Jump to content
Login new information ×
Login new information

NSA Reportedly Intercepting Laptops Purchased Online to Install Spy Malware

Turk

By Turk
in Security & Privacy News

 Share

Recommended Posts

Turk

Turk

Posted
Posted (edited)

According to a new report from Der Spiegel based on internal NSA documents, the signals intelligence agency's elite hacking unit (TAO) is able to conduct sophisticated wiretaps in ways that make Hollywood fantasy look more like reality. The report indicates that the NSA, in collaboration with the CIA and FBI, routinely and secretly intercepts shipping deliveries for laptops or other computer accessories in order to implant bugs before they reach their destinations. According to Der Spiegel, the NSA's TAO group is able to divert shipping deliveries to its own "secret workshops" in a method called interdiction, where agents load malware onto the electronics or install malicious hardware that can give US intelligence agencies remote access.

While the report does not indicate the scope of the program, or who the NSA is targeting with such wiretaps, it's a unique look at the agency's collaborative efforts with the broader intelligence community to gain hard access to communications equipment. One of the products the NSA appears to use to compromise target electronics is codenamed COTTONMOUTH, and has been available since 2009; it's a USB "hardware implant" that secretly provides the NSA with remote access to the compromised machine.

This tool, among others, is available to NSA agents through what Der Spiegel describes as a mail-order spy catalog. The report indicates that the catalog offers backdoors into the hardware and software of the most prominent technology makers, including Cisco, Juniper Networks, Dell, Seagate, Western Digital, Maxtor, Samsung, and Huawei. Many of the targets are American companies. The report indicates that the NSA can even exploit error reports from Microsoft's Windows operating system; by intercepting the error reports and determining what's wrong with a target's computer, the NSA can then attack it with Trojans or other malware.

In response to Der Spiegel's report, Cisco senior vice president John Stewart wrote that "we are deeply concerned with anything that may impact the integrity of our products or our customers' networks," and that the company does "not work with any government to weaken our products for exploitation." Other US companies have fired back against reports of NSA tampering in recent months, including Microsoft, which labeled the agency an "advanced persistent threat" over its efforts to secretly collect private user data within the internal networks of Google and Yahoo.

Sometimes the NSA hops on an FBI jet for high-tech raids

The Der Spiegel report, which gives a broad look at TAO operations, also highlights the NSA's cooperation with other intelligence agencies to conduct Hollywood-style raids. Unlike most of the NSA's operations which allow for remote access to targets, Der Spiegel notes that the TAO's programs often require physical access to targets. To gain physical access, the NSA reportedly works with the CIA and FBI on sensitive missions that sometimes include flying NSA agents on FBI jets to plant wiretaps. "This gets them to their destination at the right time and can help them to disappear again undetected after even as little as a half hour's work," the report notes.

The NSA currently faces pressure from the public, Congress, federal courts, and privacy advocates over its expansive spying programs. Those programs, which include bulk telephone surveillance of American citizens, are said by critics to violate constitutional protections against unreasonable searches, and were uncovered earlier this year by whistleblower Edward Snowden. Beyond the programs that scoop up data on American citizens, Snowden's documents have also given a much closer look at how the spy agency conducts other surveillance operations, including tapping the phones of high-level foreign leaders.
http://www.theverge.com/2013/12/29/5253226/nsa-cia-fbi-laptop-usb-plant-spy

Der Spiegel NSA Inside TAO Full Report: http://www.nsaneforums.com/topic/200271-inside-tao-docs-reveal-top-nsa-hacking-unit

Edited by Turk
Link to comment
Share on other sites
  • Replies 2
  • Views 951
  • Created
  • Last Reply

Top Posters In This Topic

  • mastershake

    1

  • janedoe

    1

  • Turk

    1

Popular Days

Top Posters In This Topic

Popular Days

mastershake

mastershake

Posted
Posted

on of the reasons i would never accept anything that was opened prior to me getting it and retaped or with seal messed with and why i ALWAYS do a clean format anytime i get any new computer or laptop. even as far as to reflash the bios to make sure its clean.

Link to comment
Share on other sites
janedoe

janedoe

Posted
Posted (edited)

on of the reasons i would never accept anything that was opened prior to me getting it and retaped or with seal messed with and why i ALWAYS do a clean format anytime i get any new computer or laptop. even as far as to reflash the bios to make sure its clean.

I highly doubt that you reflash every single piece of hardware in a new PC (that's even assuming the firmware is available for download by end users). If the software and hardware/firmware have been compromised there's nothing you can do. Not to mention do you think they are amateurs? If they open a package you honestly believe you'll be able to detect this? If it was that easy to detect why would they even bother. (That's not even taking into account the fact that they can most likely just bribe/threaten someone and access the package before it is even sealed.) They're not stupid, you know. Bottom line, with the virtually unlimited resources they have access to if you are a person of interest and they really want to get at your data, you can bet they will succeed sooner or later (probably the former).

Edited by janedoe
Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...