N.S.A. Devises Radio Pathway Into Computers

Discussion in 'General Discussion' started by tulianr, Jan 15, 2014.


  1. tulianr

    tulianr Don Quixote de la Monkey

    EXCERPTS:
    WASHINGTON — The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.

    While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.

    The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

    .....

    Among the most frequent targets of the N.S.A. and its Pentagon partner, United States Cyber Command, have been units of the Chinese Army, which the United States has accused of launching regular digital probes and attacks on American industrial and military targets, usually to steal secrets or intellectual property. But the program, code-named Quantum, has also been successful in inserting software into Russian military networks and systems used by the Mexican police and drug cartels, trade institutions inside the European Union, and sometime partners against terrorism like Saudi Arabia, India and Pakistan, according to officials and an N.S.A. map that indicates sites of what the agency calls “computer network exploitation.”

    .....
    How the N.S.A. Uses Radio Frequencies to Penetrate Computers
    The N.S.A. and the Pentagon’s Cyber Command have implanted nearly 100,000 “computer network exploits” around the world, but the hardest problem is getting inside machines isolated from outside communications.

    0115-for-webNSA-720_size.
    Transmission distance of up to eight miles

    1. Tiny transceivers are built into USB plugs and inserted into target computers. Small circuit boards may be placed in the computers themselves.

    2. The transceivers communicate with a briefcase- size N.S.A. field station, or hidden relay station, up to eight miles away.

    3. The field station communicates back to the N.S.A.’s Remote Operations Center.

    4. It can also transmit malware, including the kind used in attacks against Iran’s nuclear facilities.
    No Domestic Use Seen
    There is no evidence that the N.S.A. has implanted its software or used its radio frequency technology inside the United States. While refusing to comment on the scope of the Quantum program, the N.S.A. said its actions were not comparable to China’s.

    “N.S.A.'s activities are focused and specifically deployed against — and only against — valid foreign intelligence targets in response to intelligence requirements,” Vanee Vines, an agency spokeswoman, said in a statement. “We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of — or give intelligence we collect to — U.S. companies to enhance their international competitiveness or increase their bottom line.”

    Over the past two months, parts of the program have been disclosed in documents from the trove leaked by Edward J. Snowden, the former N.S.A. contractor.

    .....

    From the earliest days of the Internet, the N.S.A. had little trouble monitoring traffic because a vast majority of messages and searches were moved through servers on American soil. As the Internet expanded, so did the N.S.A.'s efforts to understand its geography. A program named Treasure Map tried to identify nearly every node and corner of the web, so that any computer or mobile device that touched it could be located.

    A 2008 map, part of the Snowden trove, notes 20 programs to gain access to big fiber-optic cables — it calls them “covert, clandestine or cooperative large accesses” — not only in the United States but also in places like Hong Kong, Indonesia and the Middle East. The same map indicates that the United States had already conducted “more than 50,000 worldwide implants,” and a more recent budget document said that by the end of last year that figure would rise to about 85,000. A senior official, who spoke on the condition of anonymity, said the actual figure was most likely closer to 100,000.

    .....

    Documents obtained by Mr. Snowden indicate that the United States has set up two data centers in China — perhaps through front companies — from which it can insert malware into computers. When the Chinese place surveillance software on American computer systems — and they have, on systems like those at the Pentagon and at The Times — the United States usually regards it as a potentially hostile act, a possible prelude to an attack. Mr. Obama laid out America’s complaints about those practices to President Xi Jinping of China in a long session at a summit meeting in California last June.

    At that session, Mr. Obama tried to differentiate between conducting surveillance for national security — which the United States argues is legitimate — and conducting it to steal intellectual property.

    .....

    In a catalog produced by the agency that was part of the Snowden documents released in Europe, there are page after page of devices using technology that would have brought a smile to Q, James Bond’s technology supplier.

    One, called Cottonmouth I, looks like a normal USB plug but has a tiny transceiver buried in it. According to the catalog, it transmits information swept from the computer “through a covert channel” that allows “data infiltration and exfiltration.” Another variant of the technology involves tiny circuit boards that can be inserted in a laptop computer — either in the field or when they are shipped from manufacturers — so that the computer is broadcasting to the N.S.A. even while the computer’s user enjoys the false confidence that being walled off from the Internet constitutes real protection.

    .....

    The N.S.A. refused to talk about the documents that contained these descriptions, even after they were published in Europe.

    “Continuous and selective publication of specific techniques and tools used by N.S.A. to pursue legitimate foreign intelligence targets is detrimental to the security of the United States and our allies,” Ms. Vines, the N.S.A. spokeswoman, said.

    But the Iranians and others discovered some of those techniques years ago. The hardware in the N.S.A.'s catalog was crucial in the cyberattacks on Iran’s nuclear facilities, code-named Olympic Games, that began around 2008 and proceeded through the summer of 2010, when a technical error revealed the attack software, later called Stuxnet. That was the first major test of the technology.

    One feature of the Stuxnet attack was that the technology the United States slipped into Iran’s nuclear enrichment plant at Natanz was able to map how it operated, then “phone home” the details. Later, that equipment was used to insert malware that blew up nearly 1,000 centrifuges, and temporarily set back Iran’s program.

    But the Stuxnet strike does not appear to be the last time the technology was used in Iran. In 2012, a unit of the Islamic Revolutionary Guards Corps moved a rock near the country’s underground Fordo nuclear enrichment plant. The rock exploded and spewed broken circuit boards that the Iranian news media described as “the remains of a device capable of intercepting data from computers at the plant.” The origins of that device have never been determined.

    On Sunday, according to the semiofficial Fars news agency, Iran’s Oil Ministry issued another warning about possible cyberattacks, describing a series of defenses it was erecting — and making no mention of what are suspected of being its own attacks on Saudi Arabia’s largest oil producer.

    http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html
     
    Last edited by a moderator: Jan 26, 2015
  2. BTPost

    BTPost Old Fart Snow Monkey Moderator

    Yep, Not an unreasonable approach for building the Worlds Largest and most significant BotNet.... Leave it to the NSA to Out Hack the competition.... HOWEVER, these type Bugs can easily be found with a Spectrum Analyzer, or Sniffer that is specifically setup to look at the unspecified Frequency Band that the NSA is using.... as well as, once found, they can track the RF back to the Remote Field Stations, as long as they are NOT in the USA's Counselur, or Embassy Buildings.
     
    tulianr likes this.
  3. bfayer

    bfayer Keeper Of The Faith

    I would highly suspect they use some type of very short duration burst mode transmission and relocate the base station often.

    Sent from my Galaxy Nexus using Tapatalk
     
  4. BTPost

    BTPost Old Fart Snow Monkey Moderator

    Burst Transmissions have very LOW Bandwidth for Digital two way Comms Link... And the 8 Mile Range is very likely "over water" or some other unobstructed path, ....
     
  5. fmhuff

    fmhuff Monkey+++

    Come on guys you don't think the NSA would use this technology against it's own citizens do you? [reddevil]
     
    gunbunny likes this.
  6. ColtCarbine

    ColtCarbine Monkey+++ Founding Member

    I can't think of any reason to not trust .gov with this technology.

    How times have changed since Richard Nixon's resignation............
     
  7. -06

    -06 Monkey+++

    Surely they would not use them stateside against patriotic citizens. Remember "we are from the government and here to help you". [finger]
     
  8. DarkLight

    DarkLight I self identify as a Blackhawk Attack Helicopter! Site Supporter

    -06 - that statement needs to be accompanied by a jar of vaseline.
     
  9. -06

    -06 Monkey+++

    Needs to be but usually they fail to bring any. Life can be rough at times.
     
  10. kellory

    kellory An unemployed Jester, is nobody's fool. Banned

    They don't bring any because once it's in, they just break it off.:(
     
survivalmonkey SSL seal        survivalmonkey.com warrant canary
17282WuJHksJ9798f34razfKbPATqTq9E7