German news magazine Der Spiegel has published a couple of articles containing new revelations about the NSA's electronic spying programs. The first describes the spy agency's Tailored Access Operations unit, which specializes in gathering high-value intelligence that can't be obtained by traditional surveillance methods. The TAO's activities reportedly include hacking into servers, monitoring Windows crash reports, and tapping undersea communications cables, among other things.
According to the documents seen by Der Spiegel, the TAO even intercepts shipments of computers and other devices en route to customers. These products are reportedly loaded with malware and "hardware components" that grant intelligence officers remote access to the targeted systems. Think about that the next time one of your Newegg shipments is delayed.
Der Spiegel's second article looks into an unnamed group called the ANT, which is described as a team of "master carpenters" working for the TAO. The ANT reportedly produced a 50-page "product catalog" that includes everything from GSM "base stations" that masquerade as cellular towers to bugged USB ports "capable of sending and receiving data via radio undetected." The document even lists prices for each surveillance product; the GSM units cost $40,000, while a 50-pack of bugged USB ports is priced at a cool $1 million.
In addition to offering snooping hardware, the ANT division reportedly produces malicious software. It prefers planting malware in motherboard BIOSes, which allows the code to hide from virus scanners and persist after the system's hard drive is wiped. Hard drives aren't safe, either. "Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung," Der Spiegel says. There are exploits for networking hardware, too, though tech companies don't appear to be complicit.
The NSA stopped short of admitting to specific activities, but it issued a statement to Der Spiegel describing the TAO as "a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies." The group's mission "is centered on computer network exploitation in support of foreign intelligence collection," the NSA says.
|The TR Podcast 171 video is now available via YouTube||2|
|Friday Night Shortbread||23|
|Simple iframe attack compromises SOHO routers||21|
|Deal of the week: Radeons, mechanical keyboards, IPS displays, and more||23|
|Windows 10 to support USB 3.1 Type-C's new features||23|
|Apple preps for March 9 'Spring Forward' event||47|
|Thursday Night Shortbread||65|
|TR's February 2015 System Guide||85|