardian, and every other Western print and TV source with the exception of Fox News, is based on no evidence whatsoever. None of the US 16 intelligence agencies can produce a tiny scrap of evidence. The evidence consists of nothing but constant repetitions of blatant lies fed into the presstitute media by the CIA .

    We have witnessed this so many times before: “Tonkin Gulf,” “Saddam Hussein’s weapons of mass destruction,” “Iranian nukes,” “Assad’s use of chemical weapons,” “Russian invasion of Ukraine.”

  2. Ove Svidén says:

    RT QUESTION MORE LIVE

    HomeNews
    Lavrov: US diplomats frequently took part in Russian opposition rallies
    Published time: 17 Jan, 2017

    Russian Foreign Minister Sergei Lavrov (front) and Foreign Ministry spokeswoman Maria Zakharova attend a news conference in Moscow, Russia, January 17, 2017.

    US intelligence agencies have been actively trying to recruit senior Russian diplomats over the past several years, according to Foreign Minister Sergey Lavrov, who also said that US diplomats in Russia have engaged in espionage and took part in opposition rallies.
    “If we talk about recruitment techniques, we did not publicize the full statistics on that. But most recently, in the past few years, especially during the second term of Obama’s administration, that unfriendly activity towards our diplomats has been growing in scale,” Lavrov said at a news conference.

Leave a Reply

Your email address will not be published. Required fields are marked *