Forgot your password?
typodupeerror
China Government Security United States

NSA Says It Foiled Plot To Destroy US Economy Through Malware 698

Posted by timothy
from the big-brother-says-he's-got-your-back dept.
mrspoonsi writes "Business Insider Reports: The National Security Agency described for the first time a cataclysmic cyber threat it claims to have stopped On Sunday's '60 Minutes.' Called a BIOS attack, the exploit would have ruined, or 'bricked,' computers across the country, causing untold damage to the national and even global economy. Even more shocking, CBS goes as far as to point a finger directly at China for the plot — 'While the NSA would not name the country behind it, cyber security experts briefed on the operation told us it was China.' The NSA says it closed this vulnerability by working with computer manufacturers. Debora Plunkett, director of cyber defense for the NSA: One of our analysts actually saw that the nation state had the intention to develop and to deliver — to actually use this capability — to destroy computers."
This discussion has been archived. No new comments can be posted.

NSA Says It Foiled Plot To Destroy US Economy Through Malware

Comments Filter:
  • by fractoid (1076465) on Tuesday December 17, 2013 @10:28AM (#45713471) Homepage
    ...and subprime lending really DID destroy the U.S. economy.
    • by Anonymous Coward on Tuesday December 17, 2013 @10:45AM (#45713705)
      And Iraq had WMDs. And the NSA never lied to congress or the people... how stupid do they think we are?
      • by LVSlushdat (854194) on Tuesday December 17, 2013 @11:12AM (#45714039)

        ... how stupid do they think we are?

        You don't want to know just how stupid *they* think we are.. And the really sad part?? *They* are absolutely right on a large percentage of the American people.. The ones who drink the koolaide that comes from BOTH parties.. Its becoming apparent that none of the media, better known now as the defacto US Department of Propaganda, is telling the truth.. oh sure, they tell *their* "version" of the "truth", but not the TRUTH.. We are well and truly screwed...

        • by Jeremi (14640) on Tuesday December 17, 2013 @01:10PM (#45715727) Homepage

          The ones who drink the koolaide that comes from BOTH parties.. Its becoming apparent that none of the media, better known now as the defacto US Department of Propaganda, is telling the truth.. oh sure, they tell *their* "version" of the "truth", but not the TRUTH..

          What qualifications do you have that allow you to reliably discern the TRUTH from the lies?

          Are you 100% sure you aren't drinking someone else's brand of koolaid?

          What makes your sources of information more reliable than other peoples'?

          Often when someone is pushing a story about a vast conspiracy, the conspiracy is fictional, or at least highly exaggerated, and the people pushing the conspiracy narrative have their own political reasons for pushing it.

        • by Penguinisto (415985) on Tuesday December 17, 2013 @02:31PM (#45716817) Journal

          Re: the media... yup - sad, but mostly true.

          I find that I usually have to look up at least two different sources, plus at least one non-US source (my faves: RT, BBC, Deutsche Welle) and at least one alt-media source (*not* an ideologically-driven one) to get a semi-coherent picture of the truth behind a given story I find interesting.

          There is one bit, though: I don't think the US media is doing it for a given propaganda track per se (though it is rapidly approaching that), but instead I think it's an organic result of the $media_corporation drive for eyeballs, thus advertising dollars. This is why a typical cable show's primetime slots are packed with crap that feeds off of the drama and controversy, instead of trying to get at the actual facts and heart of a given story. It's why you have the likes of, say, Nancy Grace on CNN making her paycheck off the corpses of dead kids, MSNBC sneering at anyone who dares to besmirch their idol in the White House, and FOX shouting full-throttle that that same White House occupant is a combination of Stalin and the Antichrist (albeit wearing a better suit). Each channel is shaping their chosen demographic, and stoking them up so they can jack up the rates for advertisers.

          But then, I suspect it's part of the grand civilizational cycle - rise, peak, fall. We (the world, mind, since we're a lot more global than most folks realize) are somewhere near the peak IMHO, though I'll be damned if I can say for certain which side of that peak we're on.

    • Next up NSA saves companies from being "slashdotted"

      Now I wonder what the NSA will save us from after that? If we are lucky maybe fake entertainment stories posted by fox and msnbc that pose as news

  • by NIK282000 (737852) on Tuesday December 17, 2013 @10:29AM (#45713477) Homepage Journal

    But we cant show it to you, its a privet.

  • by danudwary (201586) on Tuesday December 17, 2013 @10:30AM (#45713491)

    I don't know the history of this, and the linked article is vague on timelines, but it always did seem like UEFI came out of nowhere...

  • by the_scoots (1595597) on Tuesday December 17, 2013 @10:31AM (#45713501)
    Once those pesky real journalists that insist on facts and sources start digging into this, I'd expect the cataclysmic claims will be slowly walked back to something much less sinister, like almost all other claims of thwarted plots.
  • Not buying this (Score:5, Insightful)

    by Akratist (1080775) on Tuesday December 17, 2013 @10:32AM (#45713519)
    China holds a huge amount of our debt. They want us to buy their stuff and to borrow money from them. Why cripple our economy? Or, even worse, why do something like this that will point a finger back to them and stir up the pot against them? (and possibly lad to embargos, and so on)
    • by WankersRevenge (452399) on Tuesday December 17, 2013 @10:45AM (#45713699)

      China holds a huge amount of our debt.

      Our debt is around 17 trillion dollars. Of that 17 trillion, China owns around 1.2 trillion. A large number for sure, but not something I'd say is a rather small percentage of the total debt. The debt owned by the public equates to 12 trillion which is something I'd call huge.

      National debt of the United States [wikipedia.org]

      • by usuallylost (2468686) on Tuesday December 17, 2013 @11:23AM (#45714207)

        Don't forget the other 3 or 4 trillion in US dollars they are holding as cash reserves. If China did something to bring down our economy their exposure would be far worse than the debt that they hold. It would impact their hard currency reserves and an unknown amount of additional US currency held by various Chinese companies and individuals.

        If this was a governmental effort in China my guess is it would be more along the lines of something that would be held back in case there was a confrontation between the US and China. Rather than something that would just be randomly used. If it was some private individual or crime group who knows what their intentions would be. Unless they sell new computers how would they monetize this? Whole thing sounds kind of suspect to me.

    • by Rob the Bold (788862) on Tuesday December 17, 2013 @10:56AM (#45713861)

      China holds a huge amount of our debt. They want us to buy their stuff and to borrow money from them. Why cripple our economy? Or, even worse, why do something like this that will point a finger back to them and stir up the pot against them? (and possibly lad to embargos, and so on)

      Ya, it makes no sense. Like if I pulled up to the Starbucks drive-thru to order a venti double-skinny mocha latteachio with no foam and instead they went all Goldfinger on my car. You don't try to kill your best customer.

      Likewise if this was some freelance/rogue/criminal/terrorist operation inside China, I'd think they (the Chinese) would be motivated to foil it themselves for the same reasons.

      The NSA should have cooked up a more plausible bogus plot to foil, but instead they don't even respect us enough to make up a believable lie.

  • by dido (9125) <dido@NOsPAm.imperium.ph> on Tuesday December 17, 2013 @10:32AM (#45713533)

    If these attackers the NSA supposedly thwarted (the Chinese it is speculated), managed to gain control over large numbers of computers with access enough to damage their firmware, it would make far better sense to keep those machines alive and working for them instead. You could cause far more damage to the US economy by keeping those machines alive and pwn3d than if you simply bricked them. A bricked machine will cost a few hundred dollars to fix. A pwn3d machine is a gift that keeps on giving!

  • house of cards? (Score:5, Interesting)

    by AntEater (16627) on Tuesday December 17, 2013 @10:33AM (#45713537) Homepage

    Does this strike anyone else as being utterly ridiculous? "Cataclysmic"?? I mean, if a bunch of bricked computers could bring down our economy (and possibly the global economy) then isn't the whole thing in need of some serious attention? Maybe we've built an unreasonable amount of dependence on something that is entirely too frail to warrant such trust? - both the computer systems and our current economic system.

    • Re:house of cards? (Score:5, Interesting)

      by supremebob (574732) <themejunky&geocities,com> on Tuesday December 17, 2013 @11:05AM (#45713955) Journal

      If anything, bricking a few million old PC's might actually have a stimulating impact on the economy. When the users toss out their 5 year old system that is probably still running Windows XP, they will likely go out and buy a shiny new laptop from Dell or HP that comes with a copy of Windows 8.1 and Office 2012. It will probably come with a "free" trial subscription of McAfee or Symantec virus protection as well. Lots of profit to be had by all in the IT industry.

      When you think about it that way, it makes you wonder who paid the Chinese programmers to write this malware.

  • Prove it (Score:5, Insightful)

    by bradley13 (1118935) on Tuesday December 17, 2013 @10:34AM (#45713559) Homepage

    Right, sure they did. A BIOS attack of the sort hinted at in this interview is difficult to believe.

    If they worked with computer manufacturers to close some such massive security hole, then they can easily point to the historical vulnerability. The technical community can verify their claims. Failing that, no, I do not believe such an attack ever existed outside the overheated imagination of some technically illiterate NSA bureaucrat.

    In other news, I have a bridge I'd like to sell you.

    • Another TLA that seems appropriate at this juncture is FUD. It's not tough to believe the security game might be painted as another necessary sacrifice of freedoms in exchange for security. Will citizens pick necessary evil we know >malevolent threat from abroad?
    • If they worked with computer manufacturers to close some such massive security hole, then they can easily point to the historical vulnerability.

      Except, there is none. The BIOS is not connected to the internet; the computer's operating system is. Any vulnerability that would allow remote updating of the BIOS is a vulnerability in Windows/MacOS/Linux/etc., and not in the BIOS or hardware; so working with computer manufacturers is pointless.

      Many BIOSes have a setting to allow/prevent the updating of the BIOS from the OS; if your machine has that, and it is set to block updates, then there IS no vulnerabilty at all. If your machine does not have that,

    • Probably this story was accepted by the same guy that approved monitoring for terrorists in World of Warcraft.
    • Perhaps more importantly, even if their claims are 100% true, they are basically irrelevant to the 'read absolutely everybody's email on the entire planet' side of the NSA, and instead support the 'do tedious work on making sure computer security sucks less' side of the NSA.

      Building a dystopian panopticon surveillance apparatus is of limited use for preventing such an attack (best case, maybe the attackers will be dumb enough to chat about it over insecure channels months or years before it's finished);
  • by QilessQi (2044624) on Tuesday December 17, 2013 @10:35AM (#45713569)

    the exploit would have ruined, or 'bricked,' computers across the country, causing untold damage to the national and even global economy

    Sorry, I'm not buying it. Despite the NSA's best efforts, Microsoft did release Vista.

  • BIOS Attacks (Score:5, Insightful)

    by the eric conspiracy (20178) on Tuesday December 17, 2013 @10:35AM (#45713573)

    Have been known for years. The problem is you have to gain admin access to the machine first, so basically you are bricking your own botnet.

    LOL.

    • by swb (14022)

      I guess it depends on what your goals are.

      Arguably, organized crime could make money by just killing shopkeepers and taking the till. But at some point they realized they could make MORE money by threatening them with death or violence and getting regular payments for "protection". It's recurring money versus one-time money and has a lot less blowback than dead bodies.

      Botnets and remote control of PCs are of more value for crime and intelligence gathering than bricking, so if your goal is long-term value

  • by freax (80371) on Tuesday December 17, 2013 @10:38AM (#45713609) Homepage

    http://en.wikipedia.org/wiki/CIH_(computer_virus) [wikipedia.org]

    ps. It didn't destroy the US economy.

  • by davidannis (939047) on Tuesday December 17, 2013 @10:40AM (#45713633) Homepage
    because I can't imagine the scenario in which they uncovered that plot by looking at the metadata from American cellphones.
  • by Chrisq (894406) on Tuesday December 17, 2013 @10:41AM (#45713641)

    The NSA says it closed this vulnerability by working with computer manufacturers.

    Ah the Chinese are so helpful ... oh wait!

  • by wkk2 (808881) on Tuesday December 17, 2013 @10:41AM (#45713645)

    I'm sure, due to their hard work, all new computer have hardware jumpers to write protect the BIOS....

  • by Cro Magnon (467622) on Tuesday December 17, 2013 @10:42AM (#45713653) Homepage Journal

    A more dangerous cyber threat would be malware that collects all the users personal information and stores it until the malware writer is ready to use it against the victim.

    Oops!

  • by xednieht (1117791) on Tuesday December 17, 2013 @10:45AM (#45713695) Homepage
    China has discovered NSA's backdoor into computers, and worked with computer manufacturers to build a much more better and newer back door for NSA.
  • by tekrat (242117) on Tuesday December 17, 2013 @10:49AM (#45713751) Homepage Journal

    Please. I saw this on 60 Minutes and that entire pandering two-parter on Sunday night was a such a load of bullshit, I could smell it through the TV.

    And this segment of it was the worst, because it made no sense. I mean, they dumbed the story down for Ma and Pa in Pigsknuckle Arkansas, but for anyone with even a hint of technical acumen, it came off as complete tripe.

    Why *exactly* would China want to destroy the global economy? Such a move would hurt them more than us, because they are in a period of crazy growth, and their entire stability *depends* upon that growth or they'd have rioting.

    Secondly, if a nation wanted to destroy us, why use "malware"? A better way would be to use lobbyists to force more deregulation and let us cut our own throats as we've already seen. Our own greedy bastards will happily destroy the global economy if it means 6 more dollars in *their* pockets.

    The whole thing is fishy and smells of NSA desperation to look good to the average american, and paint the Chinese and Edward Snowden as bad guys we need to be afraid of so that the NSA can "protect" us, by of course, stripping us of all our rights.

  • Prove it (Score:4, Insightful)

    by gman003 (1693318) on Tuesday December 17, 2013 @10:51AM (#45713799)

    This doesn't pass the sniff test. What would China gain by *destroying* our economy?

    Sure, China planting surveillance software on every computer, I can believe that. But bricking all the computers in the US doesn't make sense as an espionage move, it doesn't make sense as an economic move (do you think anyone would trust Chinese-made computers when rebuilding?), it doesn't make sense as a propaganda move. It might make sense as a military move as a prelude to invasion, but a) China doesn't want that, b) China probably couldn't do it if they wanted to, and c) even if not fired, the risks of such a weapon being uncovered outweighs any benefit.

    So it doesn't seem like something China would do. So who could it be? Even the NSA is explicitly calling it a nation-state, so it's not a terrorist group like al-Qaeda. If it's a nation-state, it has to be one that thinks (correctly or not) that they can beat the US when it is inevitably discovered (either before or after the attack). Russia's on that list, but I don't see how they would benefit except, again, as a pre-invasion attack, and our relations aren't that bad yet. North Korea might be dumb enough to think they can get away with it, but for the same reasons they probably don't have the capabilities of developing an attack like this. Iran is probably smart enough not to provoke the US with a direct attack, but maybe I'm wrong, or maybe they thought framing China would work.

    Honestly, if someone in the Chinese government got on TV and said "yeah, we made that as a training exercise for defense drills, how the hell did you guys find it in the wild?", I'd believe them more than I'm believing CBS/NSA right now, because that at least makes sense with all the other information.

    Especially since it's REAL FUCKING CONVENIENT for the NSA to suddenly have a major "victory" when they're being revealed as basically a bunch of puppy-kicking freedom-hating fascists.

  • by petes_PoV (912422) on Tuesday December 17, 2013 @10:52AM (#45713817)
    If the american economy bombs, who will repay all the debt the chinese hold? If there was such a "cataclysmic" financial crash and the USA defaulted on its loans, then the trillions and trillions of dollars owed by the USA becomes junk. How would that help China?

    Further, with their biggest customer deep in the mire, who would they sell their goods to? The same goods they depend on for revenue to keep their own growth moving forward?

    This has got to be the dumbest scare story, no: xenophobic, boogy-man, fiction to come out this year (and it has lots of competition). Although the american debt is a big drag on its economy, it's also so large that it's a problem for the debt holders, too. They are in just as much trouble if the value of that debt drops and therefore have an interest in making sure the USA does not crash and burn - despite what some scared, bigoted and ill-informed media commentators might think.

  • by DdJ (10790) on Tuesday December 17, 2013 @10:53AM (#45713821) Homepage Journal

    "We had to destroy the village in order to save it."

  • by thatkid_2002 (1529917) on Tuesday December 17, 2013 @10:57AM (#45713869)

    I routinely stop alien invasions. Their lazors are no match for my hands (and let's not mention my other weapon... in my pants).

    Your move NSA - what have you done lately?

  • Bullshit! (Score:4, Informative)

    by Sven-Erik (177541) on Tuesday December 17, 2013 @10:59AM (#45713889)

    This is just bullshit! If they stopped this attack by "closed this vulnerability by working with computer manufacturers", this would only fix the vulnerability on new computers built after the fix was created, but not on machines already produced and sold.

    This sounds more like a PR campaign to garner positive support after all the negative impact of the releases of the documents Edward Snowden leaked.

  • by wcrowe (94389) on Tuesday December 17, 2013 @11:02AM (#45713911)

    The NSA has become the Ministry of Truth.

    • The media has become the Ministry of Truth.

      FTFY.

      In other news, scientists discovered that two plus two actually equals five!

  • by ClassicASP (1791116) on Tuesday December 17, 2013 @11:15AM (#45714091)
    I hear there is a tribe of super-weathy elites running the U.S. behind the scenes who have effectively succeeded in making it rain-bullshit on the American people. Foil that one for me.
  • by seeker_1us (1203072) on Tuesday December 17, 2013 @11:16AM (#45714105)
    There have been BIOS destroying viruses before. Now the NSA is in the antivirus business? And by doing so, they save the U.S. economy? Even Norton and McAfee don't make this claim.
  • by tibit (1762298) on Tuesday December 17, 2013 @11:16AM (#45714109)

    There's this moment when you're acting out when you cross from plausible belief to total, in-your-face disbelief. Does NSA seriously imply that such an attack would have lasting consequences? Do they really think that there wouldn't be many BIOS recovery solutions popping up left, right and center literally within hours? My bet is that within a week there'd be a thriving BIOS recovery business going on all around us, and the damage would be well contained in spite of whatever bullshit the clueless media would be spewing around.

  • Fear? (Score:3, Funny)

    by DaWhilly (2555136) on Tuesday December 17, 2013 @11:16AM (#45714111)
    Now that they have committed themselves to the role of protecting the country, can they track down the people who wish to bring down our country by exploiting our fears?
  • by DigitalSorceress (156609) on Tuesday December 17, 2013 @11:19AM (#45714157)

    "Hi [insert computer bios maker here], I'm with the NSA - we've detected a BIOS damaging malware and we would like to you implement these changes to prevent it - No, we totally aren't actually just making shit up to get you to install a backdoor for us, okthxbie"-

  • by Rambo Tribble (1273454) on Tuesday December 17, 2013 @11:20AM (#45714177)
    ... this wasn't a Microsoft plot to advance UEFI Secure Boot, while implicating Chine?
  • by Marrow (195242) on Tuesday December 17, 2013 @11:21AM (#45714181)

    Maybe it could use one of the backdoors or zero-day exploits that NSA keeps under its belt. They don't tell computer manufacturers about those threats because they want to use them themselves. Yeah, you guys are real heroes.

  • by wjcofkc (964165) on Tuesday December 17, 2013 @11:26AM (#45714235)
    Oh my. Consider the scale and scope of the attack the NSA is reporting. If China had done this and pulled it off, they would have know in advance that not only would we figure out it was them, they would also know it would be act an of war that we would respond to with military might. In other words: they are not that stupid.

    BIOS attack? Beyond not likely on a scale where you would have to target such a multitude of vendors running at different patch levels. This was aimed at the technically less inclined (most people).

    As a lot of people have already pointed out, our economies are intimately intertwined. Such an attack on us would equal the same level of damage on them. Further, if this would have thrown the entire world into economic chaos, it would have been a double whammy against China. Triple since we would attack. Again: the Chinese are not so short sighted or stupid.

    Fact: The NSA lied to the government about what they are up to. Lying to the American people is a cake walk compared to that.

    'While the NSA would not name the country behind it, cyber security experts briefed on the operation told us it was China.'

    Two things here:

    1. My sig becomes more relevant with every passing day.

    2. Yes the NSA effectively did say it was China - through "cyber security experts" instructed to say so and that are likely NSA contractors if they could have known that in the first place. The NSA accusing China of nearly pulling of an attack of military escalation proportions is so extraordinary reckless it scares me that they would do it at all.

    This is so fucked up. If you don't have a passport get one now and plan where you're going to escape to while there is still time.

  • by WOOFYGOOFY (1334993) on Tuesday December 17, 2013 @11:54AM (#45714609)

    I don't always agree with Techdirt, I think they exaggerate, omit and sometimes distort for effect. That being said, they do good stuff also. They have a pretty good take down of the whole 60 Minutes puff piece, including the interviewer (hint- when you've never seen that interviewer before, you might be interested to know more about him) and also claims about the whole BIOS attack thing.

    http://www.techdirt.com/articles/20131216/12580425582/cbs-airs-nsa-propaganda-informercial-masquerading-as-hard-hitting-60-minutes-journalism-reporter-with-massive-conflict-interest.shtml [techdirt.com]

    I am sure there's more out there that's even more damning. This is the problem with the people running this organization. They've somehow enabled themselves to lie lie lie and think they're doing everyone a favor so it's OK.

    That's just not how a democracy is run. If you've given up on democracy, like say Peter Thiel apparently has

    http://techcrunch.com/2013/11/22/geeks-for-monarchy/ [techcrunch.com]

    then that's cool. But you don't need to be running the organs of that democracy in that case. Have a nice retirement. It's on us.

  • Snowden claims... (Score:4, Insightful)

    by Charliemopps (1157495) on Tuesday December 17, 2013 @12:02PM (#45714757)

    Edward Snowden claims to have uncovered a plot to subvert our constitutional rights by a super secret organization. Both claims are far fetched... which do we have more proof of?

  • by PortHaven (242123) on Tuesday December 17, 2013 @12:12PM (#45714903) Homepage

    Computers, manufactured in China. Had a defect that led large number of machines to crash and brick. These were sold to the NSA. Who pointed the flaw out to the manufacturer. And received an update, and a scathing email addressing the NSA sysadmin for having updated all the machines with the wrong BIOS firmware.

  • by readin (838620) on Tuesday December 17, 2013 @01:20PM (#45715873)

    NSA Says It Foiled Plot To Destroy US Economy Through Malware

    What a coincidence. So did I!

  • by WindBourne (631190) on Tuesday December 17, 2013 @01:23PM (#45715921) Journal
    Seriously, they should be working hard to bring back manufacturing to America. Obama is, but the DOD should insist on all of their communications, including phones and networks, being made in the west. Just as China blocks goods from the west based on defense needs, we should be doing the same. This should include our telcos, utilities, etc. Ideally, we should push other western nations to do the same.
  • by istartedi (132515) on Tuesday December 17, 2013 @02:08PM (#45716499) Journal

    Arguably this goes for anything on TV; but I found myself keeping it particularly in mind while watching the NSA segment. You have to watch it thinking, "How much of this will later be revealed as a lie?".

    I bet a lot of people took that approach. It's called "credibility" and the NSA has lost it. They can't get it back with one dog and pony show. At least... you shouldn't let them get it back that easily.

"No problem is so formidable that you can't walk away from it." -- C. Schulz

Working...