The latest revelations in the ongoing NSA spying scandal are some of the most troublesome yet. Documents leaked by Edward Snowden and analyzed by The Intercept suggest that the agency has the ability to infect computers with malware on a massive scale. Even worse, perhaps, is that the snoop botnet is reportedly managed by automated intelligence that acts "like a brain." Has science fiction taught us nothing about putting computers in positions like that?
Dubbed Turbine, the system is said to be capable of managing "potentially millions" of so-called implants. These implants can reportedly perform all sorts of nefarious activities, including recording microphone audio, watching webcam feeds, logging browser activity, tracking passwords, monitoring keystrokes, and accessing user data. The NSA's Turbine intelligence apparently decides which tools are appropriate for which machines—a determination that used to be made by actual humans.
Turbine seems to be heavily reliant on a separate NSA effort called SecondDate. This program is said to enable malware infections by providing a platform for man-in-the-middle attacks. According to one of the presentation slides published by The Intercept, SecondDate "influences real-time communications between client and server and can quietly redirect web-browsers to FA servers for individual client exploitation." The targeting can be surgical, the slide says, but SecondDate also "allows mass exploitation potential for clients passing through network choke points."
Intercepting traffic on that sort of scale requires compromised infrastructure, putting system administrators in the crosshairs. The NSA has reportedly targeted admins working at foreign telecommunications providers, though it's unclear whether the agency engaged in similar practices stateside. One leaked document suggests that NSA hackers saw sysadmins as gateways to other targets of interest, including government officials.