Documents leaked by Edward Snowden have uncovered a secret NSA hacking unit which delivered the US some of its most significant intelligence information in recent years. The unit has been tapping into computers and networks since the dawn of the internet.
Der Spiegel described the Office of Tailored Access Operations
(TAO) as “something like a squad of plumbers that can be
called in when normal access to a target is blocked.”
According to the secret documents obtained by the German news
magazine, TAO specialists are involved in the most sensitive
operations of US intelligence - including counterterrorism,
cyber-attacks, and traditional espionage.
The unit, which was created at the dawn of the internet, was
developed with the mission of “getting the ungettable.”
“It’s not about the quantity produced, but the quality of
intelligence that is important,” a former TAO boss wrote,
describing her work in a document. She added that her hacked had
contributed to “some of the most significant intelligence our
country [the US] has ever seen.”
She stated that TAO “needs to continue to grow and must lay the
foundation for integrated Computer Network Operations” and that
it must also “support Computer Network Attacks as an
integrated part of military operations.”
In order to achieve those aims, the unit has to gain
“pervasive, persistent access on the global network,”
the ex-chief said.
The top secret unit has succeeded in gaining access to 258
targets in 89 countries. In 2010 alone, it conducted 279 global
operations, according to the documents.
Der Spiegel reported that TAO specialists have directly accessed
the protected networks of democratically elected leaders of
different states. They infiltrated networks of European
telecommunications companies and gained access to messages sent
over Blackberry's BES email servers – which are considered to be
securely encrypted.
The papers state that TAO recruits its staff among
“geeks” at hacker conferences, with NSA director Keith
Alexander visiting several such events in recent years.
TAO was originally located at the NSA’s headquarters in Fort
Meade, Maryland. But the unit has since expanded, with offices in
Wahiawa, Hawaii; Fort Gordon, Georgia; Buckley Air Force Base
near Denver, Colorado; and San Antonio, Texas.
The document shows that the NSA’s “on-call digital
plumbers” also have a European branch – the European
Security Operations Centre (ESOC), stationed at the so-called
“Dagger Complex” at a US military compound near Frankfurt,
Germany.
Hacking Mexico’s security agency
Mexico has been a prime target for US intelligence, with
surveillance assigned to TAO’s San Antonio branch - situated just
200 kilometers from the US-Mexico border.
The unit’s hackers accessed the network of Mexico's Secretariat
of Public Security, which is responsible for overseeing the
country’s police, prison system, counter-terrorism operations,
and border officers.
The NSA is most interested in information on the drug trade, as
well as overall security and human trafficking taking place at
the border, according to the documents.
As part of ‘Operation WHITETAMALE,’ TAO infiltrated the
Secretariat’s network by breaking into the emails of elected
systems administrators and telecommunications engineers. Hackers
then began mining large amounts of data.
The NSA spies had wide knowledge of the agency’s servers -
including IP addresses, computers used for email traffic, and
individual addresses of employees. They also obtained diagrams of
the security agency’s structures, including video surveillance.
The operation has been going on for years, Spiegel said, and was
aborted only after the paper reported the news for the first time
in October.
The NSA’s internal division labels the type of activity TAO
performed against the Mexican agency as “Computer Network
Exploitation” (CNE).
Its goal is to “subvert endpoint devices,” including
servers, workstations, firewalls, routers, handsets, phone
switches, and industrial control systems used at factories and
power plants – otherwise known as SCADAs.
Tapping global underwater internet cables
The NSA’s push for global surveillance explains its interest
towards the fiber optic cables which direct a large share of
global internet traffic along the world’s ocean floors.
A document labeled “top secret” and “not for
foreigners” describes the success of US intelligence in
spying on the SEA-ME-WE-4 cable system.
The system is a massive underwater cable bundle which connects
Europe with North Africa and the Gulf states before continuing
through Pakistan and India and onto Malaysia and Thailand.
The cable system originates in southern France, near Marseille,
with French Orange and Telecom Italia Sparkle being among the
primary stakeholders in the project.
According to the document, TAO “successfully collected
network management information for the SEA-Me-We Undersea Cable
Systems (SMW-4)” on February 13, 2013.
The agency was able to “gain access to the consortium's
management website and collected Layer 2 network information that
shows the circuit mapping for significant portions of the
network.”
The document states that the TAO team hacked an internal website
of the operator consortium and copied documents stored there
pertaining to technical infrastructure.
But the NSA has no intention of resting its oars. “More
operations are planned in the future to collect more information
about this and other cable systems,” the document states.