Malware can record audio and take photos of web users without their knowledge.
March 11, 2014
The latest Snowden leaks on the NSA reveal that the spy agency is masquerading as Facebook in order to infect millions of computers around the world with malware as part of its mass surveillance program.
Glenn Greenwald reported the latest information today, noting that the practice has been in operation for over ten years with the help of British and Japanese intelligence.
The NSA, according to the leaks, has been distributing malware “implants” which can siphon out data from computers around the globe. The agency reportedly used a fake Facebook server as a launching pad to grab information from hard drives. The malware has also been designed to covertly record audio from a computer’s microphone and take snapshots with its webcam.
The internal documents describe the NSA’s own practice as “industrial-scale exploitation” of computer networks.
Chief research officer at the security firm F-Secure, Mikko Hypponen, described the practice as “disturbing,” noting that it could inadvertently affect the security of the entire internet.
“When they deploy malware on systems they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties,” Hypponen told The Intercept.
Hypponen added that because the system is designed to operate without a great deal of human oversight, it could lead to the malware infection process spiraling “out of control”.
“That would definitely not be proportionate,” Hypponen said. “It couldn’t possibly be targeted and named. It sounds like wholesale infection and wholesale surveillance.”
The NSA refused to comment on the latest revelations, suggesting that because the practice is used for foreign and counterintelligence purposes, it is protected under a recent policy put in place by President Obama.
However, the evidence in the leaked documents indicates that the targets of NSA’s malware were not significant threats to national security, raising serious questions over the legality of mass surveillance tactics.
In one secret post on an internal message board, an operative from the NSA’s Signals Intelligence Directorate describes using malware attacks against systems administrators who work at foreign phone and Internet service providers. By hacking an administrator’s computer, the agency can gain covert access to communications that are processed by his company. “Sys admins are a means to an end,” the NSA operative writes.
The internal post – titled “I hunt sys admins” – makes clear that terrorists aren’t the only targets of such NSA attacks. Compromising a systems administrator, the operative notes, makes it easier to get to other targets of interest, including any “government official that happens to be using the network some admin takes care of.”
The program appears to be part of NSA’s TAO (Tailored Access Operations), and is aimed at “Owning the Internet” according to the leaked documents. The leaked Black Budget of the program reveals it had a price tag of $67.6 million last year.
Last month, a new Snowden leak revealed that British and American governments are spying on people in their own homes via web cams, laptop microphones and devices such as the X-box, a story that Infowars first reported on eight years ago.
Steve Watson is the London based writer and editor for Alex Jones’ Infowars.com, and Prisonplanet.com. He has a Masters Degree in International Relations from the School of Politics at The University of Nottingham, and a Bachelor Of Arts Degree in Literature and Creative Writing from Nottingham Trent University.