New Snowden Documents Expose NSA's 'Core Secrets:' Infiltration Of Foreign Companies Aimed At 'Exploiting Network Technology'
from the NSA:-doing-more-with-more dept
It appears the NSA is much more than a domestic agency with many digital tentacles. It also has agents operating in other countries, much like the CIA and the FBI. New Snowden documents released by The Intercept show that the agency has "under cover" agents embedded in foreign companies for the purpose of extending its surveillance reach.
The National Security Agency has had agents in China, Germany, and South Korea working on programs that use “physical subversion” to infiltrate and compromise networks and devices, according to documents obtained by The Intercept.Judging from the documents posted (and the commentary by Peter Maass and Laura Poitras), this doesn't seem to be slanted towards industrial/economic espionage as much as it is a very broad expansion of its Tailored Access Operations -- in which the agency intercepts shipments of electronics to add backdoors, using implanted hardware or inserted code.
The documents, leaked by NSA whistleblower Edward Snowden, also indicate that the agency has used “under cover” operatives to gain access to sensitive data and systems in the global communications industry, and that these secret agents may have even dealt with American firms. The documents describe a range of clandestine field activities that are among the agency’s “core secrets” when it comes to computer network attacks, details of which are apparently shared with only a small number of officials outside the NSA.
The documents also indicate that the NSA has worked with several domestic and foreign companies to weaken encryption, something that isn't exactly news, but is revealed here to be far more extensive than the $10 million paid to RSA to push weakened encryption.
In addition to so-called “close access” operations, the NSA’s “core secrets” include the fact that the agency works with U.S. and foreign companies to weaken their encryption systems; the fact that the NSA spends “hundreds of millions of dollars” on technology to defeat commercial encryption; and the fact that the agency works with U.S. and foreign companies to penetrate computer networks, possibly without the knowledge of the host countries.Underneath it all is a package of six programs, running under the title of Sentry Eagle. All of these are cybersecurity-related and work together to break encryption and "exploit networks." The program itself is highly secretive, even within the agency itself. [pdf link]
“You are being indoctrinated on Sentry Eagle,” the 2004 document begins, before going on to list the most highly classified aspects of its various programs. It warns that the details of the Sentry Eagle programs are to be shared with only a “limited number” of people, and even then only with the approval of one of a handful of senior intelligence officials, including the NSA director.The document also makes reference to the fact that details of Sentry Eagle are only to be shared with "a limited number of select government officials," but doesn't go into any greater detail on who these officials might be. Nor is there any mention of additional oversight, like the FISA court or the two intelligence committees.
Presumably, the NSA is more focused on foreign companies than domestic ones and is perhaps even working in concert with local governments to improve surveillance capabilities (in exchange for being given unlimited access to the collected data). If this is true, then buying foreign products to avoid dealing with NSA-sabotaged goods and services is a futile effort. In the wake of Snowden's leaks, many foreign businesses have stated their intent to network and communication equipment/services from non-US companies. These documents imply there may be nowhere else to go.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: core secrets, ed snowden, infiltration, nsa, surveillance, tao
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
nothing like a private military formed righ under the public's noses
[ link to this | view in chronology ]
@1
[ link to this | view in chronology ]
Puts a new spin on an old article...
[ link to this | view in chronology ]
@4
YOU GET SCREWED
THEY PROFIT
THINGS CONTINUE AS THEY WISH
[ link to this | view in chronology ]
Lead sentence was never true
Furthermore, do you think the Chinese have not done the same thing?
Sheesh
[ link to this | view in chronology ]
Re: Lead sentence was never true
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Now that the publishers of Snowden's documents, (who he actually thinks are too indiscriminate), have demonstrated their compulsion to view all foreign information gathering as invasions of domestic privacy, they've essentially manifested the equivalent of societal Lupus, with an overaggressive immune reaction that is actually damaging its organs. They might also want to make a case to summon Hanssen and Ames back into action.
[ link to this | view in chronology ]
I think this is the kind of think Snoden meant he wouldn't have released personally.
I do think that foreign SigInt is important. The scandal in the US is that the NSA does *domestic* intercepts, not that it does foreign intercepts. (Yes, I know, American exceptionalisim, but, well, that's how we roll.)
[ link to this | view in chronology ]
Re: I think this is the kind of think Snoden meant he wouldn't have released personally.
I do think that foreign SigInt is important. The scandal in the US is that the NSA does *domestic* intercepts, not that it does foreign intercepts. (Yes, I know, American exceptionalisim, but, well, that's how we roll.)
Except that this isn't just about the NSA spying on other countries. It's about them infiltrating foreign technology companies so that their agents can intentional weaken the security of network devices and even install backdoors in them. These devices are used not only in foreign countries, but also in the US.
You know the Shellshock vulnerability that everyone is worried about? They're putting that kind of stuff into routers and other network hardware to make hacking them easier. Hell, the US intelligence agencies might even be responsible for creating the Shellshock bug.
You don't think that's the kind of thing people should know about?
[ link to this | view in chronology ]
Re: Re: I think this is the kind of think Snoden meant he wouldn't have released personally.
That always needs to be pointed out, as while it makes their jobs easier, it does so by making everyone else less safe.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Fight terrorism says Us government while secretly committing terrorist acts against foreign nations.
Eventually the other countries are going to stop letting themselves get bullied by the US and fight back.
[ link to this | view in chronology ]
When you say that, why am I reminded of this?
Lament Over Fallen Babylon
18 After this I saw another angel coming down from heaven. He had great authority, and the earth was illuminated by his splendor. 2 With a mighty voice he shouted:
“‘Fallen! Fallen is Babylon the Great!’[a]
She has become a dwelling for demons
and a haunt for every impure spirit,
a haunt for every unclean bird,
a haunt for every unclean and detestable animal.
3 For all the nations have drunk
the maddening wine of her adulteries.
The kings of the earth committed adultery with her,
and the merchants of the earth grew rich from her excessive luxuries.”
Threefold Woe Over Babylon’s Fall
9 “When the kings of the earth who committed adultery with her and shared her luxury see the smoke of her burning, they will weep and mourn over her. 10 Terrified at her torment, they will stand far off and cry:
“‘Woe! Woe to you, great city,
you mighty city of Babylon!
In one hour your doom has come!’
11 “The merchants of the earth will weep and mourn over her because no one buys their cargoes anymore— 12 cargoes of gold, silver, precious stones and pearls; fine linen, purple, silk and scarlet cloth; every sort of citron wood, and articles of every kind made of ivory, costly wood, bronze, iron and marble; 13 cargoes of cinnamon and spice, of incense, myrrh and frankincense, of wine and olive oil, of fine flour and wheat; cattle and sheep; horses and carriages; and human beings sold as slaves.
14 “They will say, ‘The fruit you longed for is gone from you. All your luxury and splendor have vanished, never to be recovered.’ 15 The merchants who sold these things and gained their wealth from her will stand far off, terrified at her torment. They will weep and mourn 16 and cry out:
“‘Woe! Woe to you, great city,
dressed in fine linen, purple and scarlet,
and glittering with gold, precious stones and pearls!
17 In one hour such great wealth has been brought to ruin!’
“Every sea captain, and all who travel by ship, the sailors, and all who earn their living from the sea, will stand far off. 18 When they see the smoke of her burning, they will exclaim, ‘Was there ever a city like this great city?’ 19 They will throw dust on their heads, and with weeping and mourning cry out:
“‘Woe! Woe to you, great city,
where all who had ships on the sea
became rich through her wealth!
In one hour she has been brought to ruin!’
[ link to this | view in chronology ]
Re: When you say that, why am I reminded of this?
We are building a religion
We are building it bigger
We are widening the corridors
And adding more lanes
We are building a religion
A limited edition
We are now accepting callers
For these pendant key chains
To resist it is useless
It is useless to resist it
His cigarette is burning
But he never seems to ash
He is grooming his poodle
He is living comfort eagle
You can meet at his location
But you'd better come with cash
Now his hat is on backwards
He can show you his tattoos
He is in the music business
He is calling you "DUDE!"
"Comfort Eagle"
CAKE
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
Which is a completely brain-dead premise. Even if everyone officially involved in creating or using the back doors keeps there mouth shut, the odds are very good that the back doors would be discovered and publicized by outsiders.
The only difference is that the publication would be limited to the cracker & script kiddie crowds -- the very people who we least want to have them, and nobody else would be aware that they are vulnerable.
[ link to this | view in chronology ]
Not quite
A foreign company/service might be compromised, and if it isn't it will take some work for the NSA to do so.
A US company/service is compromised by default; if the NSA hasn't already compromised their security, it's simply because they haven't gotten around to it yet, and if they do want to, one 'legal' order is all it takes.
[ link to this | view in chronology ]
[ link to this | view in chronology ]