- The 25 worst passwords of 2018 5 Years Ago
- Little Miss Flint takes on Tomi Lahren’s border wall tweet 5 Years Ago
- Michael Cohen contradicts Trump tweets, says president knew payments were wrong 5 Years Ago
- Super Smash Bros. Ultimate girls blush when they eat curry, and fans are being horny on main Today 7:58 AM
- The 2nd gen Amazon Echo Show is a digital assistant game-changer Today 7:00 AM
- How to watch ESPNU online for free Today 7:00 AM
- ‘The Fix’ is another talk show Hail Mary from Netflix Today 6:45 AM
- 2018 was the year the ‘alt-right’ failed Today 6:20 AM
- The best Italian movies on Netflix Today 6:00 AM
- How to stream the 2018 college bowl games Today 6:00 AM
- Miss USA thought everyone spoke English—and the internet is not amused Thursday 8:02 PM
- Kanye’s Twitter tirade prompts apology from Drake Thursday 6:00 PM
- Listen to Pitbull cover Toto’s ‘Africa’ for the ‘Aquaman’ soundtrack—or don’t Thursday 4:55 PM
- Nancy Pelosi’s coat is the meme the resistance needed Thursday 4:39 PM
- Oprah says what was really on her mind while she ate bland chicken Thursday 4:00 PM
NSA has top-secret catalog of ‘keys’ into world’s security architecture
Everything from corporate computer security architecture to your USB cables are game for NSA spying.
Around the world, corporations, nonprofits and government agencies depend on the computer security architecture made by companies like Cisco, Juniper, and Huawei to protect their most valuable secrets. But for years the vast majority of these systems have been compromised.
A 2008 document obtained by German newspaper Der Spiegel reveals the National Security Agency has been able to slip into the majority of systems made by the major players in the computer security industry, thanks to an entire catalog of resilient and hard-to-detect backdoors, some of which are capable of burrowing as deep as a computer’s motherboard.
The document, which the paper likely received via NSA whistleblower Edward Snowden, is a catalog of what are essentially keys into the world’s security architecture. The tools are produced by an NSA unit called ANT, equivalent to a special operations hacking division, called in to help spy on a target when the NSA’s usual snooping methods aren’t paying off. Its catalog offers a suite of tools in varying degrees of sophistication and expense. As Der Spiegel describes it:
A rigged monitor cable that allows [NSA] personnel to see what is displayed on the targeted monitor,’ for example, is available for just $30. But an ‘active GSM base station’ — a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones — costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million.
The paper’s print edition included this image of the USB bugging device, which has since been spread widely on Twitter and Reddit:
COTTONMOUTH-I looks like USB cable but works as wireless bridge into target network, can “jump the airgap”. Scary. pic.twitter.com/l9lMwVXU8p
— Henrik Moltke (@moltke) December 29, 2013
But ANT’s hacking goes well beyond special hardware devices. Its software can compromise the security architecture made by the biggest names in the industry, including Cisco, Huawei, and Juniper—none of which appear to have cooperated with the NSA on the hacks, according to Der Spiegel.
ANT has a special affinity for installing malware on a computer’s BIOS, software that runs on a computer’s motherboard when a computer first loads. A BIOS is completely independent from the computer’s operating system, meaning that the malware is undetectable by virus scans and can persist after an infinite number of system reboots. Another exploit attacks similar firmware in the devices of hard drive manufacturers Western Digital, Seagate, Maxtor and Samsung. All but the former of those companies is American.
Considering the document is more than five years old, not all of the targeted software and hardware is still in use. But if the recent history of the NSA is indication—as revealed via Snowden’s leaked documents—ANT has only become more agressive in its data collection operations.
Illustration by Jason Reed
Kevin Morris is a veteran web reporter and editor who specializes in longform journalism. He led the Daily Dot’s esports vertical and, following its acquisition by GAMURS in late 2016, launched Dot Esports, where he serves as the site’s editor-in-chief.