In yesterday’s post about the prison sentence of a Chinese group for buying and selling Warcraft accounts on the black market, I mentioned that revelations about the extent of the NSA’s spying and hacking operations continue. The latest round was published in German magazine Spiegel, which details how the NSA does everything from intercepting electronics deliveries to using Microsoft’s crash-reporting system to hack its targets.
Tailored Access Operations (TAO) is a division of the NSA consisting of elite, ninja hackers who can steal data from just about anyone, anywhere. Spiegel published information about the NSA’s 50-page internal catalog of devices used to gain back-door access to information. The devices can help TAO hackers access individual computers, phones, and entire computing centers. The catalog apparently lists all of these devices and their prices. One notable tool is a program called FEEDTROUGH, which infiltrates firewalls and greases the wheels for the installation of spy programs that give the NSA permanent access into computer systems. Even Juniper, the world’s second-largest manufacturer of networking equipment, has been unable to fend off FEEDTROUGH, despite its “best-in-class” firewalls and security. The program is so robust that software upgrades can’t shake it, and according to Spiegel, the TAO catalog says the program “has been deployed on many target platforms.”
When malware or other programs don’t work, the NSA has plenty of other tricks up their sleeves. Their toolbox includes items such as a monitor cable ($30) that allows NSA hackers to see what’s on the monitor it’s plugged into. They’ve got bugging devices masquerading as USB drives and plugs ($1 million for a pack of 50 — that alone tells us something about the scope of this). They even have devices that can mimic an entire cell phone tower and provide access to all of the routed calls, all for a very frugal $40,000.
The TAO catalog notes all the equipment and commercial manufacturers the NSA uses for such operations. Are you ready for this? You probably own tech made by at least one of these — I know I do: Samsung, Western Digital (do you think the NSA bugged the external hard drive I gave my mom for Christmas?), Seagate, Maxtor, Cisco, Huawei, and Dell. NSA programs compromise the firmware for devices made by these companies. While the NSA can and does hack systems via the internet, they also do it the old-fashioned way — by intercepting electronics packages mailed to targets and implanting a bug or other device before putting it back in the mail. According to Spiegel, this is one of the “most productive operations” of the NSA’s hacking team.
According to reports, none of these manufacturers knew their products were being used by the NSA in this way, and if you think about it, why would they? It’s both brilliant and diabolical for the NSA to gain access to information this way, almost like hiding in plain sight. And you know that message you get when a Windows program crashes, asking for you to report the problem to Microsoft? The NSA can utilize those, too, and use them to access machines running Windows.
Whoo boy. This is one of those cases in which I’m not really surprised, yet I’m still shocked. There seems to be no end to the tactics the NSA uses, which makes me wonder what we still don’t know about. The information obtained by Edward Snowden, who more and more is being hailed as a whistleblower rather than a traitor, seems to be endless, and a recent 60 Minutes report asserted that Snowden took over 1.7 million documents, much more than previously estimated. Snowden recently declared that he accomplished what he set out to do by leaking the NSA documents, although the shockwaves are sure to continue.