The US military has gained access to a powerful Internet surveillance tool that covers more than 90 percent of global web traffic and in some cases provides access to email data, browsing history and a host of other information, such as sensitive cookies , according to contract documents which acquired Motherboard.
Additionally, Sen. Ron Wyden reported that a whistleblower contacted his office about the alleged warrantless use and purchase of this data by NCIS, a civilian law enforcement agency owned by the Navy, after filing a complaint through the official process report to the Department of Defense, according to a copy of the letter Wyden's office provided to Motherboard.
Τα έγγραφα αποκαλύπτουν την πώληση και τη χρήση μιας προηγουμένως και ελάχιστα γνωστής τεχνολογίας παρακολούθησης που τροφοδοτείται από αγορές δεδομένων από τον ιδιωτικό τομέα. Το εργαλείο, που ονομάζεται Augury, αναπτύχθηκε από την cyber security company Team Cymru and collects a huge amount of data that it makes available to government and corporate clients as a paid service.
In the private sector, cyber security analysts use it to monitor hacker activity or to attribute cyber attacks. In the government sector, analysts can do the same. Authorities dealing with criminal investigations also have this service.
Οι στρατιωτικές υπηρεσίες δεν αναφέρονται τις περιπτώσεις χρήσης του εργαλείου. Ωστόσο, η πώληση του εργαλείου στον στρατό μας δείχνει ότι και τα στρατιωτικά σώματα απέκτησαν πρόσβαση. Εδώ να αναφέρουμε ότι κανείς δεν γνωρίζει πως απέκτησε τα δεδομένα η Team Cymru που στη συνέχεια τα πουλά σαν επιχείρηση, κάτι που έχει ανησυχήσει πολλές πηγές στον κλάδο της κυβερνοασφάλειας.
"The data includes data from more than 550 collection points worldwide, from Europe, the Middle East, North/South America, Africa and Asia, and is updated with at least 100 billion new records every day," reports the Augury platform a US government procurement file reviewed by Motherboard. He adds that Augury provides access to “petabytes” of data. Motherboard found that the US Navy, Army, Cyber Command, Defense Counterintelligence and Security Service have collectively paid at least $3,5 million to access Augury.
“The Augury platform is not designed to target specific users or user activity. The platform specifically does not have subscriber information necessary to connect with any user," Team Cymru told Motherboard.
“Our platform does not provide information about users or subscribers preventing the ability to use it to target individuals. Our platform captures only a limited sampling of the available data and allows queries for a limited sample and limited data, which originates from malware, malicious activity, honeypots, scans and third parties that provide it.”
