NSA spreading malware to further goals for more power
Dutch newspaper reports that NSA has infected more than 50,000 networks with malware globally
By Steve Ragan , Staff Writer
November 25, 2013 — CSO — Over the weekend, NRC Handelsblad, a Dutch newspaper, reported that the NSA has infected more than 50,000 networks with malware globally. This report was followed by one in the New York Times, detailing the lengths the NSA is willing to go to in order to obtain more power.
On Saturday, the NRC published a heavily redacted slide, taken from information released by Edward Snowden, that shows the scope of the NSA's Computer Network Exploitation (CNE) efforts. According to slide, more than 50,000 networks worldwide are infected with the agency's malware. However, given that the slide dates to 2012, it's possible that the numbers are actually higher.
Additional proof that the data in the slide is legitimate, the NRC said, comes from the reports earlier this summer when Belgacom announced that the GCHQ (the British partner of the NSA) has infected their network and installed malware. The GCHQ was able to do this by infecting the systems used by employees as they visited a fake LinkedIn page.
According to the NRC report, supporting claims from the Washington Post as well as reports from Foreign Policy, the NSA's malware campaign was assigned to TAO (Tailored Access Operations), a department within the agency that employs more than 1,000 hackers. According to the Washington Post, CNE-operations such as the ones recently confirmed have been going on since 1998.
The NSA declined to comment on the NRC's story, or questions related to the redacted slide. Experts who have speculated on the story say that based on the numbers and the data within the slide, it appears that the NSA is targeting Telcos, banks, and ISPs.
As news of the NSA's malware operations spread, the New York Times published a report outlining the NSA's plans to expand its authority with a rapid pace. Like the slides published by NRC, the data in the Times' report comes form 2012, and detail a four-year plan to update and increase their intelligence gathering operations by intercepting foreign and domestic communications.
According to the document, the NSA plans to defeat the cybersecurity practices of adversaries in order to acquire the data the agency needs from "anyone, anytime, anywhere."
Days before the story broke in the Times, the Center for Democracy & Technology, delivered a letter to Congress that called for reforms to U.S. intelligence surveillance practices. The letter, signed by organizations representing a wide range of stakeholders, noted that both the civil society and tech companies have come together to oppose bulk collection of private communications and data.
"Recent disclosures regarding intelligence surveillance activity raise important concerns about the privacy and security of communications. This surveillance has already eroded trust that is essential to the free flow of information and to the exercise of human rights and civil liberties both in the United States and around the world," the letter said.
Read more about data protection in CSOonline's Data Protection section.
Other stories by Steve Ragan