- Daniel Caesar dons cape for whiteness—and gets canceled Wednesday 4:29 PM
- Triton is a new malware ‘deliberately’ designed to put lives at risk Wednesday 3:23 PM
- ‘Into the Dark: I’m Just F*cking with You’ is one of the series’ best Wednesday 1:54 PM
- Trump’s latest prop, a map of ISIS, gets memed Wednesday 12:54 PM
- HBO sends fans on a global scavenger hunt for 6 Iron Thrones Wednesday 11:51 AM
- The Awkward Family Photos game is Cards Against Humanity for meme lovers Wednesday 11:50 AM
- London firefighters’ organization accuses ‘Peppa Pig’ of sexism Wednesday 11:41 AM
- YouTuber accused of abusing her children to make kid-friendly content Wednesday 11:20 AM
- Ari Fleischer’s Iraq War tweet isn’t going over well Wednesday 10:54 AM
- Cop arrested for recording man’s genitals, forcing mentally ill man to twerk Wednesday 10:37 AM
- MoviePass rebrands its unlimited plan, again Wednesday 10:37 AM
- Former Alaska senator launches meme-filled 2020 primary campaign Wednesday 10:17 AM
- The Shane Dawson cat controversy has resulted in these sex memes Wednesday 10:06 AM
- Sarah Sanders mocks CNN reporter with ‘dear diary’ tweet Wednesday 9:03 AM
- Know what you’re signing up for thanks to these dating site reviews Wednesday 8:58 AM
NSA has top-secret catalog of ‘keys’ into world’s security architecture
Everything from corporate computer security architecture to your USB cables are game for NSA spying.
Around the world, corporations, nonprofits and government agencies depend on the computer security architecture made by companies like Cisco, Juniper, and Huawei to protect their most valuable secrets. But for years the vast majority of these systems have been compromised.
A 2008 document obtained by German newspaper Der Spiegel reveals the National Security Agency has been able to slip into the majority of systems made by the major players in the computer security industry, thanks to an entire catalog of resilient and hard-to-detect backdoors, some of which are capable of burrowing as deep as a computer’s motherboard.
The document, which the paper likely received via NSA whistleblower Edward Snowden, is a catalog of what are essentially keys into the world’s security architecture. The tools are produced by an NSA unit called ANT, equivalent to a special operations hacking division, called in to help spy on a target when the NSA’s usual snooping methods aren’t paying off. Its catalog offers a suite of tools in varying degrees of sophistication and expense. As Der Spiegel describes it:
A rigged monitor cable that allows [NSA] personnel to see what is displayed on the targeted monitor,’ for example, is available for just $30. But an ‘active GSM base station’ — a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones — costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million.
The paper’s print edition included this image of the USB bugging device, which has since been spread widely on Twitter and Reddit:
COTTONMOUTH-I looks like USB cable but works as wireless bridge into target network, can “jump the airgap”. Scary. pic.twitter.com/l9lMwVXU8p
— Henrik Moltke (@moltke) December 29, 2013
But ANT’s hacking goes well beyond special hardware devices. Its software can compromise the security architecture made by the biggest names in the industry, including Cisco, Huawei, and Juniper—none of which appear to have cooperated with the NSA on the hacks, according to Der Spiegel.
ANT has a special affinity for installing malware on a computer’s BIOS, software that runs on a computer’s motherboard when a computer first loads. A BIOS is completely independent from the computer’s operating system, meaning that the malware is undetectable by virus scans and can persist after an infinite number of system reboots. Another exploit attacks similar firmware in the devices of hard drive manufacturers Western Digital, Seagate, Maxtor and Samsung. All but the former of those companies is American.
Considering the document is more than five years old, not all of the targeted software and hardware is still in use. But if the recent history of the NSA is indication—as revealed via Snowden’s leaked documents—ANT has only become more agressive in its data collection operations.
Illustration by Jason Reed
Kevin Morris is a veteran web reporter and editor who specializes in longform journalism. He led the Daily Dot’s esports vertical and, following its acquisition by GAMURS in late 2016, launched Dot Esports, where he serves as the site’s editor-in-chief.