Report: NSA can hack offline computers via radio waves

People looking to avoid the NSA’s extensive electronic spying programs may have thought that unplugging their Internet connections would be enough to hide from prying eyes. Maybe not. A new report from the New York Times claims the spy agency employs "secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet."

Dubbed Quantum, this program "relies on a covert channel of radio waves" that can be broadcast from up to eight miles away and "insert packets of data in milliseconds." It also requires some hardware on the receiving end. According to the NYT, the covert communications target tiny transceivers that can be hidden inside computers or devices as small as USB cables. Implanting one of those bugs requires physical access to the machine, of course, but that shouldn’t be a problem for NSA spooks. The agency reportedly has a program in place to intercept PC shipments for the purpose of installing software and "hardware components."

Active since 2008, the Quantum program may have compromised as many as 100,000 machines. The NYT claims there’s no evidence of domestic use, though. Targets reportedly included the Chinese and Russian military, drug cartels, European trade institutions, and countries like Saudia Arabia, India, and Pakistan.

U.S. President Barack Obama is scheduled to discuss NSA reforms on Friday. A White House review panel has examined the NSA’s practices, and it reportedly made 46 recommendations. Government officials have met with privacy groups and tech companies, as well. It will be interesting to see whether those groups were convincing enough to produce meaningful reform.

Comments closed
    • Welch
    • 6 years ago

    Reform of the NSA and the creation of yet another dark government organization that no one has any clue about. I don’t know why anyone thinks that the NSA is the #1 Intel gathering group. The truly excellent groups are not talked about because they aren’t known about. Not surprised one bit, nor am I concerned about the NSA anymore than I would be about a neighbor hopping on my WiFi. Believe me, to think your data or information is secret is a joke. Its the equivalent of people growing up through the 70’s and 80’s being blown away at the idea of satellites that could take pictures from space that look like family portraits.

    • Diplomacy42
    • 6 years ago

    it isn’t really “hacking” to install a custom made wifi card and then use it, its basically the equivilant of a keyboard logger.

    • HisDivineOrder
    • 7 years ago

    You know if this exists that they’re actively using their moles inside Intel, AMD, Qualcomm, Apple, and Samsung to get these into every computing device on the planet, built-in from the get-go.

    They flip a switch and you’re wide open to the world.

    • tipoo
    • 7 years ago

    “They implant the spy bugs using USB cords like this one!”
    -holds up CAT5 cable-

    *headdesk*

    [url<]http://www.today.com/video/today/54075719/#54075719[/url<]

      • danny e.
      • 7 years ago

      it’s nbc.

    • UnfriendlyFire
    • 7 years ago

    And I thought the KGB and the Stasi were aggressive enough with their spying…

      • Krogoth
      • 7 years ago

      CIA, NSA and MI6 are just about as aggressive. “We” don’t hear it as often since we are on other side of the “Iron Curtain”. 😉

      • Kaleid
      • 6 years ago

      Wait until they successfully implement Total Information Awareness. It’s gonna happen, unless people really start speaking against it.

    • Mat3
    • 7 years ago

    From the perspective of the NSA, why don’t think keep this kind of thing to themselves? Why are they telling potential targets how to possibly circumvent their spying?

      • Zyxtomatic
      • 7 years ago

      This information is coming from leaks inside the NSA, such as Ed Snowden. The NSA itself is not formally releasing this sort of info for exactly the reason you specified. This is classified, useful spying equipment that normally would be kept secret.

    • MadManOriginal
    • 7 years ago

    This is completely yawn-worthy. It’s just saying the NSA can install a covert transceiver in or on PCs. My first thought was that this is basically the NSA version of a patent that adds ‘…on a mobile device!’ for a previous invention and is somehow treated as something new.

    • anotherengineer
    • 7 years ago

    As long as it doesn’t make my ping any worse, then whatever 😉

    • bittermann
    • 7 years ago

    Dear NSA, “if you’re reading this right now can you please stop wasting my tax dollars”?

      • 5150
      • 7 years ago

      Heh. “If”.

      • maasenstodt
      • 7 years ago

      “Your” tax dollars? It was stolen from you fair and square.

    • SnowboardingTobi
    • 7 years ago

    ugh… now I need to make a tinfoil hat for the computers.

    • Milo Burke
    • 7 years ago

    Do we divide that range by a factor of ten to get the actual range? Like we do with WiFi, Bluetooth, etc.?

    [quote<]...that can be broadcast from up to eight miles away...[/quote<]

    • Chrispy_
    • 7 years ago

    If you computer has been physically compromised by an online device connected directly to the NSA, then it’s not offline.

    WEARING SHOES* CAUSES CANCER

    * – Shoes must have first been irradiated by the NSA before wearing.

    • gmskking
    • 7 years ago

    Oh no. Now they can hack in a see all the porn on our computers.

      • Milo Burke
      • 7 years ago

      As inefficient as it sounds, their radio wave hacking method might still have higher bandwidth than most sites hosting this material.

    • hoboGeek
    • 7 years ago

    B [cough] LL SH [/cough] T

    • odizzido
    • 7 years ago

    Obama lies all the time anyways so I don’t really see what the point of seeing what he has to say is.

      • hoboGeek
      • 7 years ago

      Depends on what the meaning of the word “is” is.

      • Ringofett
      • 7 years ago

      If you like your spyware, you can keep it.

    • albundy
    • 7 years ago

    ” Targets reportedly included the Chinese and Russian military, drug cartels”

    really? I always thought the government helped empower the cartels. that’s how they gained so much power and were able to get away with killing entire villages and cities.

    ” The agency reportedly has a program in place to intercept PC shipments for the purpose of installing software and “hardware components.””

    yeah, but nobody on TR in their right mind would buy instead of build.

    Lastly, they can kiss my @ss. Truecrypt Biatches!

      • NeelyCam
      • 7 years ago

      [quote<]yeah, but nobody on TR in their right mind would buy instead of build.[/quote<] Yeah - these days it's so easy to build a very small, ultraportable laptop from components. If only Newegg wouldn't gouge on pricing

        • albundy
        • 7 years ago

        it specifically said PC’s not laptops. misinterpret as you see fit.

          • Ringofett
          • 7 years ago

          [quote<]it specifically said PC's not laptops. misinterpret as you see fit.[/quote<] Wikipedia: "A personal computer may be a desktop computer or a laptop, tablet or a handheld PC." It pains me to cite Wikipedia, but its too obvious that they wouldn't arbitrarily restrict themselves to a small part of the PC market that I don't care to put more effort in to my Googlefu. The tablet part of their definition is a little avant-garde, but I think most people associate it the same way.

          • NeelyCam
          • 7 years ago

          Ah – it makes sense now why Gartner et al. are always saying PC market is dying… they are talking about [i<]desktops[/i<]! Because a 17" gaming laptop is obviously a "mobile" device instead of a PC

    • chuckula
    • 7 years ago

    [quote<]Dubbed Quantum, this program "relies on a covert channel of radio waves" that can be broadcast from up to eight miles away and "insert packets of data in milliseconds."[/quote<] Yeah, Pringles Cantenna except that the NSA probably spent a few billion in contractor fees to do the same thing. [quote<]It also requires some hardware on the receiving end.[/quote<] Yeah, your computer isn't connect to the Interwebs but it is connected to the NSAwebs, same difference.

    • danny e.
    • 7 years ago

    I can hack peoples computers not only if they’re offline but also if the computers are turned off.

    It simply requires me to watch facebook for people posting they’re on vacation. I then drive across three states to their home. There, I smash through their back door and proceed to the computer room where I turn on the computer. I then type in ‘12345’ or ‘password’ into the prompt and proceed to view what the user has been up to with their life.

    Failing all that, I can just go back to facebook and check there what they have been doing with their life.

      • UnfriendlyFire
      • 7 years ago

      Just setup a bogus company and buy the information from Facebook. Might cost a bit, but it’s much less effort, because FB already did all of the data collection.

      • MadManOriginal
      • 7 years ago

      Young man, you have a bright future as an NSA operative! Please submit your resume and background check…oh wait, we already have it. You’re hired!

    • DragonDaddyBear
    • 7 years ago

    I wonder if the NSA doesn’t have another “hush-hush” program that “leaks” information to try and get the masses to behave in a certain way. Because, while the concept has been proven possible, it seems a little far fetched for 100K systems to be compramised.

    Or, maybe this is just a “leak” to distract us from something else? There are only so many security resources and so much time. Keep them swatting at the swarm of flies while the bees sting. Sounds like a good defensive/offensive technique to me.

    *puts away the tin foil hat*

      • Deanjo
      • 7 years ago

      [quote<]*puts away the tin foil hat*[/quote<] /me turns on thought scanner.

        • DragonDaddyBear
        • 7 years ago

        I KNEW IT! You must work for the NSA.

          • Deanjo
          • 7 years ago

          I won’t confirm or deny your accusation.

        • sweatshopking
        • 7 years ago

        People SHOULD NEVER TYPE WHAT THEY’RE DOING. IT’S NOT COOL.

        YOU WANT ME TO TYPE WHAT I’M DOING?!?!?!?!?!?!!!? YOU KNOW YOU DON’T. IF YOU DO, I DO. WE CAN AGREE IT’S IN EVERY BODIES BEST INTEREST TO NEVER DO IT.

          • fhohj
          • 7 years ago

          *radio interrupt activation*

          *downloading instruction*

          *TR forum account detected*

          *logging in, wait for input*

          ssk could you just not type in all capitals? a while back we moved some of our capture stuff to voice simulation on flagged things to make for quicker analysis of some of this stuff. so recently it got an updated version that improves the context and subtext interpolation, and we turn the preset for it pretty high here on TR because you smart guys often have double meanings and sarcasm and irony and implied jokes and things. couple that with caps not being used very much here so when you do that it just thinks that you’re really genuinely upset and angry and glitches out all the maxed subtext interpolation and it just shouts the stuff in your ear and sounds all frantic and weird. it can really startle you, make you bang your knee on the desk. so just avoid the caps. thanks. it’s ok on youtube or whatever but just y’know. keep it off TR.

          The NSA

          • Srsly_Bro
          • 7 years ago

          #walkingmycatsinthepark

          • derFunkenstein
          • 7 years ago

          I’m lying in bed in my undies. Get that out of your head.

          • jihadjoe
          • 7 years ago

          <Night-hen-gayle> I gotta go. There’s a dude next to me and he’s watching me type, which is sort of starting to creep me out. Yes dude next to me, I mean you.

      • OneArmedScissor
      • 7 years ago

      Some NSA “reform” proposals make blanket spying submissable evidence.

      Whether these are truly leaks or not, now that it is public, questionable people will attempt to twist it to questionable purposes.

      You can safely bet that whatever is announced Friday will not be the repeal of the Patriot Act, treason charges for anyone who violated the 4th amendment, and pink slips for every agency that still routinely fails to prevent attacks like the Boston marathon bombing, mass shootings by government employees with criminal histories, and police brutality.

      • duke_sandman
      • 7 years ago

      You’ve watched too many movies. The fundamental assumption is that once something is classified, it won’t become (U) until 25 year after the class-by date. (sometimes 40, sometimes 50 years, depending on the program). You spend a lot of precious time, manpower, and capital to make something worth classifying. You don’t waste it.

      A conspiracy of that sort would take the cooperation of one office working to undermine another office, when everyone knows who the real enemy is: Congressional Oversight. These offices aren’t static fixtures for 25 years; people rotate in and out, usually every 2-3 years. More often if there is an administration change. You think that _your_ office politics are cutthroat!?

      A more realistic vision of these government agencies is a lumbering oaf of a technology company with 50% too many employees, a large cash horde, an ill-defined mission, and the maneuverability of a battleship in the Panama Canal. Actually… kind of like Microsoft, post-Win95.

      No, this leak is troubling. You can take that however you want, no matter which side of the “Snowden Line” you are on.

      • NovusBogus
      • 7 years ago

      100k does sound like a stretch, since it’s clear from the article that it must be targeted the same way as most hardware surveillance technologies. The article also explicitly says that this wasn’t used against Americans, only foreigners which is how espionage is supposed to work.

        • Deanjo
        • 7 years ago

        [quote<]The article also explicitly says that this wasn't used against Americans, [/quote<] Do you honestly believe that to be the case?

    • OneArmedScissor
    • 7 years ago

    Surely, the lone FISA court issued 100,000 warrants naming each suspect, their crime, and their exact property to be searched!

    Thank gourd for these government checks and balances I learned about in government school. Why, if we didn’t have those, there might be criminals all over the place!

    • ronch
    • 7 years ago

    Next up: NSA can read your brainwaves from a thousand miles away.

    • hoboGeek
    • 7 years ago

    [quote<]NSA can hack offline computers via radio waves[/quote<] In fact they are the same radio waves that are use for teleporting on the Enterprise.

    • Unknown-Error
    • 7 years ago

    OK! This is creepy….

      • NeelyCam
      • 7 years ago

      I also read it on Infowars that NSA has hacked your neighbor’s cat. You may think it’s hunting birds in the backyard, but in reality the embedded microcameras in its eyes and the high-power antenna in its tail is giving NSA a 24/7 remote access to everything you do.

        • Milo Burke
        • 7 years ago

        Why does the NSA want to sleep on my keyboard?

          • NeelyCam
          • 7 years ago

          NSA’s motto: “Why not?”

        • fhohj
        • 7 years ago

        This explains so much.

        why cats stick their tails up the in the air and twitch them around a bit. trying to get a better signal

        why cats are always poking into things you don’t want them into.

        why cats are always going to windows or bothering you to let them out. trying to get more bars.

        why cats avoid the vacuum cleaner. complete and total interference with the signal

        why cats never stop bothering you for endless supplies of treats. they get influenced by the NSA ideas
        about budget.

        Clandestine Animal Technician

        Camouflaged Agent Transponder

        Cat Autonomous Transmitter

          • oldog
          • 7 years ago

          Gosh, I always thought cats did those things to get onto YouTube.

          • UnfriendlyFire
          • 7 years ago

          During the 1960’s in Washington DC, the FBI noticed two high-ranking Soviet officials that worked at the USSR embassy would quietly talk to each other at a park. The only issue was that they picked a bench that was surrounded by open fields and flanked by a road, so no one could sneak up on them without getting noticed.

          The FBI implanted a microphone and a radio transmitter in a cat. They then let the bionic cat loose across the road, expecting it to walk over to the Soviet officials.

          Instead, it got road-killed by a taxi.

            • USAFTW
            • 7 years ago

            [quote=”UnfriendlyFire”<]Instead, it got road-killed by a taxi.[/quote<] FriendlyFire

    • Krogoth
    • 7 years ago

    I call shenanigans on this one. There are so many easy counter to this (Faraday cage, simple EMI shielding, general radio jamming). There are a number of ways of detecting it.

    The difficulty of getting reliable data transmission via radio waves is a challenge into itself over long distances. That’s why WLAN technologies are severely limited by range and EMI interference.

    If you want to snoop on something with this method. Given the technical difficulties, you might as go with good old infiltration and get physical access.

    This isn’t new either. The intelligence world has played around with radio waves as a means of communication and intelligence gathering for decades. They are quite aware of the limitations.

      • Deanjo
      • 7 years ago

      [quote<]I call shenanigans on this one. There are so many easy counter to this (Faraday cage, simple EMI shielding, general radio jamming). There are a number of ways of detecting it.[/quote<] I wouldn't exactly call any of that "easy" for the layman.

        • Krogoth
        • 7 years ago

        It is simpler than you think. Assuming that you don’t care about wireless connectivity. Just put your equipment in a room with thick, solid walling or just put it in the basement. The snooper has be pretty close to location (a few blocks way) to have a realistic chance of getting in and that’s assuming that aren’t in a noisy EMI environment. Bandwidth is going to be severity limited as well which greatly reduces the amount of options for the would be attacker.

        This attack vector isn’t new at all and it is towards the bottom of the list.

          • Deanjo
          • 7 years ago

          Apparently you don’t understand the term “layman”.

            • Krogoth
            • 7 years ago

            NSA doesn’t not care about average joe. There are far larger fish to fry.

            This method is meant to attack certain targets that are completely ignorant of how radio waves operate and how to defend against them while getting physical access is deemed to be too risky. (low-key, foreign cells/groups)

            • Deanjo
            • 7 years ago

            I would argue they do care about the average joe as you point out there is ways for the tech savvy groups to thwart it. So if those groups can thwart it so easily as you imply, then who else would they use it on?

            • Krogoth
            • 7 years ago

            NSA’s resources and time aren’t infinite. They don’t care about allocating it on what average joe is up to. If anything average joe is a considerable hindrance to the NSA’s job, since they are by far the largest contributor to “noise” in the S/N ratio.

            The whole media sensation from recent NSA stuff was from contractors and low-end employees who were using the agency’s resources to keep a close eye on their personal connections without the victims and agency’s notification.

            The actual targets are low-tech, low-end, “high-risk” that have interests against the state such as militant government protestors, lesser political enemies, foreign cells etc.

            • Deanjo
            • 7 years ago

            [quote<]The actual targets are low-tech, low-end[/quote<] In other words, the layman.

            • Krogoth
            • 7 years ago

            [url<]https://www.youtube.com/watch?v=G2y8Sx4B2Sk[/url<]

            • l33t-g4m3r
            • 6 years ago

            They actually are infinite under a fiat currency where the fed has the power for unlimited money printing. It’s called quantitative easing, and they’re doing it right now. That’s the biggest reason why we have this problem, because they’re totally disconnected from responsible budgeting, and politicians get kickbacks for spending money we don’t have.

            • just brew it!
            • 6 years ago

            Even if they had infinite money (which they don’t… look up the definition of “infinite” sometime), they are still limited by resource constraints (human and equipment), and diminishing returns as they bang up against the laws of physics. Furthermore, the fact that we don’t have runaway inflation right now implies that banks (and others) are just sitting on most of the additional capital created by the multiple rounds of QE.

            • l33t-g4m3r
            • 6 years ago

            The reason why we don’t have runaway inflation is because we have a heavily regulated economy, milk prices for instance, and that the public is not seeing this cash. The QE funds will never directly influence the regular market, as it’s not going to see public hands, nor is there enough paper to cover these funds. The gov does not actually have enough physical tax money to cover the cost of foreign wars, entitlements, and the NSA. It’s all being covered through debt, which is why they keep raising the debt ceiling.

            The gov does have infinite money, as long as it’s allocated in their budget, and we’ll never see massive inflation as long as the dollar is the world’s reserve currency, and other countries have to buy oil in dollars. They know exactly how to print money, hide the inflation, and fully get away with it.

            • Krogoth
            • 6 years ago

            Wrong, the federal government doesn’t have “infinite” money. It is already fiscally unstable as it is. Don’t get started on state and local governments.

            If the situation doesn’t get remedy soon, there will be a crash that will make “Great Depression” during the 1920s-1930s look like a rainy day. It will start when investors and markets start to use something else besides the USD as the standard global currency.

            • l33t-g4m3r
            • 6 years ago

            You sound like Ron Paul, and while I love his ideas, the collapse he’s been predicting hasn’t happened. The gov is pretty experienced at making this scam work, and I don’t think it’s going to crash anytime soon, unless they want it too.

      • jihadjoe
      • 7 years ago

      Back in the 50s-60s this would have been easy to detect, but these days we have so much radio noise i doubt you’d notice unless you put the computer in a sealed room (really a big faraday cage).

      What’s interesting is how fast these things can transmit data. Fast enough and they can possibly bug a SATA cable, but my guess is they’re probably limited to a transmitter on the keyboard’s USB port.

        • Deanjo
        • 7 years ago

        There are definiately easier (for the likes of the NSA) and more hidden ways to spy on someone. Something as simple as pushing a Bluray player, TV or other net connected appliance modified firmware update and then disguising monitoring in the uPNP/DNLA service. Those devices are a joke for security and virtually nobody pays attention to what they may be doing.

          • Krogoth
          • 7 years ago

          Such devices are unlikely to have access to sensitive information other than knowing the viewing habits of their victims.

            • Deanjo
            • 7 years ago

            Such devices are programmable to do such items. They are the perfect devices to target as they are usually connected to the same network and utilize services that are usually already enabled on an internal network and have very little if any restrictions applied to them.

            • Krogoth
            • 7 years ago

            You are assuming such devices are online all the time and are connected to the internet. It also assumes that victim pick-up the said and you know the precise model number. This is much easier said than done.

            If anybody is trying to pull this trick. It isn’t the NSA. It would be the Chinese since they manufacture the vast majority of customer-grade electronics and have plenty of opportunities to plug in “bugs/backdoors”.

            • Deanjo
            • 7 years ago

            [quote<]You are assuming such devices are online all the time and are connected to the internet. It also assumes that victim pick-up the said and you know the precise model number. This is much easier said than done.[/quote<] You have to be joking right? First of all nearly a all those devices respond to a WOL request. This is how your remote apps turn on your device. The other common method is they have a web server running 24/7 if the power is plugged in. Second, finding out the device model is easy as hell. You can even use a bloody iapp to do so (or one of the many network scanners that are available). Their model numbers are usually used as the broadcast name for services such as DNLA and uPNP. Thirdly, you usually don't even need the exact model number, just the family as most firmware usually covers multiple devices in the family. Fourth, there is also your modem which is always on and every one has a service login.

            • Krogoth
            • 7 years ago

            You are assuming far too much that is going into realm of paranoia.

            What you are describing is technical possible and feasible, but the question is it cost effective to bug every piece of electronic hardware with backdoors and bugs? It is most certainly not. If any bugging is going to happen. If will be in equipment that is intended to go in areas where it gather useful information (enterprise, governments, NGOs). This pretty much excludes the vast majority of customer grade electronics. If a bug ends up being inside some sort of mainstream equipment. The said equipment will be planted by a proxy agent as a backdoor for future infiltration.

            • Deanjo
            • 7 years ago

            FYI, the Homeland security even issued a warning about uPNP in January of last year (they found an outstanding 20% of internet connected devices are running naked and exploitable on just the uPNP services alone).

            Second, you mention that the NSA is going after the likes of terrorist cells and such. I highly doubt that those factions are going to be utilizing enterprise networks. If the NSA is going to go after individuals they are more then likely going to be dealing with consumer grade devices. The fact remains that there are far easier avenues to monitor such groups then trying to use the method in the article and net connected devices are just one easy way of doing so.

            • Deanjo
            • 6 years ago

            Told ya so…..

            [url<]http://www.proofpoint.com/about-us/press-releases/01162014.php[/url<]

      • Goofus Maximus
      • 7 years ago

      Modern spread spectrum radio transmissions can be hard to distinguish from regular background radio noise, from what I’ve read, so detecting it might be a bit of a challenge.

        • nafhan
        • 6 years ago

        Even if they were just using normal wifi or bluetooth, it’d have to be a pretty unusual situation for most people (even the paranoid types) to start looking. Plus, in an urban area, low power 2.4Ghz is going to blend into the background – even without spread spectrum.

      • UnfriendlyFire
      • 7 years ago

      The thing is, nobody except for the folks wearing tin-foil hats was expecting the NSA to go that far.

        • Krogoth
        • 7 years ago

        Nah, this kind of stuff has been happening for a while. It was more “hush-hush” and “need-to-know-basis” type of stuff back then.

        Ironically, the internet allowed easier dissemination of this information to the masses.

          • Diplomacy42
          • 6 years ago

          that isn’t irony

      • Diplomacy42
      • 6 years ago

      your apparent definition of “shenanigans” would also cover condoms and radar detectors.

    • emvath79
    • 7 years ago

    What about post-it notes? Have they hacked those yet? Are they still considered safe for my information?

      • dmitriylm
      • 7 years ago

      Come on, even an idiot knows that ink can be clearly seen, recorded and photographed from a post-it!

        • Sargent Duck
        • 7 years ago

        I happen to have a Faraday cage in my downstairs. I love showing it off to people when I show them my house.

    • JosiahBradley
    • 7 years ago

    [quote<]But it was all right, everything was all right, the struggle was finished. He had won the victory over himself. He loved Big Brother.[/quote<]

      • BiffStroganoffsky
      • 7 years ago

      Cue blonde in running shorts and white tank with sledge…

        • egon
        • 7 years ago

        Striking a hammer blow for irony…

Pin It on Pinterest

Share This