Glenn Greenwald and Ryan Gallagher's Intercept website posted more information από τα αρχεία που διέρρευσε ο Edward Snowden από την αμερικάνικη Εθνική Υπηρεσία Ασφάλειας (NSA). Η δημοσίευση παρουσιάζει τις τεχνολογίες που επιτρέπουν στην αμερικάνικη υπηρεσία πληροφοριών να κάνει αυτοματοποιημένα exploit σε vulnerabilities networks and industry systems.
It turns out that NSA has automated procedures that allow it to plant malware on millions of computers around the world. Documents provided by Snowden show that the UK GCHQ has played an important role in the development of these systems.
NSA tactics are similar to those used by cyber criminals. In some cases, they had created a fake Facebook server and used the social networking site to distribute malicious software. Of course, this whole process was done to steal data from infected computers.
The secret service has also carried out many spam campaigns to distribute malicious software capable of recording audio and capturing photos through the computer camera.
In 2004, they had about 100-150 malware. However, after creating the Tailored Access Operations (TAO) department and recruiting hackers, new tools were developed. So the number of malware today reaches tens of thousands.
Since it is impossible to manage malware automatically, NSA has developed a software called TURBINE. This system is capable of actively managing malware that allows the organization to exploit on an industrial scale.
TURBINE is said to be part of a broad surveillance initiative that the NSA has dubbed: “Owning the Net” or in free translation "making the net our own." And in case you're wondering how much money is used for these projects, the NSA requested $67.600.000 last year.
There is a wide range of malicious tools used by the NSA. For example, UNITEDRAKE is used to gain full control over the device.
UNITEDRAKE is a series of plug-ins, each designed for a specific purpose.
CAPTIVATEDAUDIENCE is for recording conversations through the computer microphone, GUMFISH is for exploiting the camera, FOGGYBOTTOM for leaking data on the Internet (like history tourand passwords), and Grok which copies and stores everything the victim types on their keyboard.
And if you think encryption tools can protect you from such malicious software, you are wrong. All of the above tools are designed to circumvent these protections as the information they collect has not been able to be encrypted.
All of the Edward Snowden records that prove the above are available at Intercept.