Subscribe to the InfoTech eNewsletter

infoTECH Feature

March 17, 2014

The NSA and the Latest Drive of Accusations from Snowden

Before anything is said about the report on the Intercept, the NSA has said it is inaccurate and, "NSA does not use its technical capabilities to impersonate U.S. company websites. Nor does NSA target any user of global Internet services without appropriate legal authority." The report was distributed by the Inetercept and as the site states, "The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks."

To assume governments are not going through the data crisscrossing the global network is very naïve, but the extent to which the NSA and others are going to obtain this information is beginning be a bit too much, if it is true.

According to the report the NSA has programs and malwares in place designed to infect computers with these malwares by pretending to be someone else, such as a fake Facebook (News - Alert) server. Called "man-on-the-side,” it tricked user computers into thinking it was accessing the real Facebook servers. When the user takes the bait, the NSA could in effect extract all the data they need from the hard drive.

Facebook has commented on these actions and said it is no longer possible for hackers and the NSA to access its networks in this manner, but other sites could be vulnerable.

On Thursday NSA denied using a fake version of Facebook, saying it lacks the ability to do so and only conducts foreign intelligence operations that are "lawful and appropriate," this according to the National Journal.

Facebook also commented on the National Journal stating through a spokesperson, "We have no evidence of this alleged activity. In any case, this method of network level disruption does not work for traffic carried over HTTPS, which Facebook finished integrating by default last year."

The program called TURBINE infected computers and networks with the malware implants that allowed the agency to spy on users, exfiltrate files from a hard drive, record audio from a computer’s microphone and take snapshots with its webcam. The malwares were also sent out as spam emails designed to corrupt and disrupt file downloads or stop the user from accessing websites. The reports states there have been between 85,000 and 100,000 implants deployed around the world.

These attacks were being deployed from the agency's headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. The British equivalent of the NSA, GCHQ, seems to have played an important role in the development of the implants.

All of this is of course comes from the never ending cavalcade of documents being systematically released by agents of Edward Snowden. Undoubtedly this will not be the last we hear of Snowden and what he claims to have happened. The NSA and other agencies that protect our way of life are under tremendous amount of pressure. Does that mean they can do anything they want, of course not, but considering they allegedly only implanted 85,000 to 100,000 computers with malwares out of the hundreds of millions around the world, we should give the NSA the benefit of the doubt instead of Edward Snowden.

Edited by Cassandra Tucker

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers