Feds Waged Hundreds Of Cyberattacks On Other Countries; Spent $25 Million Buying Vulnerabilities
from the we-are-the-cybersecurity-threat dept
It's pretty typical for companies and governments hoping to "bury" important bad news to release it late on a Friday evening, hoping to miss the news cycle. If you're extra lucky, that Friday happens to come right before a long weekend, such as Labor Day. But, for the life of me, I can't figure out why a major news publication, like the Washington Post would break a big story on a Friday night before Labor Day weekend, pretty much guaranteeing that it doesn't get very much attention at all. Very bizarre -- but we figured we'd try to bring this story to you guys on Tuesday, back after the week is underway so the story doesn't get lost. The details: as suspected, the US is actually one of the leading proponents of offensive cyberattacks. This isn't a huge surprise, since they've more or less admitted to having "broad powers" but there have been questions both about the rules of engagement and just how often the US uses these capabilities.Wonder no more. The Washington Post's Barton Gellman has the story from the black budget, showing 231 offensive cyber-operations in 2011, a number that likely went up quite a bit in 2012 (and again in 2013). For all the hype about "cybersecurity" threats from abroad, it still looks like the biggest cybersecurity threat out there is our own government. And, yes, everyone already knows about Stuxnet, and it sounds like most of these offensive efforts aren't nearly as ambitious, but there's still a lot going on.
Separately, the story confirms earlier reports that the US government is a huge purchaser of exploits from various hackers, choosing to exploit them, rather than use them to help protect our systems. For 2013, the feds budgeted $25.1 million for the "additional covert purchases of software vulnerabilities." But, that's really on a fraction of the number of exploits. The report notes that most vulnerabilities the NSA uses actually are designed at home.
Also those few hundred attacks appear to downplay the capabilities of the NSA (and the CIA) should they want to do more, because it sounds like they've hacked into a variety of networks and have zombie machines at the ready:
By the end of this year, GENIE is projected to control at least 85,000 implants in strategically chosen machines around the world. That is quadruple the number — 21,252 — available in 2008, according to the U.S. intelligence budget.While the fact that the NSA is doing all of this isn't a huge surprise and merely confirms earlier reports, the actual scale of the operations is certainly quite eye-opening.
The NSA appears to be planning a rapid expansion of those numbers, which were limited until recently by the need for human operators to take remote control of compromised machines. Even with a staff of 1,870 people, GENIE made full use of only 8,448 of the 68,975 machines with active implants in 2011.
For GENIE’s next phase, according to an authoritative reference document, the NSA has brought online an automated system, code-named TURBINE, that is capable of managing “potentially millions of implants” for intelligence gathering “and active attack.”
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: black budget, cyberattacks, ed snowden, genie, nsa, nsa surveillance, offensive attacks, stuxnet, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
The NSA is systematically weakening US computer security
There are two ways to break into someone else's system: (1) break into it (2) wait for someone else to break into it, then exploit the opening they've graciously provided for you.
It's clear that the NSA is attacking large numbers of systems and doing so successfully. By doing that, they're punching holes in those systems' defenses, and of course those holes are now exploitable by anybody else who comes along equipped with sufficient knowledge.
There are plenty of people equipped with sufficient knowledge, including freelance security experts as well as those in the employ of other governments, not all of which are friendly to the US and none of which are guaranteed to be friendly to the US a year or a decade or a century from now.
But it gets worse: one of the secondary consequences of this strategy is that control of a compromised system doesn't only have value in terms of what that system holds (or transmits/receives); it has value in terms of what that system is and where it is. In a traditional military situation, "holding the high ground" is a desirable tactic; the same is true in computer security. Having control of a random Windows box on the far end of a DSL connection isn't particularly important; but having control of a Solaris server sitting on someone's corporate network is.
Thus, the NSA is, in essence, paving the way for others. They're making the task of gaining control of large numbers of strategic systems much easier than it should be.
[ link to this | view in chronology ]
Re: The NSA is systematically weakening US computer security
[ link to this | view in chronology ]
Re: Re: The NSA is systematically weakening US computer security
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
You go girl... sorry, boy, uh man..
[ link to this | view in chronology ]
The US is building an offensive capability positioned to attack other nations. It's only a matter of time before someone gets scared and tries disable that capability.
Once that happens the revenge will be seen as justified. Personally I don't want to play the part of Japan...
[ link to this | view in chronology ]
Oh, MAYBE was overshadowed by possibility of ACTUAL WAR?
There's nothing really new here is another major point.
But speaking of Stuxnet, it seems possible that Fukushima was infected with it, from reports that metering indicated no problems while there clearly was. If so, then that US/Israeli attempt to sabotage Iran may be responsible for largest nuclear disaster in history.
Worse than being censored on the net is being advertised. You can escape censorship with your ideas intact; advertising explicitly has the goal of changing you.
[ link to this | view in chronology ]
Re: Oh, MAYBE was overshadowed by possibility of ACTUAL WAR?
[ link to this | view in chronology ]
Re: Oh, MAYBE was overshadowed by possibility of ACTUAL WAR?
Chernobyl rather predates Stuxnet a wide margin.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Effectively bypassing firewalls and easily spreading their malware to unprotected LAN computers on that network.
I believe Snowden already mentioned routers are a high priority target for Unconstitutional NSA spies.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
i presume you were being droll...
as the wapo has LONG been working hand-in-glove with the -in general- powers that be, and -in particular- with the alphabet soup spooks...
limited hangouts, and all that...
they can't avoid ALL the slime that is being revealed, so they might as well control some portion of it from being presented in too revelatory fashion...
(oh, and -once again, for the umpteenth time- revelatory is TOO a fucking word, you useless spel czech crapware)
also, completely agree with the poster who talked about how this DECREASES computer security for EVERYONE (including the attackers!): you make a tool, someone is going to turn it against you, sure as night follows day...
art guerrilla
aka ann archy
eof
[ link to this | view in chronology ]
[ link to this | view in chronology ]
It's only a matter of time before someone turns around and gives the schoolyard bully a black eye. I've seen it quite a few times when I was in school, and sometimes you just have to stand back and let it happen. But I say this to the rest of the world, I and most of my fellow citizens are not involved nor condone these practices. Go ahead, give the bully a black eye, just leave us out of it.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Which Botnet does this 85,000 correspond to?
[ link to this | view in chronology ]
I guess that whole cyber pearl harbor thing, where we were just innocents who were going to be attacked was a bigger lie than first thought.
[ link to this | view in chronology ]
These are ALL just SYMPTOMS, must excise the problem
....the government has DEFINITELY BEEN INFILTRATED (via encroachment) by the lowest form of human life (the Fascists) and once again are attempting to take over the world?
....the people in elected government positions refuse to comply with their official duties and execute their oaths of office sworn to God and man alike?
...when a previously "fair" Supreme Court (with similar timing to both other branches of govt) by its recent decisions does willfully demonstrate their "opinions" are for sale just like in Congress. (If money is speech, and corporations are people so must bullets be, and murder no longer a crime as no corporation can be incarcerated for its crimes)
...when POTUS (BOTH terms) refuses to open his personal records AT ANY TIME or ANY REASON since 2007?
...when POTUS illegitimately pursues acts of blatant terrorism against his own population, then claims "for my security" he has no option but burn three Constitution & Bill of Rights?
...when the NSA, TSA, DHS etc. so filled with hubris to vacate their charters for ego driven "control" they prove by deed their priority is government security, NOT national security?
....We The People can only count on one thing from a government usurped by those whose actions define them as psychopathic, THE ABSOLUTE NECESSITY FOR MILLIONS of We The People, to travel to DC and bodily capture these worst of all criminals, and put them on public trial with public disposition of sentences.
I'm near the West Coast, and have already been bled dry of even the resources needed to travel to DC, or I would be happy for History to remember me as the man who began the American Revolution v. 2.0
[ link to this | view in chronology ]