Around the world, corporations, nonprofits and government agencies depend on the computer security architecture made by companies like Cisco, Juniper, and Huawei to protect their most valuable secrets. But for years the vast majority of these systems have been compromised.
A 2008 document obtained by German newspaper Der Spiegel reveals the National Security Agency has been able to slip into the majority of systems made by the major players in the computer security industry, thanks to an entire catalog of resilient and hard-to-detect backdoors, some of which are capable of burrowing as deep as a computer’s motherboard.
The document, which the paper likely received via NSA whistleblower Edward Snowden, is a catalog of what are essentially keys into the world’s security architecture. The tools are produced by an NSA unit called ANT, equivalent to a special operations hacking division, called in to help spy on a target when the NSA’s usual snooping methods aren’t paying off. Its catalog offers a suite of tools in varying degrees of sophistication and expense. As Der Spiegel describes it:
A rigged monitor cable that allows [NSA] personnel to see what is displayed on the targeted monitor,’ for example, is available for just $30. But an ‘active GSM base station’ — a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones — costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million.
The paper’s print edition included this image of the USB bugging device, which has since been spread widely on Twitter and Reddit:
COTTONMOUTH-I looks like USB cable but works as wireless bridge into target network, can “jump the airgap”. Scary. pic.twitter.com/l9lMwVXU8p
— Henrik Moltke (@moltke) December 29, 2013
But ANT’s hacking goes well beyond special hardware devices. Its software can compromise the security architecture made by the biggest names in the industry, including Cisco, Huawei, and Juniper—none of which appear to have cooperated with the NSA on the hacks, according to Der Spiegel.
ANT has a special affinity for installing malware on a computer’s BIOS, software that runs on a computer’s motherboard when a computer first loads. A BIOS is completely independent from the computer’s operating system, meaning that the malware is undetectable by virus scans and can persist after an infinite number of system reboots. Another exploit attacks similar firmware in the devices of hard drive manufacturers Western Digital, Seagate, Maxtor and Samsung. All but the former of those companies is American.
Considering the document is more than five years old, not all of the targeted software and hardware is still in use. But if the recent history of the NSA is indication—as revealed via Snowden’s leaked documents—ANT has only become more agressive in its data collection operations.
Illustration by Jason Reed