Documents Reveal NSA's Alleged Plot To Hijack Millions of PCs, Infect Internet's Infrastructure At Will
A new comprehensive writeup at The Intercept claims to reveal additional details of the NSA's plans to infiltrate and conquer the Internet -- as well as its desire to bring virtually all data, everywhere, within its reach. A year ago, this kind of claim would've sounded like hyperbolic conspiracy theory, but no longer. Whether the NSA could ever effectively analyze that information is very much an open question, but the organization has launched a huge number of programs to pursue these ends.
Own The Web
What The Intercept report details is the NSA's plan for infiltrating target networks, right down to individual PCs. There are a dizzying number of codenames -- TURBINE is the automated system that manages the NSA's industrial-sized exploitation network. CAPTIVATEDAUDIENCE records conversations that occur near a device's webcam or microphone. FOGGYBOTTOM captures browsing records and login details; SALVAGERABBIT is responsible for exfiltrating captured data on flash drives and moving that information back from the local PC to the NSA itself.
We've known for months that the NSA had programs designed to scoop cell phone meta data and hoover up personal details -- what this new document describes is just how particular and personal the NSA can get. The Dispatch references an attack method called "man-on-the-side," described as follows:
"In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive."
Of course, you can't watch systems with that degree of real-time accuracy if you don't have access to the network -- but the NSA has that angle covered. They've compromised sysadmin accounts, routers, other system backdoors, and a huge range of vulnerabilities, all with the goal of being able to target any flaw in a person's security practices, including all the ones no one knows exist.
The potential unintended consequences of these actions are vast.
This Will Not End Well
Most of the time, debates about the NSA's role in these activities boil down to whether you subscribe to the theory of realpolitik and if you think Edward Snowden is a traitor or a hero. Let's skip past that for a moment and talk about the practical ramifications of what the NSA has done. It has used technological wizardry and social engineering to embed backdoors and access points within critical network infrastructure.
The NSA is very, very, very good at what it does, but the NSA is not perfect. Others can find the backdoors it has exploited. If the right companies find them, they'll be repaired, thus driving the government, with its bone-deep assurance that these actions are necessary), to find more flaws and problems. If the wrong people find these programs, they'll find ways to turn them against their creators.
In the long run, the NSA's decision to use critical server "choke points," to deploy their own malware could fatally weaken those same points against eventual attack. There is no way to create a hack-proof backdoor for any single organization; any security flaw that can be exploited by one group can be exploited by another. Meanwhile, disclosure of the NSA's actions risks an estimated $35B in sales as former trade partners seek alternatives to American services and products.
We've angered our allies by spying on their top leaders, to no tangible gain. We've gone so far overboard, the mere use of encryption is now cited as suspicious evidence -- as though no one working in a corporate or personal environment never had good reason to encrypt information. Now, the CIA stands accused of spying on the Senate Foreign Intelligence Committee and of falsely accusing Senate aides of breaking the law and disseminating classified information -- explosive allegations in the wake of the Snowden leaks.
All evidence points to a security state apparatus that has run amok. There has always been tension between the necessary secrecy that surrounds statecraft and espionage, and the proper function of a democracy -- but what we have uncovered, thanks to Snowden, are espionage activities that dwarf the events of the 1970s that led to the creation of the FISA Court and the Senate Foreign Intelligence Committee. You don't have to consider Snowden a hero to see that the actions of the NSA and CIA weaken security standards, international relationships, and the proper functioning of a democracy.
Own The Web
What The Intercept report details is the NSA's plan for infiltrating target networks, right down to individual PCs. There are a dizzying number of codenames -- TURBINE is the automated system that manages the NSA's industrial-sized exploitation network. CAPTIVATEDAUDIENCE records conversations that occur near a device's webcam or microphone. FOGGYBOTTOM captures browsing records and login details; SALVAGERABBIT is responsible for exfiltrating captured data on flash drives and moving that information back from the local PC to the NSA itself.
We've known for months that the NSA had programs designed to scoop cell phone meta data and hoover up personal details -- what this new document describes is just how particular and personal the NSA can get. The Dispatch references an attack method called "man-on-the-side," described as follows:
"In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive."
Of course, you can't watch systems with that degree of real-time accuracy if you don't have access to the network -- but the NSA has that angle covered. They've compromised sysadmin accounts, routers, other system backdoors, and a huge range of vulnerabilities, all with the goal of being able to target any flaw in a person's security practices, including all the ones no one knows exist.
The potential unintended consequences of these actions are vast.
This Will Not End Well
Most of the time, debates about the NSA's role in these activities boil down to whether you subscribe to the theory of realpolitik and if you think Edward Snowden is a traitor or a hero. Let's skip past that for a moment and talk about the practical ramifications of what the NSA has done. It has used technological wizardry and social engineering to embed backdoors and access points within critical network infrastructure.
The NSA is very, very, very good at what it does, but the NSA is not perfect. Others can find the backdoors it has exploited. If the right companies find them, they'll be repaired, thus driving the government, with its bone-deep assurance that these actions are necessary), to find more flaws and problems. If the wrong people find these programs, they'll find ways to turn them against their creators.
In the long run, the NSA's decision to use critical server "choke points," to deploy their own malware could fatally weaken those same points against eventual attack. There is no way to create a hack-proof backdoor for any single organization; any security flaw that can be exploited by one group can be exploited by another. Meanwhile, disclosure of the NSA's actions risks an estimated $35B in sales as former trade partners seek alternatives to American services and products.
We've angered our allies by spying on their top leaders, to no tangible gain. We've gone so far overboard, the mere use of encryption is now cited as suspicious evidence -- as though no one working in a corporate or personal environment never had good reason to encrypt information. Now, the CIA stands accused of spying on the Senate Foreign Intelligence Committee and of falsely accusing Senate aides of breaking the law and disseminating classified information -- explosive allegations in the wake of the Snowden leaks.
All evidence points to a security state apparatus that has run amok. There has always been tension between the necessary secrecy that surrounds statecraft and espionage, and the proper function of a democracy -- but what we have uncovered, thanks to Snowden, are espionage activities that dwarf the events of the 1970s that led to the creation of the FISA Court and the Senate Foreign Intelligence Committee. You don't have to consider Snowden a hero to see that the actions of the NSA and CIA weaken security standards, international relationships, and the proper functioning of a democracy.
