A team of nine journalists, with Jacob Appelbaum and Laura Poitras have just published another massive collection of the files that they leaked by Edward Snowden. The classified documents were published in Der Spiegel magazine, and show that the National Security Agency (NSA) and its allies are methodically preparing for future wars to be waged over the Internet.
Der Spiegel reports that the secret services have the ability to infiltrate and disable computer networks - which allows them to disrupt basic utilities and other infrastructure. And the NSA and GCHQ they think they are so much ahead of everyone else, they laugh about it.
We already know that the US is already in a position to launch complex digital attacks that can cause major material damage to their enemies. A virus known as Stuxnet, and discovered 2010, was developed as part of a joint venture between the US and Israel to ravage Iran's nuclear facilities, destroying many of the country's nuclear centrifuge devices. Since then, NSA has, to date, boasted about its newer and strongest digital weapons.
Τα νέα έγγραφα που δημοσιεύτηκαν από το Der Spiegel δείχνουν ότι τα προγράμματα επιτήρησης της ΝSA είναι το θεμέλιο των προσπαθειών τους για τη δημιουργία εξελιγμένων ψηφιακών όπλων. Ένα από τα κύρια θέματα στα νέα έγγραφα που διέρρευσαν περιλαμβάνει την ικανότητα των υπηρεσιών του Five Eyes. Η platform εκμεταλλεύεται τις μεθόδους των αντιπάλων των ΗΠΑ για να “κλέψει τα εργαλεία τους, τις κατασκευές τους, και τους στόχους τους.” Οι εντυπωσιακές αυτές ικανότητες αποκαλούνται από την ΝSA “fourth party collection.”
The success of the fourth party collection seems to be so great that NSA and GCHQ agents seem to be having fun through the top secret slides. In fact, in a presentation of the NSA entitled "fourth party opportunities," the first slide mentions the famous attack of Daniel Day-Lewis "I drink your milkshake" from the 2007 film There Will Be Blood. Der Spiegel reports that an NSA unit was able to detect a Chinese attack on the Ministry of Defense and secretly "hear" about China's future espionage efforts, including a digital intrusion into the United Nations.
NSA Docs on Fourth Party Access (PDF)
- Description of an NSA employee on the fifth party access / When the targeted fourth party has someone under surveillance who puts others under surveillance
- 4th party collection / Taking advantage of non-partner computer network exploitation activity
- Combination of offensive and defensive missions / How fourth-party missions are being performed
- Overview of the TRANSGRESSION program to analyze and exploit foreign CNA / CNE exploits
- NSA example SNOWGLOBE, in which a suspected French government trojan is analyzed to find out if it can be helpful for own interests
- NSA fourth party access / “I drink your milkshake”
- NSA TUTELAGE program to instrumentalize third party attack tools
- Codename BYZANTINE HADES / NSA research on the targets of Chinese network exploitation tools, targets and actors
- CSEC document on the handling of existing trojans when trojanizing computers
- Analysis of Chinese methods and activities performed in the context of computer network exploitation
Σε μια άλλη παρουσίαση, η GCHQ αναφέρει λεπτομερώς τις προσπάθειες τους για την εκμετάλλευση apps κινητών χρησιμοποιώντας ένα εργαλείο που ονομάζεται “BADASS.” Με αυτό το εργαλείο, η υπηρεσία έχει την ικανότητά να μαζέψει τα προσωπικά στοιχεία, από τα μεταδεδομένα που αποστέλλονται μεταξύ των συσκευών των χρηστών τα δίκτυα διαφήμισης αλλά και των analytics. Τα στοιχεία αυτά υποτίθεται ότι δεν περιέχουν προσωπικές αναγνωρίσιμες information. But a slide titled "Abusing BADASS for Fun and Profit" boasts: "We know how bad you are at Angry Birds."
NSA Docs on Botnet Takeovers (PDF)
In the rest of the research, Der Spiegel suggests that the US and UK intelligence services behave as you would expect in a Cold War warfare thriller with Brad Pitt.