Latest batch of documents leaked shows NSA’s power to pwn.
The National Security Agency’s sophisticated hacking operations go way beyond using software vulnerabilities to gain access to targeted systems. The agency has a catalog of tools available that would make James Bond’s Q jealous, providing NSA analysts access to just about every potential source of data about a target.
In some cases, the NSA has modified the firmware of computers and network hardware—including systems shipped by Cisco, Dell, Hewlett-Packard, Huawei, and Juniper Networks—to give its operators both eyes and ears inside the offices the agency has targeted. In others, the NSA has crafted custom BIOS exploits that can survive even the reinstallation of operating systems. And in still others, the NSA has built and deployed its own USB cables at target locations—complete with spy hardware and radio transceiver packed inside.
Documents obtained by Der Spiegel reveal a fantastical collection of surveillance tools dating back to 2007 and 2008 that gave the NSA the power to collect all sorts of data over long periods of time without detection. The tools, ranging from back doors installed in computer network firmware and software to passively powered bugs installed within equipment, give the NSA a persistent ability to monitor some targets with little risk of detection. While the systems targeted by some of the “products” listed in the documents are over five years old and are likely to have been replaced in some cases, the methods and technologies used by all the exploit products could easily still be in use in some form in ongoing NSA surveillance operations.
Special delivery
There’s no indication from the documents that the manufacturers played any role in the development or delivery of the backdoors (something that manufacturers are now loudly telling their customers, too). The documents, which appear to be pages from a catalog of capabilities provided by the NSA’s ANT division for the NSA’s Tailored Access Operations (TAO) division, show that many of the tools on offer are ordinary Windows exploits designed to use parts of the operating system to “phone home” to the NSA with data; like most malware, these packages can be dropped in place remotely and are probably the least interesting of the new revelations.
