Report: NSA intercepted electronics shipments to secretly install malicious software, hardware
By End the Lie
The sophisticated hacking unit of the National Security Agency (NSA) has intercepted electronics shipments in order to covertly install malware and hardware that allows for backdoor access to computers, according to a new report.
This latest revelation comes after a federal judge ruled the NSA’s mass surveillance program to be legal, the White House review panel sharply criticized many NSA programs and it was revealed that the NSA paid an influential security company to compromise their products.
The report, published by Germany’s Der Spiegel, reveals that the secretive NSA Office of Tailored Access Operation (TAO) actually physically compromises many electronics before they reach their final destination.
TAO, which Der Spiegel calls “the NSA’s top operative unit — something like a squad of plumbers that can be called in when normal access to a target is blocked” works closely with the FBI and CIA.
The group can reportedly direct shipping deliveries to their own secret workshops, a technique called “interdiction,” when a target individual, agency or company orders a new computer or accessory.
Once the agency get their hands on the electronics at one of their “load stations,” the packages are opened by agents. The agents can then load malicious software, or malware, onto electronics devices, according to the report.
It is worth noting that the he United States government is reportedly now the world’s largest buyer of malware.
The agents can also add physical components that give backdoor access to intelligence agencies, allowing all further surveillance to “be conducted from the comfort of a remote computer,” according to Der Spiegel.
One top secret document states that the practice of interdiction ranks among the “most productive operations” conducted by NSA operatives. Such methods give TAO agents access to networks “around the world,” according to the presentation viewed by Der Spiegel.
A 50-page document viewed by Der Spiegel, which “reads like a mail-order catalog,” allows NSA employees to order tools made by ANT, a division apparently so mysterious that the exact meaning of the acronym isn’t known by the major German paper.
ANT, which “presumably stands for either Advanced or Access Network Technology,” according to Der Spiegel, has broken through nearly all of the security features of major corporations like Cisco, Huawei and Dell.
In addition, the group has compromised products made by Juniper Networks, Seagate, Western Digital, Maxtor and Samsung, as The Verge points out.
The group, which specializes in secret back doors, helps the NSA “keep an eye on all levels of our digital lives — from computing centers to individual computers, from laptops to mobile phones,” according to Der Spiegel.
Indeed, in the personal computing world, the NSA apparently has no problem compromising a target machine.
The agency can exploit the common crash reports provided by Microsoft Windows to spy on computers, according to Der Spiegel.
TAO is reportedly capable of simply selecting any computer in the world as a target and entering a unique identifier like an IP address into a database, allowing them to get automatic notification of any crash reports.
These crash reports allow the agency to gain “passive access” to a target computer, according to an internal NSA presentation, which allows the agency to capture and save data sent out to the internet from the computer.
The crash reports can also give the agency insight into problems with target’s computer which can then be exploited at a later time to plant malware or spyware, according to Der Spiegel.
Various government agencies’ regularly hire hackers to develop such software, as was previously reported, and the Washington Post reported that U.S. spy agencies mounted 231 offensive cyber-operations in 2011 alone.
Ultimately, the Der Spiegel report gives the impression that these practices are only on the rise.
We would love to hear your opinion, take a look at your story tips and even your original writing if you would like to get it published. Please email us at [email protected]