USA's National Security Agency has been reported to be dramatically expanding it ability to hack into computer on a mass scale according to latest top-secret documents leaked by NSA whistleblower Edward Snowden.
Although the intelligence agency has denied the allegations, the documents reveal that NSA is using automated systems that reduce the level of human oversight in the process. They also contain details about a new surveillance technology that the agency has developed which can potentially infect millions of computers worldwide with malware "implants." The malware will also enable the NSA to break into targeted computers and extract data from foreign internet and phone networks as well.
The implants can hack into machines through an array of deceptions such as fake Facebook web pages, spam emails with malicious links.
GCHQ, the British intelligence agency is said to have played an important role in helping NSA develop the implants tactic. Some reported cases show NSA pretends to act as a fake Facebook server and uses the social media site to infect a target's computer and extract files from a hard drive. Other cases show how NSA has sent out spam emails filled with malware which can be used to covertly record audio from a computer's microphone and even take snapshots with its webcam without the user even knowing about it. The implants will also enable NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.
The leaked documents by Snowden also reveal that the implants were actually reserved for a few hundred hard-to-reach targets, which couldn't be hacked into through traditional wiretaps. But now, NSA has aggressively accelerated its hacking initiatives over the last ten years to carry out the attacks on a large scale.
The documents show that an automated system -- codenamed TURBINE -- is designed to "allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.”
These latest hacking efforts are operational from NSA's headquarters in Fort Meade, Maryland and also from its bases in United Kingdom and Japan.
The NSA has criticized media reports reporting the large-scale hacking and said that it doesn't "impersonate U.S. company Web sites":
Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating U.S. social media or other websites, are inaccurate. NSA uses its technical capabilities only to support lawful and appropriate foreign intelligence operations, all of which must be carried out in strict accordance with its authorities. Technical capability must be understood within the legal, policy, and operational context within which that capability must be employed.
NSA's authorities require that its foreign intelligence operations support valid national security requirements, protect the legitimate privacy interests of all persons, and be as tailored as feasible. NSA does not use its technical capabilities to impersonate U.S. company Web sites. Nor does NSA target any user of global Internet services without appropriate legal authority. Reports of indiscriminate computer exploitation operations are simply false.
Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating U.S. social media or other websites, are inaccurate. NSA uses its technical capabilities only to support lawful and appropriate foreign intelligence operations, all of which must be carried out in strict accordance with its authorities. Technical capability must be understood within the legal, policy, and operational context within which that capability must be employed.
NSA's authorities require that its foreign intelligence operations support valid national security requirements, protect the legitimate privacy interests of all persons, and be as tailored as feasible. NSA does not use its technical capabilities to impersonate U.S. company Web sites. Nor does NSA target any user of global Internet services without appropriate legal authority. Reports of indiscriminate computer exploitation operations are simply false.
Source: The Inquirer, Via: Cnet
No comments:
Post a Comment