Advertise On EU-Digest

Annual Advertising Rates

11/24/13

Belgium - Netherlands: Report: NSA Infected More Than 50,000 Networks by Mid-2012 - by David Murphy

Time to break out the virus scanner – or, perhaps, nuke your computer from orbit. (It's the only way to be sure.)

According to new documents provided by the National Security Agency's favorite foe, former employee-turned-whistleblower Edward Snowden, Dutch newspaper NRC Handelsblad is reporting that the NSA has infected more than 50,000 computer networks with malware in a process known as "Computer Network Exploitation."

The process itself is nothing new; The Washington Post reported on these exploits in August. These "implants," as they're known in NSA terms, are deployed by a department within the agency known as TAO, or "Tailored Access Operations." Software engineers within TAO allegedly break into various routers, switches, and firewalls – to name a few devices – in an effort to compromise networks and, thus, gain access to the data being transmitted by the devices connecting to them.

As of 2008, TAO was allegedly able to deploy approximately 21,252 of these implants, and it was estimated that as many as 85,000 or so could be deployed by the end of 2013. Since the numbers NRC Handelsblad is reporting are based on a mid-2012 count, it's certainly possible that the NSA has been able to achieve its goal.

"The malware can be controlled remotely and be turned on and off at will. The 'implants' act as digital 'sleeper cells' that can be activated with a single push of a button," described reporters Floor Boon, Steven Derix, and Huib Modderkolk.

However, if you're thinking of some kind of Mission Impossible-like setup whereby a team of hackers in a room somewhere are launching pretty, graphical attacks at enemy networks — something that could be straight out of the Uplink game, you'd be mistaken.

As described by NRC Handelsblad, the British intelligence agency "Government Communications Headquarters," or GCHQ, performed a similar bit of network infiltration within Belgacom, a telecommunications provider in Belgium. To hack its way into the network, however, the agency employed fake LinkedIn pages and Slashdot websites to ensnare employees within the company's security and maintenance divisions and dump malware on their systems.

"In the case of Belgacom, the GCHQ used a sophisticated variant of the man-in-the-middle attack, known as a 'quantum insert', which Der Spiegel says could only be performed by a spy agency that's able to insert its own boxes into the Web. This way, when the target tries to access LinkedIn, GCHQ can serve them a spoofed version of the website instead of the real LinkedIn page," described SiliconAngle.
  Time to break out the virus scanner – or, perhaps, nuke your computer from orbit. (It's the only way to be sure.)

According to new documents provided by the National Security Agency's favorite foe, former employee-turned-whistleblower Edward Snowden, Dutch newspaper NRC Handelsblad is reporting that the NSA has infected more than 50,000 computer networks with malware in a process known as "Computer Network Exploitation."

The process itself is nothing new; The Washington Post reported on these exploits in August. These "implants," as they're known in NSA terms, are deployed by a department within the agency known as TAO, or "Tailored Access Operations." Software engineers within TAO allegedly break into various routers, switches, and firewalls – to name a few devices – in an effort to compromise networks and, thus, gain access to the data being transmitted by the devices connecting to them.

As of 2008, TAO was allegedly able to deploy approximately 21,252 of these implants, and it was estimated that as many as 85,000 or so could be deployed by the end of 2013. Since the numbers NRC Handelsblad is reporting are based on a mid-2012 count, it's certainly possible that the NSA has been able to achieve its goal.

"The malware can be controlled remotely and be turned on and off at will. The 'implants' act as digital 'sleeper cells' that can be activated with a single push of a button," described reporters Floor Boon, Steven Derix, and Huib Modderkolk.

However, if you're thinking of some kind of Mission Impossible-like setup whereby a team of hackers in a room somewhere are launching pretty, graphical attacks at enemy networks — something that could be straight out of the Uplink game, you'd be mistaken.

As described by NRC Handelsblad, the British intelligence agency "Government Communications Headquarters," or GCHQ, performed a similar bit of network infiltration within Belgacom, a telecommunications provider in Belgium. To hack its way into the network, however, the agency employed fake LinkedIn pages and Slashdot websites to ensnare employees within the company's security and maintenance divisions and dump malware on their systems.

"In the case of Belgacom, the GCHQ used a sophisticated variant of the man-in-the-middle attack, known as a 'quantum insert', which Der Spiegel says could only be performed by a spy agency that's able to insert its own boxes into the Web. This way, when the target tries to access LinkedIn, GCHQ can serve them a spoofed version of the website instead of the real LinkedIn page," described SiliconAngle.


Read more: Report: NSA Infected More Than 50,000 Networks by Mid-2012 | News & Opinion | PCMag.com

No comments: