NSA able to attack computers that are never connected to the internet/NY Times

So much for keeping your computer safe from spying–or even insertions and deletions–by using it only as a typewriter and file cabinet.  Note the devices and programs used by NSA are at least 5 years old. Excerpts from the Times:

WASHINGTON — The National Security Agency has implanted
software in nearly 100,000 computers around the world that allows the United
States to conduct surveillance on those machines and can also create a digital
highway for launching cyberattacks. 

While most of the software is inserted by gaining access to
computer networks, the N.S.A. has increasingly made use of a secret technology
that enables it to enter and alter data in computers even if they are not
connected to the Internet, according to N.S.A. documents, computer experts and
American officials.

The technology, which the agency has used since at least
2008, relies on a covert channel of radio waves that can be transmitted from
tiny circuit boards and USB cards inserted surreptitiously into the computers.
In some cases, they are sent to a briefcase-size relay station that
intelligence agencies can set up miles away from the target…

Among the most frequent targets of the N.S.A. and its
Pentagon partner, United States Cyber Command, have been units of the Chinese
Army, which the United States has accused of launching regular digital probes
and attacks on American industrial and military targets, usually to steal
secrets or intellectual property. But the program, code-named Quantum, has also
been successful in inserting software into Russian military networks and
systems used by the Mexican police and drug cartels, trade institutions inside
the European Union…

Over the past two months, parts of the program have been
disclosed in documents from the trove leaked by Edward J. Snowden, the former
N.S.A. contractor. A Dutch newspaper published the map of areas where theUnited States has inserted spy software, sometimes in cooperation with local
authorities, often covertly. Der Spiegel, a German newsmagazine, published the
N.S.A.’s catalog of hardware products that can secretly transmit and receive
digital signals from computers, a program called ANT…

Computers are not the only targets. Dropoutjeep attacks
iPhones. Other hardware and software are designed to infect large network
servers, including those made by the Chinese.

Most of those code names and products are now at least five
years old, and they have been updated, some experts say, to make the United
States less dependent on physically getting hardware into adversaries’ computer

UPDATE from Mike Masnick:  these activities certainly seem more in line with what you’d expect the NSA to be doing, and raise (yet again) the question of why the NSA needs to “collect it all” when it appears that programs like these can be quite effective in doing targeted surveillance against those actually seeking to attack the US in some manner? 

Notify of
Inline Feedbacks
View all comments
Scroll to Top