NSA compromised more than 50000 networks with malware

9:30 ET, 26 November 2013

A new report based on documents leaked by Snowden revealed that the NSA placed malicious software on more than 50000 networks around the world.

The NSA infected more than 50000 networks worldwide with malicious software designed to steal sensitive information. The large-scale cyber espionage operation was revealed once again by documents provided by former NSA consultant Edward Snowden according to Dutch media outlet NRC.

“The NSA declined to comment and referred to the US Government. A government spokesperson states that any disclosure of classified material is harmful to our national security.” reported NRC.

The news is not surprising but once again raises the debate on the effrontery US surveillance program that created a complex and efficient global spying machine.

The documents include a presentation dated 2012 that details how the NSA operates worldwide to steal information exploiting Computer Network Exploitation (CNE) in more than 50000 networks.

nsa

Computer Network Exploitation is a secret system malware based used to compromise the computers within targeted networks and steal sensitive data. Security experts believe that the telecoms were the most likely targets for the malware, they are confident that the CNE was used in September 2013 to hack the Belgium telecom provider Belgacom. The GCHQ (British Government Communications Headquarters) used fake LinkedIn and Slashdot to hack Belgacom, OPEC & others GRX providers, the cyber espionage operation was conducted to install malware in the Belgacom network in order to tap their customers’ communications and data traffic.

NSA’s Computer Network Operations program describes Computer Network Exploitation as a key part of the program’s mission that “includes enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks.”

The slides recently published report on top and bottom a stripe reads, “REL TO USA, AUS, CAN, GBR, NZL”, known as five eyes nations that include the U.S., U.K., Canada, Australia, and New Zealand. Those countries work together conducting intelligence operations and sharing the same orientation on surveillance matter, they recently were opposed to the United Nations’ anti-surveillance, right-to-privacy draft resolution called “The Right to Privacy in the Digital Age“.

The US hacking campaigns are performed by a special department of US cyber units known as called TAO (Tailored Access Operations) that I also mentioned when I described the FOXACID architecture. TAO employs more than a thousand high profile hackers, in August the Washington Post reported that the NSA installed an estimated 20,000 ‘implants’ as early as 2008, by mid-2012 this number had more than doubled to 50,000.

The malware used for cyber espionage are software agents that could remain undetected for a long time, the NSA-presentation shows their CNE-operations in countries such as Venezuela and Brazil.

Since now the NSA declined to comment and referred to the US Government, the NRC concludes its article remarking that the Dutch government’s intelligence service has also its own hacking unit, but that it’s prohibited by law the hack on foreign networks to conduct similar cyber operations.

Pierluigi Paganini

(Security Affairs – NSA, 50000 networks)

rsa-logo

 

 

 

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.

APPLY NOW