Ready yourselves, the cyberter ... I mean NSA wants to hack/infect your computers
GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.
The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.
In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.
The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.”
In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the “Expert System,” which is designed to operate “like the brain.” The system manages the applications and functions of the implants and “decides” what tools they need to best extract data from infected machines.
Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations “disturbing.” The NSA’s surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.
Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.
The intelligence community’s top-secret “Black Budget” for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named “Owning the Net.”
The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass “a wider variety” of networks and “enabling greater automation of computer network exploitation.”
Two implants the NSA injects into network routers, HAMMERCHANT and HAMMERSTEIN, help the agency to intercept and perform “exploitation attacks” against data that is sent through a Virtual Private Network, a tool that uses encrypted “tunnels” to enhance the security and privacy of an Internet session.
In many cases, firewalls and other security measures do not appear to pose much of an obstacle to the NSA. Indeed, the agency’s hackers appear confident in their ability to circumvent any security mechanism that stands between them and compromising a computer or network. “If we can get the target to visit us in some sort of web browser, we can probably own them,” an agency hacker boasts in one secret document. “The only limitation is the ‘how.’”
Do read the whole article, because it's a lot of stuff.
Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.
Well, since NSA is part of the United States Government, it can basically instruct hardware and software manufacturers ... particularly including cell-phone manufacturers ... to include whatever-it-wants into whatever-it-wants. At least within the United States. More elaborate techniques would be reserved for special cases.
My main concern in all of this is that, well, "the cat's away." Particularly since 9/11, anything that any Defense Contractor could think to ask for "in the name of Homeland (tah dahhhhh) Security" was like rubbing on a magic lamp. There was no oversight, no controls, no one questioning: "is this really a necessary and prudent use of public funds?" Billions(!) of dollars were being spent every day, and all of it was TOP $E¢RET. (Ka-ching!!)
Over 100 years ago now, Maj. Gen. Smedley Butler, USMC (who was the most-decorated military officer of his day) said that "War is a Racket." A decade later, we find that "Homeland Security" is truly a racket, as well.
I, for one, want to know why we're being told that "we can't afford" to do so many important things for the citizens of the United States, when we "have to" spend #CLASSIFIED# dollars on (just to name a few ...) #CLASSIFIED#, #CLASSIFIED#, and, leave us not forget, especially... #CLASSIFIED#.
I am of the considered opinion that, not only are we getting ripped off, but we also are not being made "safer" by it. Indeed, quite the opposite.
"The Public purse," as well as "The Public interest," is the legitimate concern of every "ordinary" member of: The Public. (And, especially in this case, of: The World. We're all on this blue rock together.)
It seemed that the malware part of it was Windows-specific...and for the Internet, all we have to do is set up one central server per state/region, and everyone use an SSH tunnel, and then they can't trace IP addresses! Only problem: Who's gonna pay for the server and the Google-Fiber-class Internet speeds that it will need? That can't be cheap...