Mar 18, 2014

NSA’s malware and spying ops far more powerful than you think

The NSA has the post powerful online spying apparatus in the world -- and it's just getting started. Crikey's resident tech-head explains the power of malware.

Stilgherrian — Technology writer and broadcaster


Technology writer and broadcaster

As the cataract of code words and compromises continues to course from Edward Snowden's cache of classified information, it's easy to lose track of what, exactly, the US National Security Agency and its allies can and can't do. So let's clarify that -- especially given that last week's revelations make it clear that the NSA's capabilities go way, way beyond what was previously thought. It's obvious that the NSA could do more than, say, the organised cybercriminal gangs of eastern Europe. The agency has more and arguably smarter people -- it hires the "best and brightest" -- and those people have been working on the problems for far longer. Over the years, criminals have built software systems that automate many of the processes of hacking. Tools to "weaponise" otherwise innocuous programs or documents so they'll infect the computers on which they're opened. Tools that automatically check that these new pieces of malware (malicious software) will successfully evade commercial anti-virus software. Tools that automatically look at a computer's configuration, figure out a way to hack into it, and install a remote access tool (RAT), which in turn means that the hacker can control anything and everything happening on that computer. And tools that can link thousand or even millions of these "zombies" into a botnet (a network of robots) and use them in complex transnational criminal operations. In 2011, one of the major information security vendors taught technology journalists how to use these tools to create a cybercrime network. It took just 90 minutes. It'd then take a day or two to customise that process to the needs of your own criminal operation. The only particularly difficult part isn't even technical: it's figuring out how to launder all the money you'd make without getting caught. So yes, the NSA has all of this. Once the agency has control of a target's computer, it would presumably be less interested in watching for any credit card numbers that might be typed, or placing phoney orders for iPhones through online retailers, and more interested in looking at email and other documents for signs of evil or turning on the microphone to listen in to nearby conversations, but the principles are basically the same. But the NSA has much more, as revealed in last week's story at First Look ...

NSA malware

Free Trial

Proudly annoying those in power since 2000.

Sign up for a FREE 21-day trial to keep reading and get the best of Crikey straight to your inbox

By starting a free trial, you agree to accept Crikey’s terms and conditions


Leave a comment

2 thoughts on “NSA’s malware and spying ops far more powerful than you think

  1. Umal Lamed

    It seems that “owning the Net” is a “a foreign intelligence or counterintelligence purpose” that supports “national and departmental missions”

  2. Chris Hartwell

    Hah! Knew it! Even NSA talks about their l33t |-|aX0r ski11z!

Share this article with a friend

Just fill out the fields below and we'll send your friend a link to this article along with a message from you.

Your details

Your friend's details