A team of nine journalists, with Jacob Appelbaum and Laura Poitras have just published another massive collection of archives που διέρρευσαν από τον Edward Snowden. Τα απόρρητα έγγραφα δημοσιεύθηκαν στο περιοδικό Der Spiegel, and show that the National Security Agency (NSA) and its allies are methodically preparing for future cyber wars.
Der Spiegel reports that the secret services have the ability to infiltrate and disable computer networks - which allows them to disrupt basic utilities and other infrastructure. And the NSA and GCHQ they think they are so much ahead of everyone else, they laugh about it.
We already know that the US is already in a position to launch complex digital attacks that can cause major material damage to their enemies. A virus known as Stuxnet, and discovered 2010, was developed as part of a joint venture between the US and Israel to ravage Iran's nuclear facilities, destroying many of the country's nuclear centrifuge devices. Since then, NSA has, to date, boasted about its newer and strongest digital weapons.
New documents published by Der Spiegel show that NSA surveillance programs are the foundation of their efforts to develop sophisticated digital weapons. One of the main issues in the leaked new documents is the ability of Five Eyes services. The platform uses the methods of US rivals to "steal their tools, their constructions, and their goals." These impressive abilities are called by the NSA "fourth party collection."
The success of the fourth party collection appears to be such a success that NSA and GCHQ agents appear to be enjoying it through the top secret slides. In an NSA presentation entitled "fourth party opportunities," the first slide quotes Daniel Day-Lewis' famous line "I drink your milkshake" from the 2007 film There Will Be Blood. Der Spiegel reports that an NSA unit was able to detect an attack from China on the Ministry Defense and to "eavesdrop" on her future spying efforts China, including a digital penetration of the United Nations.
NSA Docs on Fourth Party Access (PDF)
- Description of an NSA employee on the fifth party access / When the targeted fourth party has someone under surveillance who puts others under surveillance
- 4th party collection / Taking advantage of non-partner computer network exploitation activity
- Combination of offensive and defensive missions / How fourth-party missions are being performed
- Overview of the TRANSGRESSION program to analyze and exploit foreign CNA / CNE exploits
- NSA example SNOWGLOBE, in which a suspected French government trojan is analyzed to find out if it can be helpful for own interests
- NSA fourth party access / “I drink your milkshake”
- NSA TUTELAGE program to instrumentalize third party attack tools
- Codename BYZANTINE HADES / NSA research on the targets of Chinese network exploitation tools, targets and actors
- CSEC document on the handling of existing trojans when trojanizing computers
- Analysis of Chinese methods and activities performed in the context of computer network exploitation
In another presentation, GCHQ details their efforts to exploit mobile apps using a tool called “BADASS.” With this tool, service έχει την ικανότητά να μαζέψει τα προσωπικά στοιχεία, από τα μεταδεδομένα που αποστέλλονται μεταξύ των συσκευών των χρηστών τα δίκτυα διαφήμισης αλλά και των analytics. Τα στοιχεία αυτά υποτίθεται ότι δεν περιέχουν προσωπικές αναγνωρίσιμες πληροφορίες. Όμως μια διαφάνεια με τίτλο “Κατάχρηση του badass για διασκέδαση και κέρδος” ή “Abusing BADASS for Fun and Profit” υπερηφανεύεται: “Γνωρίζουμε το πόσο κακοί είστε στο Angry Birds”.
NSA Docs on Botnet Takeovers (PDF)
In the rest of the research, Der Spiegel suggests that the US and UK intelligence services behave as you would expect in a Cold War warfare thriller with Brad Pitt.