Tripwire, Mar 12, 2014
First Look’s digital publication The Intercept is reporting that classified documents leaked by whistleblower Edward Snowden reveal that the National Security Agency is developing “groundbreaking surveillance technology” designed to infect millions of computers with surveillance malware.
“In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam,” wrote Ryan Gallagher and Glenn Greenwald. “The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.”
In addition to the development of the surveillance software, the agency is also working to further automate much of their cyber data collection operations in an effort to reduce the level of oversight required by personnel.
“The automated system – codenamed TURBINE – is designed to ‘allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually,’” the report states.
F-Secure’s Mikko Hypponen warns that the operation could have unintended negative consequences even beyond the issue of unmitigated wide-scale surveillance, privacy and civil liberties violation – it could actually make us all less secure.
“When they deploy malware on systems,” Hypponen said. “They potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.”
The NSA has declined to comment on the matter.