NSA Deploys Botnet Armies, Spoofs Facebook
Mar 13, 2014 3:46 PM PT
The latest Snowden revelations about NSA surveillance activities indicate the agency could infect millons of computers with malware, and has spoofed Facebook servers to capture traffic from targets. Documents previously leaked by NSA whistleblower Edward Snowden include detailed descriptions of its tools and techniques, First Look reported.
"It is not surprising that the NSA would create and deploy malware," Harley Geiger, senior counsel at the Center for Democracy and Technology, told TechNewsWorld. "What is surprising is the evidence the NSA is prepared to do so on a scale that could affect millions of computers."
Hacking and surveillance operations should be used "on specific targets with minimal impact on innocent parties, not on a massive scale," Geiger said.
Dirty Deeds Done Dirt Cheap
The covert infrastructure that supports the hacking program operates from NSA headquarters in Ft. Meade, Md., and from NSA bases in the UK and Japan. British intelligence agency GCHQ apparently was deeply involved in developing the malware deployment tactic.
In some instances, the NSA set up fake Facebook servers; in others it spammed victims with poisoned emails whose payload could record audio from the target computers' mikes and take photos with its webcam. The NSA also can launch cyberattacks by corrupting and disrupting file downloads or denying access to websites, according to the First Look report.
The program, launched in 2004, apparently was aimed initially at about 150 targets, but over the past decade, the NSA developed an automated system codenamed "Turbine" that extends its reach to millions of victims.
Turbine reportedly was developed as part of the NSA's Tailored Access Operations unit's work. It would enable the agency to attack millions of targets through computer network exploitation malware, which scarfs up intelligence from target computers and networks; and computer network attack malware, which disrupts, damages or destroys targets.
Turbine has been operational since at least July 2010, according to the report. The NSA deployed up to 100,000 malware implants against computers and networks worldwide and planned to continue doing so. Turbine is part of a broader NSA initiative named "Owning the Net" for which the agency sought nearly $68 million in funds last year.
The NSA reportedly also has malware that can circumvent privacy tools because it accesses computers before they are protected with encryption, and it can track VoIP calls made using Skype and other systems.
The usefulness of NSA's email spam program has diminished over the years as people become more wary of opening unsolicited emails, so the agency is turning to man-in-the-middle tactics, the First Look report indicates.
Reaching for the Stars
"Combating cyberterrorism is an extremely difficult task where having better visibility is always helpful," Joe Bonnell, founder and CEO of Alchemy Security, told TechNewsWorld.
"That said, the apparent overreach by the U.S. government highlighted by stories [such as the one about Turbine] is making their mission more difficult," Bonnell pointed out.
It is not clear how effective this massive surveillance program has been so far.
"This may be a matter of some dispute, just like there continues to be debate over whether the bulk collection of telephone metadata provides useful intelligence," the CDT's Geiger said.
The Impact on the NSA
This latest report, coming shortly after Sen. Diane Feinstein, D-Calif., accused the CIA of breaking the law and breaching constitutional principles, could further heighten congressional and public mistrust of the NSA and other intelligence agencies. Feinstein, who chairs the United States Senate Intelligence Committee, has accused the CIA of sabotaging the committee's investigation into the use of waterboarding over several years.
The latest Snowden revelations also cast a shadow over congressional testimony given on Wednesday by General Keith Alexander, head of the military's newly created Cyber Command, that he is setting up 13 teams to launch cyberattacks on foreign nations in retaliation for similar attacks against the U.S.
"This and other reports have definitely thrown into question whether the NSA has the moral high ground in efforts to secure the Internet," Geiger pointed out. "If other countries decide to deploy malware en masse, it will be much harder for the U.S. to cry foul."