Keep up with the news by installing RT’s extension for . Never miss a story with this clean and simple app that delivers the latest headlines to you.

 

Snowden leak: NSA plans to infect ‘millions’ of computers

Published time: March 12, 2014 17:22
Edited time: March 13, 2014 08:34
The Threat Operations Center inside the National Security Agency (NSA) (AFP Photo)

The Threat Operations Center inside the National Security Agency (NSA) (AFP Photo)

Yet more previously secret surveillance operations waged by the United States National Security Agency were made public Wednesday morning thanks to leaked documents supplied by former NSA contractor Edward Snowden.

The files — published first by The Intercept this week and dissected over the course of a 3,000-word article attributed to journalists Glenn Greenwald and Ryan Gallagher — bring to light a number of previously unreported programs undertaken by the secretive US spy agency, including operations that have given the NSA the potential to infect millions of computers around the world by relying on malicious software that’s sent to targets through surreptitious means.

In recent years, however, the NSA has reportedly made adjustments to these operations that enable them to by carried out automatically without the direct aid of human spies — a decision that experts say is undermining the internet as it is known today,

“Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process,” the journalists wrote.

That automated system named "TURBINE," they said later, is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.”

NSA presentation from theintercept.com

According to The Intercept, the NSA has escalated offensive cyber operations significantly since 2004 in order to spy on targets, and has used an array of tactics and “implants” that were previously undisclosed in order to carry out these missions.

The website reported that the agency’s British counterpart, the GCHQ, “appears to have played an integral role” with regards to developing these implants, which have grown in number exponentially in recent years from only 100 or so to tens-of-thousands, according to the report.

These implants, the journalists wrote, allow the NSA “to break into targeted computers and to siphon out data from foreign Internet and phone networks.” They can also be combined with a number of specialized plugins to provide analysts with additional surveillance options, the likes of which could likely leave many thinking staying secure on the Web seem impossible after reading the Greenwald and Gallagher report.

NSA presentation from theintercept.com

In one example cited by The Intercept, the NSA disguised itself as a fake Facebook server in order to intercept connections attempted to be made between account holders and the social networking site’s real computers. Instead, however, the NSA sends those unsuspecting Facebook users to a real site embedded with malware that then has the ability to infect that target’s computer.

That program — QUANTUMHAND — became operational in October 2010, The Intercept reported, after it successfully allowed the NSA to gain access to “about a dozen targets.”

A spokesperson for Facebook told The Intercept he had “no evidence of this alleged activity,” but QUANTUMHAND is far from the only program that, thanks to Edward Snowden, have linked the NSA to relying on already established websites and programs to pry into the communications of targets.

In another example, The Intercept included images from an internal NSA slideshow presentation that indicates surveillance missions can be waged by the agency against targeted email addresses, IP addresses and the “cookies” created by websites like Google, Yahoo, YouTube and countless others to track visitors, often for advertisement and user experience purposes.

NSA presentation from theintercept.com

Ashkan Soltani, a DC-based independent security researcher, remarked on Twitter that the information in that presentation “looks a lot like a catalog of ad tracking tech.” Instead of being used by the likes of Google to give YouTube users a more “personalized” browsing experience, however, the NSA and GCHQ can use these selectors to spy on the habits of unknowing subjects of investigation.

GCHQ targeting sheet looks a lot like a catalog of ad tracking tech: UDIDs, Google prefIDs, doubleclickID, WiFi MAC pic.twitter.com/oOMl0yJj4k

— ashkan soltani (@ashk4n) March 12, 2014

Other programs disclosed by Mr. Snowden and described by The Intercept include CAPTIVATEDAUDIENCE (“used to take over a targeted computer’s microphone and record conversations”, GUMFISH (“can covertly take over a computer’s webcam and snap photographs”), FOGGYBOTTOM (“records logs of Internet browsing histories and collects login details and passwords”), GROK (“used to log keystrokes”) and SALVAGERABBIT to exfiltrate data from removable flash drives connected to a target’s computer.

To infect computers with these implants, The Intercept said, the NSA can avoid trying to trick targets into going to fake websites by instead spamming them with unsolicited email containing links to malware.

If we can get the target to visit us in some sort of web browser, we can probably own them,” an NSA employee wrote in one of the previously secret documents. “The only limitation is the ‘how.’”

NSA presentation from theintercept.com

The Intercept’s latest report was published only two days after Snowden spoke remotely to the audience of the SXSW Interactive tech conference in Austin, Texas and urged attendees to use encryption — a tactic, he said, that is still relatively successful with regards to thwarting snooping like the kind carried out by the NSA.

Encryption, Snowden said on Monday, makes it“very difficult for any sort of mass surveillance”to occur.

If The Intercept’s report is anywhere close to representative of the NSA’s actual capabilities though, then the agency’s operations are expanding regardless and relying on new tricks and techniques to track down and monitor persons of interest in the name of national security.

“When they deploy malware on systems,” malware expert Mikko Hypponen told The Intercept, “they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.”

Comments (62)

 

mergon 12.08.2014 16:23

They have my pac/mac/imi and ip , im not a geek but use startpage as the browser and every setting in this computer is set no for everything except for the bare essencials to get on a site like this, history is set at clear everything from the start of time and is cleared after evey page , this computer has lasted than the other 3 and the 3 extra hard drives , its hard work but just slows them down a bit , also all downloads are turned off after microsoft decided to dump 78 downloads on me at once
they are all bent !

 

Si porter 02.07.2014 13:07

So your saying that the Ground (Earth connection on our homes is under attack what! You, mean if my router is plugged in to the mains i don,t have to be connected on line..as long as the p.c/laptop is plugged intro a mains socket i'm owned?

 

Claudia 30.04.2014 14:41

Martin Tangeten 03.04.2014 00:14

I guess they dont need any connection to the web. The socket for voltage is possibly already their way. Everyone can buy equipment to do so at home and this technology is already common with baby phones for example.

  

Well, then you still need a receiver that can gain information from the socket. I didnt found that yet in any of my computers.

View all comments (62)
Add comment

Authorization required for adding comments

Register or

Name

Password

Show password

Register

or Register

Request a new password

Send

or Register

To complete a registration check
your Email:

OK

or Register

A password has been sent to your email address

Edit profile

X

Name

New password

Retype new password

Current password

Save

Cancel

Follow us

Follow us