NSA Aiming To Infect 'Millions' Of Computers Worldwide With Its Malware; Targets Telco/ISP Systems Administrators
from the so,-telco-sys-admins-are-now-'national-security-threats'-or-did-I-miss-t dept
The NSA is still working hard to make the world’s computer usage less safe. The latest leak published by The Intercept shows the agency plans to infect “millions” of computers worldwide with malware, making it easier for the NSA to harvest data and communications from these compromised machines.
The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.
The methods detailed include the agency masquerading as a Facebook server and sending out laced spam emails in order to subvert users’ computers and give the NSA access to local files as well as control of webcams and microphones. Not only does the agency actively work to delay bug fixes in order to exploit systems, but its ongoing malware mission ensures that using a computer and/or accessing the web will always be more dangerous than it should be.
Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations “disturbing.” The NSA’s surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.
“When they deploy malware on systems,” Hypponen says, “they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.”
The NSA has argued previously that its malware targets are strictly national security threats. But the evidence provided here undermines this defense of NSA malware deployment.
In one secret post on an internal message board, an operative from the NSA’s Signals Intelligence Directorate describes using malware attacks against systems administrators who work at foreign phone and Internet service providers. By hacking an administrator’s computer, the agency can gain covert access to communications that are processed by his company. “Sys admins are a means to an end,” the NSA operative writes.
The internal post – titled “I hunt sys admins” – makes clear that terrorists aren’t the only targets of such NSA attacks. Compromising a systems administrator, the operative notes, makes it easier to get to other targets of interest, including any “government official that happens to be using the network some admin takes care of.”
The Intercept’s report notes that the GCHQ has deployed similar tactics, hacking into computers owned by Belgacom system engineers. The malware attacks go far beyond end user computers, targeting routers and setting the agency up for man-in-the-middle attacks (something that has become far more necessary as fewer and fewer people actually open, much less click links in spam email). The NSA may view this all as fair game — a means to an end — but the ugly truth is that the agency’s malware/hacking attempts are not limited to threats, but rather any person/service it believes can offer access to even more communications and data. At this point, the only thing slowing the agency down is the audacious size of its undertaking.
“One of the greatest challenges for active SIGINT/attack is scale,” explains the top-secret presentation from 2009. “Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture).”
The program — utilizing the previously discussed TURBINE (part of the agency’s TAO – Tailored Access Operations), as well as several other NSA tools like SECONDDATE and WILLOWVIXEN — is aimed at “Owning the Internet” according to the leaked documents. This internet “ownership” ultimately belongs to the American public, whether they want it or not — the price tag (according to the leaked Black Budget) was $67.6 million last year. As the scope continues to broaden, the budget will expand as well. The end result is the US public funding the weakening of security standards and encryption worldwide, all in the name of “national security.”
At this point, neither agency named (GCHQ, NSA) has offered anything more than canned “in accordance with policy/applicable laws” text in response to the latest leaks. (Only the GCHQ has responded so far.) The NSA may try pass these efforts off as “targeting” foreign subjects, deliberately ignoring the facts that the internet has no real borders, and that undermining the security of users worldwide — no matter what the stated “goal” — makes the computing world less safe for everyone involved, including domestic end users.
Filed Under: attacks, gchq, infections, malware, man in the middle, nsa, own the web, privacy, seconddate, turbine, willowvixen
Companies: facebook
Comments on “NSA Aiming To Infect 'Millions' Of Computers Worldwide With Its Malware; Targets Telco/ISP Systems Administrators”
Inadvertently??
“Finnish security firm F-Secure, calls the revelations ?disturbing.? The NSA?s surveillance techniques, he warns, could inadvertently be undermining the security of the Internet. “
There’s nothing inadvertent about it. They are intentionally undermining the security of the internet. That’s the whole point — to undermine it so that they have greater access.
Re: Inadvertently??
Then they should be purged. With fire. And napalm. Lots and lots of napalm.
NSA: Kill the internet in order to protect the internet. The American way of life we destroyed already by surveiling everyone without suspicion.
Re: Violent Pacification
reminds me of a song called “Violent Pacification” by DRI
“We’ll force you to be nice to each other
Kill you before you kill each other”
apart from the obvious consequences of this action by the NSA, anyone who has ever done something similar, and caught, has had to face serious reprisals! even DDoSing is a criminal offense with the punishments being imprisonment and yet here we are, with a national security agency, whose task is to protect the people, not just of it’s own nation but of others as well, all ready to infect the millions of machines around the globe and to do so
a)expecting no complaints, even though there will be no selective targeting
b) to do so with immunity, ie, no punishment at all!
this has got to stop! this taking over of machines and accessing mail is bad enough, but to take over cameras as well and then keeping the snap shots taken is the sort of thing a pervert, a pedophile or similar would perhaps do and again, no specific targeting, just a random log in to see what is being done and said.
this is actually sickening!!
Re: Re:
Down With The NSA. Time to make them disappear.
Yet we continue to think the techs doing this for the NSA / CIA/ GCHQ are somehow hero’s of the tech field.
They are the enablers for ALL of these issues. Without them, this level of crap could never have been achieved.
There is nothing to be proud of anymore about being a tech at the NSA.
Re: Re:
“Yet we continue to think the techs doing this for the NSA / CIA/ GCHQ are somehow hero’s of the tech field.”
Huh?? Who thinks that?
Re: Re:
I am curious? If you were a tech would you do this? Then add on that if you don’t do this the government will fire you and then make it difficult for you to ever get a decent job again. Would you still do this?
Re: Re: Re:
I am a tech (software engineer), and I would absolutely do this. In fact, I have turned down a number of job offers because the agencies offering the job were engaging in activities that I was not OK with, and have quite one job because I discovered they were doing things I disagreed with.
“and then make it difficult for you to ever get a decent job again”
It’s hard to see how they could do a lot in that direction. In the current job market, anyway, there is a shortage of good, experienced engineers. Jobs are plentiful if you’re willing to move to where they are. Competition for them is fierce.
Re: Re: Re: Re:
With respect, please allow me to amend one of your assertions.
There is a shortage of good, experience engineers… willing to work at the low wages that most employers want to offer.
Re: Re: Re:2 Re:
I dispute even that much. At least in my area, the median wage is very good — it puts you in the top 10% of the income spectrum.
Re: Re: Re: Re:
My point was that it is the techs that implement these initiatives but not all will come forward and blow the whistle because of of government pressure. Thomas Drake is an example: The last I heard, he was only able to get a job at an apple store due to government pressure ruining his reputation. Fear is a powerful motivator especially if you have a family to support.
Re: Re: Re:2 Re:
Well, yes, it takes balls of brass to stand up to “authority figures”. Nonetheless, failing to do so makes you complicit with the wrongdoing and deserving of disrespect.
Re: Re: Re:2 Re:
To clarify, I’m not saying that failing to blow the whistle condemns you. Blowing the whistle elevates you. But at a minimum, if the company/agency you work for is doing bad things and you continue to work for them in any capacity, then you are doing bad things.
Re: Re: Re:3 Re:
With a company it is much easier. Once it is connected to the government it will make it harder. I do generally agree with you though, but then it still comes down to the type of pressure someone is under. I wouldn’t work at a place that would compromise my morals, such as the NSA, but others may not think that when they take the job. Then family comes along and with the average American living paycheck to paycheck the government has a lot pressure they can put on that person. I believe this is one way how a lot of corruption happens and how it will keep happening. You also can’t think that it will only affect you in the family. I am betting people close to Snowden are now flagged in order to make things rather difficult. No fly list being one of them. It also may be the fact that I have a very pessimistic view of the federal government.
Re: Re:
“Yet we continue to think the techs doing this for the NSA / CIA/ GCHQ are somehow hero’s of the tech field.”
who thinks that? these scumbags are complicit in crimes against humanity.
Re: Re:
Who is this “we” you speak of?
I am still waiting for the leak that shows the GCHQ has actually been actively using those same strats against US entities.
Can you imagine the feign outrage they will have over it?
its painfully obvious who the enemy is
moon your webcam every chance you get
Re: its painfully obvious who the enemy is
I wonder if one can make a program that when your webcam is turned on, unless the control key is held down, the input is a music video of “Never Gonna Give You Up”.
Re: Re: its painfully obvious who the enemy is
This would be pretty easy to do, but a better idea is to physically disable the camera and microphone. I do this with that universal tool: duct tape.
Re: Re: Re: its painfully obvious who the enemy is
Not sure tape will disable the mic, and your solution isn’t nearly as fun.
Re: Re: Re:2 its painfully obvious who the enemy is
On my laptop, it does. 🙂
Re: Re: Re: its painfully obvious who the enemy is
2. Music Video Irritant, yes. slow down the adversary, waste their time and resources, like the uninvited door-to-door salesman, not my problem I didn’t answer the phone because I’m at work.
I wonder what Sen. Diane Feinstein thinks ?
Re: Re:
Whatever her corporate paymasters tell her to.
NSA malware is an attack by a third party.
It seems that governments rarely think about the long-term consequences of their actions. Just as it shouldn’t surprise anyone that the US/Israeli-government-developed Stuxnet virus has infected many computers around the world, not just the originally-targeted Iranian ones that Stuxnet was designed to sabotage.
Now we know who can shut down electricity grids and other critical infrastructure.
What about OUR families?
So the NSA targets me, a system administrator, and tries to compromise my system(s). The ones that I use from work and home and on the road. The ones that I use to log into my bank accounts. The ones full of pictures of my kids and correspondence with their teachers. The ones that I use to communicate with my kids. The ones that I use to IM with my wife. The ones that either hold or transit all kinds of personal information about my family. The ones that I’ve tried, very hard, to lock down via good software and strong encryption and careful use, because all of that information would be highly valuable to someone who intends to harm my family.
And the NSA has done its best to make that possible: to compromise my systems. To make it easier for rapists to find out when my wife’s alone. To make it easier for pedophiles to get pictures of my kids. To make it easier for scammers to empty my bank accounts. To make it easier for thieves to break into my home. To make it easier for every scumbag on the planet to turn them into victims.
Thanks a lot, NSA, from the burglars and rapists and kidnappers and murderers. I’m sure they appreciate your efforts.
Re: What about OUR families?
If you’ve got pictures of your kids that would turn a pedophile on, Allah help you anyway, just sayin’
Re: Re: What about OUR families?
Are you saying you never take your phone into the bathroom?
^ This guy….clearly not a system admin that understands the impacts.
Re: What about OUR families?
That’s OK. I’m pretty sure in a few years they will figure out a way to make all of us existing system admins get tossed in a concentration camp so they can input their own system admins across the infrastructure.
?Sys admins are a means to an end.?
And yet I still see sys admins on various tech boards shrugging their shoulders at being made idiots of by the NSA.
CFAA
http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act
This applies directly and everyone involved needs to be prosecuted to the maximum extent of the law.
Re: CFAA
It was my understanding that the nsa is exempt from cfaa
Re: Re: CFAA
As long as the ‘justice’ system continues with their ‘see no evil, hear no evil’ stance, the NSA, as well as pretty much every major governmental agency, is effectively exempt from essentially every law.
Re: Re: Re: CFAA
you have only scratched the surface on a super important problem. there really is no education for the american public, that needs to be done. Second. phase two again with the education part on this issue. people are scared…of what? If the majority of the public knew about this…..and they will… i really think there will be backlash big time. its the part of who is brave enough to do this, with facts straight out. snowden is just a fall guy used as detraction at the same time bengazi went down. this is what it will take. knowledge is power. information has more power. when the public finds the real truth behind the scenes, then…..fallout retribution will follow. just wait till google, microsoft. intel, HP, ATT oh boy, get busted. i believe this will happen and soon. this will be faster than the court system. everyone will see no laws, therefore no crimes, no law enforcement to enforce what? these politicians all suck, live in the past. however, silver lining in the cloud laws only for isp’s, google, microsoft, hp, facebook, etc. have immunity laws to protect them, however none for us.
Controlling viruses
The analogy of computer malware to biological viruses is more apt than often realized. In biological warfare controlling a virus or bacteria once it is in the wild is very difficult. There is a high risk the it could infect your own people. The same with computer malware, once in the wild there is a significant risk it can be used against you, whether it is accidental or deliberate. The problem is the dim-bulbs authorizing these attacks do not realize they are at risk.
Re: Controlling viruses
or they don’t care. because they only see associated costs and it is not their money that is spent.
Re: Controlling viruses
You’re correct, but there’s an even more basic problem here. In order for a virus to work, it has to exploit a security flaw in the system it wants to infect. The NSA collects, keeps secret (as in doesn’t inform the companies making the hardware & software), and in at least one case introduces security flaws to enable their virii to work.
Even if they never produced a virus at all, they’ve already done great damage in just laying the groundwork for them.
I’m sure they don’t limit themselves to Facebook. I believe we already heard about them performing a MITM attack posing as LinkedIn? I’m sure they also have or will target Twitter, Tumblr, LinkedIn, Instagram; any major congregation of people.
If this doesn’t foster a SOPA-level protest, what will?
Oops, wrong target...
Seems to me that trying to infect computers that aren’t patched and spamming infected email is targeting the wrong people altogether. The people with important information are typically patched and on the lookout for social engineering.
I’m not sure how much valuable information they will get from granny with her malware infected Windows XP box. Although maybe she’ll send them thousands of dollars in hopes they’ll send her millions in return.
NSA TO DESTROY COMPUTERS WORLDWIDE--NOT!
Sorcha Faal? Monday, September 26, 2011
“Booth/Sorcha – A FRAUD DISINFO AGENT FROM THE CIA
Check this out Guys I finally broke through the information barrier. This Character is another fraud and CIA disinformation agent.” http://nesaranews.blogspot.com/2011/09/boothsorcha-fraud-from-cia.html
Lots of other sites on Booth/Faal. Note the date on the web site I posted above. Booth/Faal was first “outed” in 2011.
When is this computer “catastrophe” supposed to occur? IT AIN’T GONNA’ HAPPEN! YOU CAN TAKE THAT TO THE BANK!
Saw another site that DID NOT connect Faal/Boothe to either the NSA or the CIA. Is there a connection? Does it matter? Don’t they ALL lie to us?