Category Archives: Cyber War

Smoke Coming From the Hillary Server Fire is Worse

Posted on by

Strip the security clearance from this woman. There are many calling for this exact action and the State Department will not comment if she in fact still has it. At least during this investigation, her clearance should be suspended.

Posted on this site was a timeline and factual information when it comes to the Hillary Servergate affair. A few hours have passed and there of course is more to report.

More factual intrigue is listed below and it is not in any real date order given what and how information is being obtained. This comes as the FBI begins the data and material investigations.

1. Barack Obama drafted and signed a lengthy Executive Order #13526 spelling out the comprehensive conditions of all classified and top secret information. The Democrats and those supporting the Hillary camp in Severgate can NO longer claim restrictive laws are passed AFTER her term as Secretary of State. Further and quite important, Hillary was ONE of 20 who were designate with authority to apply classified codes to documents making it all the more curious on how she can claim ignorance in top secret or restricted documents.

2, It is now confirmed, the second server in question which held the material involved in Servergate, located in New Jersey and seized by the FBI was stripped of data. The FBI does in fact have the skills to rebuild and retrace all administrative actions in the server.

3, Now another at the core of this investigation is Huma Abedin who was and is Hillary’s personal confidant and aide de camp. To date, she has not signed nor turned over as order by Judge Sullivan the certification under penalty of perjury or the email materials which hovers in the range of 7000 communication transmissions.

4. As discussed before, not only was there 3 thumb drives of the Hillary email transaction surrendered to the FBI and 3 servers, but the FBI will likely need to obtain or gain a search warrant for 3 additional communication devices held by Hillary, those being her Blackberry, her iPhone and her iPad.

5. When it comes to the SIGINT or geo-spatial top secret email in question, it appears it was relating to a drone image of terror groups in Pakistan. This speaks to sources and methods such that the top secret designations would have originated with the original transmission of the critic (critical communications).

6. Platte River was NOT an approved facility to house or support classified material. Outside vendors are to be approved in the case of top secret material that have hardened rooms preventing espionage or eavesdropping.

7. There will be more Hillary personnel caught up in the investigation snare and those likely will include Mike Morrell, Deputy Director of the CIA; Phillippe Reines, Hillary’s gatekeeper; Jeremy Bash, former Chief of Staff for Leon Panetta; Andrew Shapiro, Hillary’s Policy Advisor; and several others now at Beacon Global Strategies, Hillary’s personnel policy think tank.

8. The contracted server company, Platte River is now raising deeper questions due in part to a lawsuit and investigation from November 2014. The lawsuit document is found here. They stole phone numbers and metadata from White House military advisors.

The Internet company used by Hillary Clinton to maintain her private server was sued for stealing dozens of phone lines including some which were used by the White House.

Platte River Networks is said to have illegally accessed the master database for all US phone numbers.

It also seized 390 lines in a move that created chaos across the US government.

Among the phone numbers which the company took – which all suddenly stopped working – were lines for White House military support desks, the Department of Defense and the Department of Energy, a lawsuit claims.

Others were the main numbers for major financial institutions, hospitals and the help desk number for T2 Communications, the telecom firm which owned them.

A lawsuit filed on behalf of T2 claims that the mess took 11 days to fix and demands that Platte River pay up $360,000 in compensation.

More to come for sure…..stay tuned.

 

Cyber-attack on Power Grid Paralysis

Posted on by

Cyber Attacks on the Power Grid: The Specter of Total Paralysis

Posted in General Security, Hacking, Incident Response on July 27, 2015

The Incidents

Imagine that one day you wake up and trading is halted on the New York Stock Exchange (NYSE) floor; meanwhile systems at United Airlines and the Wall Street Journal newspaper appear out of order.

It is not a scene from a movie; it happened on July 8, when trading at the NYSE stopped around 11:30 a.m. ET.

According the media, the temporary interruption of the services mentioned was a fateful coincidence and the events are unrelated, but the incidents have raised once again the question of the real security of critical infrastructure.

White House spokesperson Josh Earnest confirmed that the incidents weren’t caused by cyber-attacks. President Obama had briefed on the glitch at NYSE by White House counterterrorism and Homeland Security adviser Lisa Monaco as well as Chief Of Staff Denis McDonough.

“It appears from what we know at this stage that the malfunctions at United and at the stock exchange were not the result of any nefarious actor,” said Department of Homeland Security Secretary Jeh Johnson. “We know less about the Wall Street Journal at this point except that their system is back up again as is the United Airline system.”

Which is the impact of a cyber-attack on a critical infrastructure? Are critical infrastructure actually secure?

A major attack on a critical infrastructure like a power grid would cause chaos in the country by interrupting vital services for the population.

The current scenario

The Stock Exchange, transportation, and media are critical to the infrastructure of a country. A contemporary failure of these systems could cause serious problems to the nation, especially when the incident is caused by a cyber-attack.

“I think the Wall Street Journal piece is connected to people flooding their web site in response to the New York Exchange to find out what’s going on.” FBI Director James Comey told the Senate Intelligence committee. “In my business we don’t love coincidences, but it does appear that there is not a cyber-intrusion involved.”

Sen. Bill Nelson, D-FL, the top Democrat on the cyber-security subcommittee, told Fox News that the NYSE incident has “the appearance” of a cyber-attack and noted the coordination of multiple sites.

Thus far, the temporary outage at the New York Stock Exchange, United Airlines and the Wall Street Journal’s website were the results of tech glitches, but we have to consider the US infrastructure remains vulnerable to cyber-attacks that would cause serious problems and would be costly.

To compound the scenario, there is the rapid increase in the number of cyber-attacks, at least of those we fail to detect, and its complexity.

The DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued its new ICS-CERT MONITOR report related to the period September 2014 – February 2015. The ICS-CERT MONITOR report

According to the report, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) received and responded to 245 incidents in Fiscal Year 2014, more than half of the incidents reported by asset owners and industry partners involved sophisticated APT. ICS/SCADA system were also targeted by other categories of threat actors, including cyber criminals, insider threats and hacktivists.

“Of the total number of incidents reported to ICS-CERT, roughly 55 percent involved advanced persistent threats (APT) or sophisticated actors. Other actor types included hacktivists, insider threats, and criminals. In many cases, the threat actors were unknown due to a lack of attributional data.” states the report.

Analyzing incidents reported by sector, it is possible to note that the majority of the attacks involved entities in the Energy Sector followed by Critical Manufacturing. About 30 percent of the incidents hit infrastructures in the energy sector, meanwhile Critical Manufacturing (i.e. manufacturing of vehicles and aviation and aerospace components) accounted for 27 percent.

The threat actors used a significant number of zero-day vulnerabilities to compromise industrial control systems through the exploitation of web application flaws.

The most common flaws exploited by attackers include authentication, buffer overflow, and denial-of-service . Noteworthy among ICS-CERT’s activities included the multi-vendor coordination that was conducted for the ”

“Noteworthy among ICS-CERT’s activities included the multi-vendor coordination that was conducted for the “Heartbleed” OpenSSL vulnerability. The team worked with the ICS vendor community to release multiple advisories, in addition to conducting briefings and webinars in an effort to raise awareness of the vulnerability and the mitigation strategies for preventing exploitation” states the ICS-CERT report to explain the coordination activities sustained by the agency to address principal vulnerabilities.

The ICS-CERT MONITOR report confirmed that the attackers used a vast range of methods for attempting to compromise control systems infrastructure, including:

Figure 1 – ICS -CERT Attack Methods

Unfortunately, it is quite difficult to attribute an incident to a specific threat actor. In the majority of cases, these offensives have gone under the radar over the years due to high level of sophistication of the Tactics, Techniques, and Procedures (TTPs).

The victims were not able to identify the threat actors. Neither the attack vector exploited by hackers for 38 percent of the reported incidents,

“Many more incidents occur in critical infrastructure that go unreported,” states the ICS-CERT MONITOR report. “Forensic evidence did not point to a method used for intrusion because of a lack of detection and monitoring capabilities within the compromised network”.

US power grid vulnerable to cyber attacks

The US power grid is a privileged target for various categories of attackers, terrorists, cyber criminals, and state-sponsored hackers. Daily, they threaten the backbone of the American society. Security experts and US politicians are aware that the national power grid is vulnerable to a terrorist attack.

“It’s possible; and whether it’s likely to happen soon remains to be seen,” explained by the former Secretary of Defense William Cohen on “The Steve Malzberg Show.”

Attackers have several options to hit a power grid, from a cyber-attack on SCADA systems to an EMP attack, according to Cohen.

“You can do it through cyber-attacks, and that’s the real threat coming up as well. We have to look at cyber-attacks being able to shut down our power grid, which you have to remember is in the private sector’s hands, not the government’s. And we’re vulnerable,” Cohen added. “It’s possible and whether it’s likely to happen soon remains to be seen.”

“That’s because the technology continues to expand and terrorism has become democratized. Many, many people across the globe now have access to information that allows them to be able to put together a very destructive means of carrying out their terrorist plans. We’re better at detecting than we were in the past. We’re much more focused in integrating and sharing the information that we have, but we’re still vulnerable and we’ll continue to be vulnerable as long as groups can operate either on the margins or covertly to build these kind of campaigns of terror.” said Cohen.

Former Department of Homeland Security Secretary Janet Napolitano shared Cohen’s concerns. A major cyber-attack the power grid was a matter of “when,” not “if.”

State-sponsored hackers, cyber terrorists are the main threat actors, but as confirmed by a recent research conducted by TrendMicro, also the cybercrime represents a serious menace.

Former senior CIA analyst and EMP Task Force On National Homeland Security Director, Dr. Peter Vincent Pry, told Newsmax TV that that a cyber attack against the power grid could cause serious destruction and loss of life.

Not only US power grid are under attack. In January 2015, the British Parliament revealed that UK Power Grid is under cyber-attack from foreign hackers, but the emergency is for critical infrastructure worldwide.\

Figure 2 – SCADA control room

Arbuthnot confirmed the incessant attacks on national critical infrastructure and he doesn’t exclude a major incident, despite the enormous effort spent at the National Grid.

“Our National Grid is coming under cyber-attack not just day-by-day but minute-by-minute,” Arbuthnot, whose committee scrutinized the country’s security policy, told a conference in London last year. “There are, at National Grid, people of very high quality who recognize the risks that these attacks pose, and who are fighting them off,” he said, “but we can’t expect them to win forever.”

The power grid is a vital system for our society and the cyber strategy of every government must consider its protection a high priority, a terror attack would leave entire countries sitting in the dark.

A hypothetical attack scenario and estimation of the losses

What will happen in case of a cyber-attack on a critical infrastructure in the US? Which is the economic impact of a cyber-attack against a power grid?

According to a poll conducted by researchers at the Morning Consult firm from May 29 to May 31, cyber-attacks are just behind terrorism attacks on the list of biggest threats to US. The research allowed the experts to estimate that the insurance industry could face losses of about $21 billion. That poll was conducted by interviewing a national sample of 2,173 registered voters.

Nearly 36 percent of voters consider acts of terrorism at the top of a list of major security threats, followed by cyber-attacks at 32 percent.

Figure 3- Morning Consult firm poll results

The Lloyd’s of London has conducted a very interesting study, Business Blackout, that describes the impacts of a cyber-attack on the national power grid.

It is the first time that the insurance industry has elaborated on a similar report. Obviously, the estimates provided are merely indicative due to the large number of factors that can influence the costs.

According to the report prepared by Lloyd’s of London in a joint effort with the University of Cambridge’s Centre for Risk Studies, cyber-attacks would have a catastrophic impact on multiple types of insurance.

The attack scenario described by Business Blackout illustrates the effects of a malware-based attack on systems that controls the national power grid. The attack causes an electrical blackout that plunges 15 US states and principal cities, including New York City and Washington DC, into darkness. Nearly 93 million people will remain without power in the scenario hypothesized by the study.

The attackers spread the ‘Erebos’ Trojan through the network with the effect of compromising the electricity generation control rooms in several locations in the Northeastern United States.

According to the researchers, the attack will cause health and safety systems to fail, disrupting water supplies as electric pumps fail. The chaos will reign causing the failure of main services, including transportation. The malware is able to infect the Internet and search and compromise 50 generators that it will destroy, causing prolonged outages in the region.

The total of claims paid by the insurance industry has been estimated to be included in the interval comprised between $21.4b and $71.1b, depending on the evolution of the scenarios designed by the researchers.

The researchers involved in the simulation have calculated the economic losses could range from $243 million to $1 trillion, depending on the number of components in the power grid compromised by the attack.

“Economic impacts include direct damage to assets and infrastructure, decline in sales revenue to electricity supply companies, loss of sales revenue to business and disruption to the supply chain. The total impact to the US economy is estimated at $243bn, rising to more than $1trn in the most extreme version of the scenario.” states the report.

The experts analyzed the historical outages, estimating that currently the power interruptions, most of which last five minutes or less, already cost the US about $96 billion. The cost related to a prolonged outage is likely to be included in the range of $36 billion to $156 billion. The Commercial and industrial sectors are the sectors most impacted by the attack on the power grid due to their dependency on the electricity supply.

“Evidence from historical outages and indicative modelling suggests that power interruptions already cost the US economy roughly $96bn8 annually.9 However, uncertainty and sensitivity analysis suggest this figure may range from $36b to $156b.” continues the report. “Currently over 95% of outage costs are borne by the commercial and industrial sectors due to the high dependence on electricity as an input factor of production.”

As explained in the report, it is important to identify the risks related to a possible cyber-attack and adopt all the necessary measures to mitigate them. The protection of critical infrastructure like a power grid is an essential part of the cyber strategy of any Government.

Advances and Secret Information on Hacking of Classified Systems

Posted on by

Hacking never has the sizzle when it comes to terror or scandals, yet it is the cheapest and most effective means of destruction.

So, below are some items you cannot overlook.

A few weeks ago, the unclassified email and information system at the Pentagon, mostly used by the Joint Chiefs of Staff was taken offline due to suspicious malware activity. That system is back online as of this week after all clues pointed to the hack by Russians which led to up to 4000 Pentagon employees losing access to email.

***

Then it has been determined the Chinese have accessed top government officials private emails since 2010.

Chinese hackers have been accessing the private mails of some top United States officials since April of 2010, which coincides with Hillary Clinton’s tenure as secretary of state and her decision to use a private email server, Morning Joe’s Willie Geist reported Tuesday.

“The email grab, first code-named Dancing Panda, targeted top national security and trade officials,” Geist said. “It continued as late as 2014. The timing does overlap with Hillary Clinton’s time as secretary of state and her use of a private email server.”

“Many” top officials have been hacked, according to a high-level intelligence source and a top-secret document obtained by NBC News.

***

Now comes a global network of hacking and their successful and criminal activities.

Exposing a new front in cybercrime, U.S. authorities broke up an alleged insider trading ring that relied on computer hackers to pilfer corporate press announcements and then profited by trading on the sensitive information before it became public.

In morning raids in Georgia and Pennsylvania, federal agents arrested five men in the plot, while four others indicted on hacking and securities fraud charges remain at large.

The hackers, who are thought to be in Ukraine and possibly Russia, allegedly infiltrated the computer servers of PRNewswire Association LLC, Marketwired and Business Wire, a unit of Warren Buffett’s Berkshire Hathaway Inc., over a five-year period.

They siphoned more than 100,000 press releases including corporate data on earnings that could be used to anticipate stock market moves and make profitable trades. The hackers passed the information to associates in the U.S., who allegedly used it to buy and sell shares of dozens of companies, including Panera Bread Co., Boeing Co., Hewlett-Packard Co., Caterpillar Inc. and Oracle Corp., through retail brokerage accounts. A must read for the rest of the details is here.

***

Most chilling of all is the forward leaning and creative uses of drones.

LAS VEGAS, Nev. – Forget Facebook drones that broadcast Wifi. The future is drones that hack from above. A company called Aerial Assault has turned a quadcopter into a flying hacker that scans the world below for insecure devices and vulnerable Wifi ports. Its makers say they built the tool for penetration testing — to help “good guys” diagnose their own weaknesses — but they concede that with a bit of modification, it could be used to exploit those vulnerabilities and install malware from the air. This is why it’s paramount to get your I.T. network looked at by a penetration testing company, you may think this is a scary thing for your company to undergo however, it will actually prevent people (hackers) from stealing your companies information as all of the weak spots would of been identified and then rectified.

The unnamed drone, which may be the first unmanned aerial penetration tool for sale to the public, was on display at the DEF CON hacker conference here last week. It uses a small Raspberry Pi computer running the Kali Linux penetration tester software with the broadcast range extended by alpha radio antennas. It will retail for $2,500 when the Web site goes up in a few days, its makers say.

“We’ve set it up so it does some basic [penetration] testing stuff and coordinates all that data with GPS coordinates from the flight controller. From that, you can extend it with every type of capability that you want Kali Linux to do,” said David Jordan, a representative from Aerial Assault who was selling it on the floor at the DEF CON conference in Las Vegas, Nevada on Sunday.

While the drone isn’t specifically designed to distribute malware, Jordan acknowledged it could be modified to do so. “It is up to the user to decide what they do with it. If the user, they have Raspberry Pi with Kali on it, they can reprogram custom scripts. That’s good for doing more extensive [penetration] testing. But, you know, scripts can be whatever they are,” he said. “Our intended use is for pentesters to be able to diagnose vulnerabilities and help people understand what their Wifi accessibility is, even up in the air.”

 

SHE is the ISIS Recruiter Deployed by Russia?

Posted on by

Isis launches Russian-language propaganda channel

Islamic State’s social media and video efforts have stepped up, part of a region-wide effort to sign up youths to fight take up the black flag. RFE/RL reports

The Guardian: The militant group Islamic State has stepped up its Russian-language propaganda efforts, another sign it is becoming more powerful in the post-Soviet countries.

The Russian foreign minister, Sergei Lavrov, said recently that 2,000 Russian nationals are currently fighting in Syria or Iraq. In June, the country’s security council chief, Nikolai Patrushev, said that there was “no possibility” of stemming the tide of fighters.

Though Russian-speaking Islamic State (Isis) militants have put out their own messages for some time, in recent weeks a new Russian-language wing, Furat Media, has emerged, with Twitter, Facebook and Tumblr accounts broadcasting under a river-themed logo.

It was through Furat that the militant group declared the establishment of a province in the North Caucasus, inside the Russian Federation itself. The propaganda wing also issued a professionally produced video, Unity Of The Mujahideen Of The Caucasus, which included interviews with Russian-speaking militants in Iraq and Syria. Dozens more are available for download from the site.  Read more here.

 

Main Russian IS Recruiter ‘Identified In Turkey,’ But Who Is One-Legged Akhmet?

Radio Free Europe: Russia’s security services claim to have established the identity of the main recruiter of Russian nationals to the Islamic State (IS) militant group, according to the Russian tabloid Life News, which has close ties to the country’s security services.

The man in question is a 30-year-old Chechen nicknamed One-Legged Akhmet, Life News reported on August 4.

Among those purportedly recruited by One-Legged Akhmet and his
Among those purportedly recruited by One-Legged Akhmet and his “team” are Russian student Varvara Karaulova (above) and Maryam Ismailova. Karaulova was detained in Turkey and returned to Russia, where prosecutors did not press charges; Ismailova remains at large.

However, details in the Life News report and in a subsequent August 7 report by the Caucasian Knot blog suggest that the individual in question could be an ethnic Chechen who has previously appeared alongside Russian-speaking IS militants in a video shot in IS-controlled territory.

According to the Life News report, two of One-Legged Akhmet’s subordinates — Yakub Ibragimov, 23, from Chechnya and Abdulla Abdulayev from Makhachkala in Daghestan (aka The Uzbek) — have already been detained in Turkey.

But One-Legged Akhmet remains at large.

The report did not give a name for One-Legged Akhmet or say where in Chechyna he is from, saying that his name has not been released because security forces from Russia and Turkey are seeking him.

However, the report did provide information about his alleged activities.

One-Legged Akhmet was responsible for recruiting Russian citizens from Moscow, St. Petersburg, and the North Caucasus and facilitating their travel from Turkey into Syria, according to Life News.

Among those purportedly recruited by One-Legged Akhmet and his “team” are Russian student Varvara Karaulova and Maryam Ismailova. Karaulova was detained in Turkey and returned to Russia, where prosecutors did not press charges; Ismailova remains at large.

Life News quoted an anonymous member of Russia’s law-enforcement authorities who said that Turkish and Russian police had “established IS recruitment and delivery channels for Russians.”

“Under their scheme, people are first recruited over the Internet, after which they are met in Istanbul. Then, One-Legged Akhmet and his subordinates produced fake documents in a few days and transported [the recruits] across the Turkey-Syria border,” the source was quoted as saying.

Discrepancies?

On July 28, Turkish and Azerbaijani media reported that the authorities in Turkey had arrested three men who were accused of being members of IS. According to these reports, one of the men was named Abdullah Abdulayev and had introduced himself as IS’s Emir of Istanbul.

It is not clear whether the Abdulla Abdulayev, referred to as an Azerbaijani in the Turkish media reports, is the same individual that Life News has identified as being from Daghestan.

One-Armed Akhmed

While details of One-Legged Akhmet remain murky, the alleged suspect’s name is very reminiscent of that of another notorious IS militant from Chechnya.

Akhmed Chatayev, also known as Akhmed Shishani or One-Armed Akhmed, emerged in Syria in late 2014 or early 2015 alongside leading figures in IS’s North Caucasian contingent.

Chatayev was previously granted refugee status in Austria. He was arrested by Georgian forces in 2012 in connection with the Lopota Gorge incident, in which an armed group clashed with Georgian special forces. Chatayev was later released after a court found him innocent. (His lawyers say he lost his arm as a result of torture by Russian security forces, while Russia says he was disabled while fighting in Chechnya.)

An anonymous member of the Caucasian diaspora in Turkey told the Caucasian Knot news website on August 7 that the leader of the Istanbul cell was a Chechen who had been involved in the 2012 Lopota Gorge incident and had lost a leg. However, the source also said that the armed group had been attempting to travel to Syria, which is a theory that has not been advanced previously.

There has also been no official notification from the Turkish government about the detention of a Russian citizen, a Russian consular representative in Ankara told the Caucasian Knot.

Regardless of whether Chatayev is the shadowy individual suggested by Life News, given his links in Europe and the North Caucasus and his associations with senior Russian-speaking IS figures in Syria and Iraq, it is likely that he is involved in recruitment for IS. Certainly, Abu Jihad, the ethnic Karachai with whom Chatayev appears in a video shared by IS earlier this year, is involved in IS recruitment via his work heading IS’s Russian-language propaganda outlet, Furat Media.

It is unknown whether Chatayev is still in Syria — he has not appeared in IS videos for some months — or whether he is in Turkey.

What About Those Stingrays? You Cool With This?

Posted on by

Surveillance Nation is here today and are you good with this?

Is Microsoft reading YOUR emails? Windows 10 may threaten your privacy, watchdogs warn

Windows 10:  DailyMailUK

Within 45 pages of terms and conditions, the privacy information suggests Microsoft begins watching from when an account is created, saving customer’s basic information, passwords and credit card details, Newsweek reported.

The tech giant is also said to save Bing search queries and conversations with Cortana, as well as lists of which websites and apps users visit and the contents of private emails and files, as well as their handwriting.   The privacy statement says: ‘your typed and handwritten words are collected.’

The policy adds that Microsoft collects information about a user’s speech and handwriting to ‘help improve and personalise our ability to correctly recognise your input,’ while information from their contacts book is used, such as names and calendar events ‘to better recognise people and events when you dictate messages or documents’.

Cortana, for example, makes use of information about who a user calls on their phone, plus data from their emails and texts, calendar and contacts, as well as their web history and location.  Microsoft says that data is collected to provide users with a more personalised service and better character recognition, for example, but may also be used for targeted adverting, meaning it may share information with third parties.

The company assigns each of its users a unique advertising ID so it does not reveal what they ‘say in email, chat, video calls or voice mail, or your documents, photos or other personal files to target ads to you.’

But it has still come under fire from privacy campaigners.

Online privacy pressure group, European Digital Rights (EDRi) told The Times that Microsoft’s policy was ‘not only bad news for privacy. Your free speech rights can also be violated on an ad hoc basis.’

Microsoft ‘basically grants itself very broad rights to collect everything you do, say and write with on your devices in order to sell more targeted advertising or to sell your data to third parties.’

Kirsten Fiedler, EDRi’s Managing Director told MailOnline: ‘Unlike Microsoft’s promise, the company’s new 45 page-long terms of service are not straightforward at all.

‘Online companies should finally start explaining their terms in an understandable manner so that we can make informed choices about the services we want to use.

 

Stingray surveillance sparks privacy concerns in Congress

USAToday: WASHINGTON — Members of Congress are increasingly trying to rein in a secretive federal law enforcement program that uses devices known as Stingrays to capture cellphone data from unsuspecting Americans.

“They are spying on law-abiding citizens as we speak,” said Rep. Darrell Issa, R-Calif., who recently won House approval of a measure to end the program.

The box-shaped Stingray devices are the size of small suitcases, cost about $400,000 to buy and operate, and are usually attached to the cars of federal, state or local law enforcement agents. They mimic cellphone towers, tricking phones within a certain radius to connect to and feed data to police about users’ locations, text messages, calls and emails.

At least a half-dozen federal agencies — including the FBI, the Drug Enforcement Administration, and Immigration and Customs Enforcement — use the technology, which can penetrate the walls of a home, apartment complex or office.

Police say the technology — which can also be attached to planes — helps them catch criminals by tracking their movements and actions. But critics complain that it violates the constitutional rights of innocent citizens whose cellphone data is also seized, often without a warrant.

At least 53 law enforcement agencies in 21 states also use Stingrays or similar devices, according to research by the American Civil Liberties Union. Local police typically buy the devices with grants from the federal government and sign agreements with the FBI not to disclose their use, said ACLU attorney Nathan Wessler.

A June 2014 investigation by USA TODAY and Gannett newspapers found that an increasing number of local and state police agencies were deploying Stingrays and other technology to secretly collect cellphone data from suspected criminals and law-abiding Americans not suspected of any wrongdoing.

“It’s become clear how staggeringly widespread the use of this technology is,” Wessler said. “We’ve been heartened to see that some members of Congress are taking the privacy concerns quite seriously.”

The House this summer passed, by voice vote, a Justice Department spending bill that included Issa’s amendment to bar funding for the use of Stingrays without a warrant. Issa said he won’t stop there, in part because the Senate is unlikely to pass that measure .

“I will use additional opportunities to get it done,” Issa told USA TODAY. “Right now, law enforcement won’t even tell us how many Stingrays they have. The only way to protect the American people is to change the law.”

Sen. Ron Wyden, D-Ore., and Rep. Jason Chaffetz, R-Utah, also are targeting the Stingray program in a broader bill called the GPS Act. The legislation would require law enforcement agents to obtain warrants before tracking Americans’ locations by using Stingray-type devices or tapping into cellphones, laptops, or GPS navigation systems.

“I don’t see how you can use a Stingray without it raising very substantial privacy issues,” Wyden told USA TODAY. “I want police to be able to track dangerous individuals and their locations, but it ought to be done with court oversight under the Fourth Amendment.”

The FBI has said it has a policy of obtaining warrants before using Stingray devices, although it has broad exceptions, including one that allows the technology to be used in public places where the agency believes people shouldn’t have an expectation of privacy.

“It’s how we find killers, it’s how we find kidnappers, it’s how we find drug dealers, it’s how we find missing children, it’s how we find pedophiles,” FBI Director James Comey told reporters in Charlotte. last fall. “It’s work you want us to be able to do.”

Chaffetz is also using his position as chairman of the House Oversight and Government Reform Committee to gather information as part of an investigation into the use of stingrays, said his spokesman, M.J. Henshaw.

At the same time, Senate Judiciary Committee Chairman Charles Grassley, R-Iowa, and Sen. Patrick Leahy of Vermont, the senior Democrat on the panel, have been pressing the Department of Justice for answers about Stingray practices and policies. Sen. Bill Nelson, R-Fla., has also called on the Federal Communications Commission to review how the devices are used.

A spokesman for the Department of Justice said the agency is reviewing its policies for the use of Stingray devices. He said he didn’t know when the review would be done.

“With regards to this technology, the Department of Justice is in the process of examining its policies to ensure they reflect our continued commitment to conducting our vital missions while according appropriate respect for privacy and civil liberties,” said spokesman Patrick Rodenbush.

While the Justice Department reviews its policies, states have begun passing their own laws to ban state and local police from using Stingrays without a warrant.

Washington Gov. Jay Inslee signed a ban in May after legislation was passed with overwhelming bipartisan support in the state Legislature. In addition to requiring police to obtain a warrant before using Stingray devices, the law says police must quickly delete any data collected on people who were not targets of a criminal investigation.

Similar laws have been passed in Virginia and Utah and are being considered in California, New York and Texas.

“The American people are looking for a balance between security and liberty,” Issa said. “After 9/11, we moved too far towards security. We need to move back toward liberty.”