British Spy Agency GCHQ Is Scanning The Internet For ALL Open Ports & Vulnerabilities

Written by: Rhinostril

The British counterpart of the NSA , the British Spy Agency GCHQ is scanning for open ports in more than 27 countries.

“In 2009, the British spy agency GCHQ made port scans a ‘standard tool’ to be applied against entire nations,” Heise reports. This information was received through Edward Snowden.

GCHQ Headquarters ‘The Doughnut’ in Cheltenham 

What is the danger of an open port ?

The internet search engine Shodan reveals internet-facing vulnerable systems such as servers , traffic lights , internet connected cameras. This all sounds very familiar to the game Watchdogs ™ so you should genuinely be scared as they can possibly be exploited and used for bad purposes. The international port scan was part of the “Hacienda Program”  which is a program used by many hackers around the world. Hacienda can find vulnerable applications running on public servers

Open ports give free access to the inner workings of a vulnerable server:
For example a simple internet router with open ports gives access to almost all off the user’s history: browser history, Os patches , downloads …
Large organizations such as NSA or GCHQ can retrieve a lot of intelligence from these weak servers. They use those vulnerabilities to secretively turn servers in to operational relay boxes (ORBs)

All about ORBs

When the GCHQ attacks or steals data from a designated target, they hide behind those ORBs whilst using them as a cover for their real location or ip- adress. To fully scan those 27 countries and partially scan 5 other countries they needed the help of the so called “Five eyes” which is a collaboration of NSA with the secret services of Canada, New Zealand and Australia.
The Heise report which leaked all this information was co written by Edward Snowden and it states : “The process of scanning entire countries and looking for vulnerable network infrastructure to exploit is consistent with the meta-goal of ‘Mastering the Internet’, which is also the name of a GCHQ cable-tapping program: these spy agencies try to attack every possible system they can, presumably as it might provide access to further systems.”
and furthermore

“Systems may be attacked simply because they might eventually create a path towards a valuable espionage target, even without actionable information indicating this will ever be the case. Using this logic, every device is a target for colonisation, as each successfully exploited target is theoretically useful as a means to infiltrating another possible target.”
This rather ordinary way of hacking was already being used. However the big twist is the gigantic scale of this government-orchestrated attack .

How can you protect yourself?

Read more here for the best and fastest protection and how we do it:

http://anonhq.com/be-anonymous/

Or here for a more complicated solution and advanced users:

http://anonhq.com/wp-content/uploads/2014/08/How-to-Secure-Yourself-from-HACIENDA.pdf

Every Device is a target

Every device is a target, the methodology of checking whole nations and searching for vulnerable network foundation to exploit is steady with the meta-objective of “Mastering the Internet”, which is likewise the name of a GCHQ cable tapping program: these spy organizations attempt to assault each conceivable system they can as it may give access to further systems. Systems may be assaulted essentially because they might in the long run make a way towards a valuable espionage target, even without noteworthy data.

Using this logic, every device is a target for colonization, as every effectively misused target is hypothetically helpful to invading another possible target; port scanning and downloading banners to recognize which programming is working on the target system is simply the first step of the attack. Top secret documents from the NSA seen by Heise show that the involved spy agencies follow the regular system of online organized crime.

GCHQ says it won’t remark on “intelligence matters” however reiterates that everything that it does is done within a strict legal framework. “It is a longstanding policy that we don’t comment on intel matters,” a GCHQ spokesperson told The Inquirer.

“All of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception of Communications and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee.”

“All our operational processes rigorously support this position,” they added.

British intelligence is allowed to go further in reconnaissance than similar agencies in other Western nations, as indicated by Edward Snowden. The previous NSA contractor accepts the forces of the British sagacity stronghold are not limited adequately enough by “law or policy”. The absence of legitimate confinements allows UK intelligence services to target more individuals than is necessary.

___________________________________________________________________________

Sources :
http://thehackernews.com/2014/08/gchqs-hacienda-port-scanning-program.html
http://thehackernews.com/search/label/shodan
http://cs.ucsb.edu/~koc/ns/projects/00Reports/AAHK.pdf