What's new
  • As of today ICMag has his own Discord server. In this Discord server you can chat, talk with eachother, listen to music, share stories and pictures...and much more. Join now and let's grow together! Join ICMag Discord here! More details in this thread here: here.
  • ICMag and The Vault are running a NEW contest in October! You can check it here. Prizes are seeds & forum premium access. Come join in!

NSA Intercepting Laptops Bought On-Line

Skinny Leaf

Well-known member
Veteran
According to a new report from Der Spiegel based on internal NSA documents, the signals intelligence agency's elite hacking unit (TAO) is able to conduct sophisticated wiretaps in ways that make Hollywood fantasy look more like reality. The report indicates that the NSA, in collaboration with the CIA and FBI, routinely and secretly intercepts shipping deliveries for laptops or other computer accessories in order to implant bugs before they reach their destinations. According to Der Spiegel, the NSA's TAO group is able to divert shipping deliveries to its own "secret workshops" in a method called interdiction, where agents load malware onto the electronics or install malicious hardware that can give US intelligence agencies remote access.

While the report does not indicate the scope of the program, or who the NSA is targeting with such wiretaps, it's a unique look at the agency's collaborative efforts with the broader intelligence community to gain hard access to communications equipment. One of the products the NSA appears to use to compromise target electronics is codenamed COTTONMOUTH, and has been available since 2009; it's a USB "hardware implant" that secretly provides the NSA with remote access to the compromised machine.

This tool, among others, is available to NSA agents through what Der Spiegel describes as a mail-order spy catalog. The report indicates that the catalog offers backdoors into the hardware and software of the most prominent technology makers, including Cisco, Juniper Networks, Dell, Seagate, Western Digital, Maxtor, Samsung, and Huawei. Many of the targets are American companies. The report indicates that the NSA can even exploit error reports from Microsoft's Windows operating system; by intercepting the error reports and determining what's wrong with a target's computer, the NSA can then attack it with Trojans or other malware.

In response to Der Spiegel's report, Cisco senior vice president John Stewart wrote that "we are deeply concerned with anything that may impact the integrity of our products or our customers' networks," and that the company does "not work with any government to weaken our products for exploitation." Other US companies have fired back against reports of NSA tampering in recent months, including Microsoft, which labeled the agency an "advanced persistent threat" over its efforts to secretly collect private user data within the internal networks of Google and Yahoo.

SOMETIMES THE NSA HOPS ON AN FBI JET FOR HIGH-TECH RAIDS

The Der Spiegel report, which gives a broad look at TAO operations, also highlights the NSA's cooperation with other intelligence agencies to conduct Hollywood-style raids. Unlike most of the NSA's operations which allow for remote access to targets, Der Spiegel notes that the TAO's programs often require physical access to targets. To gain physical access, the NSA reportedly works with the CIA and FBI on sensitive missions that sometimes include flying NSA agents on FBI jets to plant wiretaps. "This gets them to their destination at the right time and can help them to disappear again undetected after even as little as a half hour's work," the report notes.

The NSA currently faces pressure from the public, Congress, federal courts, and privacy advocates over its expansive spying programs. Those programs, which include bulk telephone surveillance of American citizens, are said by critics to violate constitutional protections against unreasonable searches, and were uncovered earlier this year by whistleblower Edward Snowden. Beyond the programs that scoop up data on American citizens, Snowden's documents have also given a much closer look at how the spy agency conducts other surveillance operations, including tapping the phones of high-level foreign leaders.
 
G

gloryoskie

So bored with this snooping stuff, if it were truly important
TMZ would be reporting it, no?
 

AloeRuss

Crown Jewel of the Legion
ICMag Donor
Naw Glory. Not true. Those who watch TMZ don't really care about things like that.
 

resinryder

Rubbing my glands together
Veteran
The NSA regularly intercepts laptop shipments to implant malware, report says

By Ryan Whitwam on December 30, 2013 at 4:14 pm

It’s common to check up on tracking information when you’re waiting on a package, but at least occasionally, that tracking data is omitting a quick stop off at the NSA. According to a new report in Der Spiegel, the NSA regularly intercepts shipments of laptops and other electronic devices in order to implant physical listening devices and install advanced malware. This process, called interdiction, can give authorities instant remote access to a subject’s computer without them being any the wiser.

Interdiction is undertaken by the NSA’s superhacker team known at Tailored Access Operations (TAO). It is not impossible to deliver malware to a target computer after the fact, but the risk is far lower if the surveillance tools can be installed before a device reaches the buyer. TAO is reportedly able to divert a package to its network of secret workshops where the modifications can be made before returning the packages to the shipping company.

It is unclear how frequently this program is utilized, but the scale is likely limited. Diverting electronics shipments en masse would be suspicious, and the intelligence agency would not want to expose its internal tools to more potential discovery than absolutely necessary — the NSA pays a pretty penny for many of these backdoors.

The NSA has what Der Spiegel describes as a catalog of spy tools with pricing and feature details. The 50-page document lists tools to compromise hardened systems made by the likes of Cisco, Juniper Networks, Huawei, Western Digital, Microsoft, and Samsung. The prices for these attacks, maintained by an internal group known as ANT, can reach as high as $250,000. Although, when it comes to secret NSA software vulnerabilities, you get what you pay for.

NSAOne popular tool employed by the NSA on interdicted PCs is known as Cottonmouth. This is a physical device developed in 2009 that can be implanted in a USB port to give the NSA remote access to the target machine once it reaches its destination. Other tools can be used to mirror hard drives by going after the firmware used by companies like Western Digital and Seagate.

The ANT catalog also contains more powerful tools like Feedtrough, which can bypass Juniper firewalls and allow the installation of additional programs. Windows-based systems can be monitored with tools that use error reports to determine what conventional malware might be used to attack the system — plausible deniability and all.

When the NSA is unable to get its hands on a device as it is being shipped, it will sometimes attempt to gain physical access with the help of the CIA and FBI. Agents from the NSA are occasionally ferried around on FBI jets to plant wiretaps, which may only take a few minutes. With the work done, the agent will hop another FBI plane and vanish like a specter in the night.

The NSA has been under increased scrutiny this past year, but by all accounts it is continuing its work undeterred. So the next time your Amazon shipment takes a little longer than usual to arrive, maybe you should be worried.
 

Chronage

Scholastic Warrior
What exactly is the source of this article? I wouldn't believe this kinda bullshit if you paid me.
 

Skinny Leaf

Well-known member
Veteran
What exactly is the source of this article? I wouldn't believe this kinda bullshit if you paid me.

I think its a mag out of Germany. Der Spiegel

I'm sure most of these stories are made up by that rogue nut job from the NSA that is holed up in Russia. He's probably over there getting all liquored up on vodka with some hairy Russian woman(s) running his mouth. I wouldn't believe it either.
 
N

NorCalDreaming

Now if this is true - fuck us....
The NSA is not going to implant malware on everything in transit. They're focusing on high value targets. You're probably not one of them. Don't take it personally lol.
 
So bored with this snooping stuff, if it were truly important
TMZ would be reporting it, no?
lol thats the exact type of attitude they are trying to promote! an entire population of people that ignore all the real world problems because their psudo entertainment/news station doesn't report on it. im guessing your tmz doesn't talk a whole lot about syria or gmo's or the economy...mostly just what the kardashians are wearing and footage of a dude getting chased by a goose...because we all know if it doesn't directly affect you at this very moment it doesn't matter.
 
O

OGShaman

It happens if you are actually somebody they care about. This just happened to Andrea Shepard who is one of the developers of TOR. She orders a keyboard from California to Seattle, and all of a sudden it ends up in Virginia. Makes you go hmmmmmm.

Her quote when posting this picture: "You'd think NSA shipment 'interdiction' would be more subtle..."

picture.php
 

Latest posts

Latest posts

Top