The Most Evil and Disturbing NSA Spy Practices To-Date Have Just Been Revealed
In
some cases the NSA has masqueraded as a fake Facebook server, using the
social media site as a launching pad to infect a target’s computer and
exfiltrate files from a hard drive. In others, it has sent out spam
emails laced with the malware, which can be tailored to covertly record
audio from a computer’s microphone and take snapshots with its webcam.
The hacking systems have also enabled the NSA to launch cyberattacks by
corrupting and disrupting file downloads or denying access to websites.
The man-in-the-middle tactic can be used, for instance,
to covertly change the content of a message as it is being sent between
two people, without either knowing that any change has been made by a
third party.
The latest piece from Greenwald and
company on the unconstitutional spy practices of the NSA may represent
the most dangerous and disturbing revelations yet. It’s
hard for shadiness at the NSA to surprise me these days, but there was
only one word that kept repeating over and over in my head as I read
this: EVIL.
Submitted by Michael Krieger, Liberty Blitzkrieg:
-From Glenn Greenwald’s latest article: How the NSA Plans to Infect Millions of Computers with Malware
As a quick aside, Greenwald points out in the quote above how spam emails are used by the NSA to bait you into clicking a dangerous link. This is a timely revelation considering I received one such email yesterday from a friend of mine. The email was sent to a wide list of let’s say “liberty minded people” and webmasters associated with very popular sites. The link seemed shady so I texted him to ask if he had sent it. He hadn’t.
Earlier this week, during a talk at SXSW, Edward Snowden pleaded with people to use encryption. While he admitted if the NSA targeted you individually they could almost certainly “own your computer,” he stated that if people use encryption on a massive scale it makes the NSA’s attempts to monitor everyone at the same time much more difficult.
Apparently, the NSA is well aware of this threat. Which is why we now
know that the agency has been dedicating significant amounts of
taxpayer dollars in an attempt to infect millions of computers with
malware in an attempt at “industrial-scale exploitation,” which would
lead to them “owning the net.”Submitted by Michael Krieger, Liberty Blitzkrieg:
-From Glenn Greenwald’s latest article: How the NSA Plans to Infect Millions of Computers with Malware
As a quick aside, Greenwald points out in the quote above how spam emails are used by the NSA to bait you into clicking a dangerous link. This is a timely revelation considering I received one such email yesterday from a friend of mine. The email was sent to a wide list of let’s say “liberty minded people” and webmasters associated with very popular sites. The link seemed shady so I texted him to ask if he had sent it. He hadn’t.
Earlier this week, during a talk at SXSW, Edward Snowden pleaded with people to use encryption. While he admitted if the NSA targeted you individually they could almost certainly “own your computer,” he stated that if people use encryption on a massive scale it makes the NSA’s attempts to monitor everyone at the same time much more difficult.
As Mikko Hypponen, an expert in malware stated:
“The NSA’s surveillance techniques could inadvertently be undermining the security of the Internet.”
Move along serfs, nothing to see here.
From The Intercept:
The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.
In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.
The implants being deployed were once reserved for a few hundred
hard-to-reach targets, whose communications could not be monitored
through traditional wiretaps. But the documents analyzed by The
Intercept show how the NSA has aggressively accelerated its hacking
initiatives in the past decade by computerizing some processes
previously handled by humans. The automated system – codenamed
TURBINE – is designed to “allow the current implant network to scale to
large size (millions of implants) by creating a system that does
automated control implants by groups instead of individually.”
Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations “disturbing.” The NSA’s surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.
It sounds like that is precisely their intent…
It sounds like that is precisely their intent…
The NSA began rapidly escalating its hacking efforts a decade ago. In 2004, according to securet internal records,
the agency was managing a small network of only 100 to 150 implants.
But over the next six to eight years, as an elite unit called Tailored
Access Operations (TAO) recruited new hackers and developed new malware
tools, the number of implants soared to tens of thousands.
The agency’s solution was TURBINE. Developed as part of TAO unit,
it is described in the leaked documents as an “intelligent command and
control capability” that enables “industrial-scale exploitation.”
Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.
The intelligence community’s top-secret “Black Budget” for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named “Owning the Net.”
The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass “a wider variety” of networks and “enabling greater automation of computer network exploitation.”
Your tax dollars at works slaves.
One implant, codenamed UNITEDRAKE, can be used with a variety of “plug-ins” that enable the agency to gain total control of an infected computer.
An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer’s microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer’s webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer.
Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.
The intelligence community’s top-secret “Black Budget” for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named “Owning the Net.”
The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass “a wider variety” of networks and “enabling greater automation of computer network exploitation.”
Your tax dollars at works slaves.
One implant, codenamed UNITEDRAKE, can be used with a variety of “plug-ins” that enable the agency to gain total control of an infected computer.
An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer’s microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer’s webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer.
The implants can enable the NSA to circumvent privacy-enhancing encryption tools that
are used to browse the Internet anonymously or scramble the contents of
emails as they are being sent across networks. That’s because the NSA’s
malware gives the agency unfettered access to a target’s computer
before the user protects their communications with encryption.
According to the Snowden files, the technology has been used to
seek out terror suspects as well as individuals regarded by the NSA as
“extremist.” But the mandate of the NSA’s hackers is not limited to invading the systems of those who pose a threat to national security.
In one secret post on an internal message board, an operative from the NSA’s Signals Intelligence Directorate describes using malware attacks against systems administrators who work at foreign phone and Internet service providers. By hacking an administrator’s computer, the agency can gain covert access to communications that are processed by his company. “Sys admins are a means to an end,” the NSA operative writes.
But not all of the NSA’s implants are used to gather intelligence, the secret files show. Sometimes, the agency’s aim is disruption rather than surveillance.QUANTUMSKY, a piece of NSA malware developed in 2004, is used to block targets from accessing certain websites. QUANTUMCOPPER, first tested in 2008, corrupts a target’s file downloads. These two “attack” techniques are revealed on a classified list that features nine NSA hacking tools, six of which are used for intelligence gathering. Just one is used for “defensive” purposes – to protect U.S. government networks against intrusions.
In one secret post on an internal message board, an operative from the NSA’s Signals Intelligence Directorate describes using malware attacks against systems administrators who work at foreign phone and Internet service providers. By hacking an administrator’s computer, the agency can gain covert access to communications that are processed by his company. “Sys admins are a means to an end,” the NSA operative writes.
But not all of the NSA’s implants are used to gather intelligence, the secret files show. Sometimes, the agency’s aim is disruption rather than surveillance.QUANTUMSKY, a piece of NSA malware developed in 2004, is used to block targets from accessing certain websites. QUANTUMCOPPER, first tested in 2008, corrupts a target’s file downloads. These two “attack” techniques are revealed on a classified list that features nine NSA hacking tools, six of which are used for intelligence gathering. Just one is used for “defensive” purposes – to protect U.S. government networks against intrusions.
Before it can extract data from an implant or use it to attack a
system, the NSA must first install the malware on a targeted computer or
network.
According to one top-secret document from 2012, the agency can deploy malware by sending out spam emails that trick targets into clicking a malicious link. Once activated, a “back-door implant” infects their computers within eight seconds.
Consequently, the NSA has turned to new and more advanced hacking techniques. These include performing so-called “man-in-the-middle” and “man-on-the-side” attacks, which covertly force a user’s internet browser to route to NSA computer servers that try to infect them with an implant.
According to one top-secret document from 2012, the agency can deploy malware by sending out spam emails that trick targets into clicking a malicious link. Once activated, a “back-door implant” infects their computers within eight seconds.
Consequently, the NSA has turned to new and more advanced hacking techniques. These include performing so-called “man-in-the-middle” and “man-on-the-side” attacks, which covertly force a user’s internet browser to route to NSA computer servers that try to infect them with an implant.
In one man-on-the-side technique, codenamed QUANTUMHAND, the
agency disguises itself as a fake Facebook server. When a target
attempts to log in to the social media site, the NSA transmits malicious
data packets that trick the target’s computer into thinking they are
being sent from the real Facebook. By concealing its malware within what
looks like an ordinary Facebook page, the NSA is able to hack into the
targeted computer and covertly siphon out data from its hard drive. A
top-secret animation demonstrates the tactic in action.
The man-in-the-middle tactic can be used, for instance,
to covertly change the content of a message as it is being sent between
two people, without either knowing that any change has been made by a
third party. The same technique is sometimes used by criminal hackers to defraud people.
“The thing that raises a red flag for me is the reference to
‘network choke points,’” he says. “That’s the last place that we should
be allowing intelligence agencies to compromise the infrastructure –
because that is by definition a mass surveillance technique.”
In many cases, firewalls and other security measures do not
appear to pose much of an obstacle to the NSA. Indeed, the agency’s
hackers appear confident in their ability to circumvent any security
mechanism that stands between them and compromising a computer or
network. “If we can get the target to visit us in some sort of web
browser, we can probably own them,” an agency hacker boasts in one
secret document. “The only limitation is the ‘how.’”
GCHQ cooperated with the hacking attacks despite having reservations about their legality. One of the Snowden files, previously disclosed by
Swedish broadcaster SVT, revealed that as recently as April 2013, GCHQ
was apparently reluctant to get involved in deploying the QUANTUM
malware due to “legal/policy restrictions.” A representative from a unit
of the British surveillance agency, meeting with an obscure
telecommunications standards committee in 2010, separately voiced concerns that performing “active” hacking attacks for surveillance “may be illegal” under British law.
When even the GCHQ is questioning the legality of a surveillance program you know you’ve gone too far. Way too far.
Full article here.
In Liberty,
Michael Krieger
When even the GCHQ is questioning the legality of a surveillance program you know you’ve gone too far. Way too far.
Full article here.
In Liberty,
Michael Krieger
No comments:
Post a Comment