Forgot your password?
typodupeerror
Government Privacy Security

How the NSA Plans To Infect 'Millions' of Computers With Malware 234

Posted by Soulskill
from the sudo-apt-get-install-nsa-malware dept.
Advocatus Diaboli sends news from The Intercept about leaked documents which show that the NSA is significantly expanding its efforts to build an automated system to compromise computers remotely. From the article: "The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to 'allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.' In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the 'Expert System,' which is designed to operate 'like the brain.' The system manages the applications and functions of the implants and 'decides' what tools they need to best extract data from infected machines."
This discussion has been archived. No new comments can be posted.

How the NSA Plans To Infect 'Millions' of Computers With Malware

Comments Filter:
  • crime? (Score:5, Insightful)

    by BlazingATrail (3112385) on Wednesday March 12, 2014 @02:18PM (#46466407)
    Shouldn't somebody go to jail for this?
    • Re:crime? (Score:5, Insightful)

      by Anonymous Coward on Wednesday March 12, 2014 @02:22PM (#46466465)

      Hah. The elite get in trouble for doing something illegal? Was that a joke?

      However, since you pointed out their wrong-doing, you have a chance of being locked up. There is no greater law in these lands than embarrassing or exposing those in power.

      • Re:crime? (Score:4, Interesting)

        by davester666 (731373) on Wednesday March 12, 2014 @03:48PM (#46467553) Journal

        also, not sure why the article is using the future tense, as this relating to plans the NSA made in 2009. I find it hard to believe they haven't been implemented yet.

    • by blueg3 (192743)

      Only if they actually do it, and only if someone with authority ends up considering it illegal.

    • Re:crime? (Score:5, Funny)

      by mwvdlee (775178) on Wednesday March 12, 2014 @02:43PM (#46466727) Homepage

      I'm pretty sure Snowden will, at some point in the future.

    • Re:crime? (Score:5, Insightful)

      by Jason Levine (196982) on Wednesday March 12, 2014 @02:45PM (#46466763)

      Unfortunately, the people most likely to go to jail for this are the people who are letting us know about these abuses of power instead of the people abusing power. The latter will simply cry "TERRORISTS!" at the next Congressional hearing and get (at worst) a sternly worded speech directed at them.

    • Re:crime? (Score:5, Informative)

      by TheGratefulNet (143330) on Wednesday March 12, 2014 @03:01PM (#46466959)

      to send someone to jail, you have to take them to court (part of the process).

      and there is the problem: you and I can't show 'standing' (it will always, ALWAYS be denied us and we can't prove we have been tapped, so there you go!).

      therefore, they are untouchable via usual legal means.

      they know the system and they use it to keep themselves in power.

      nothing short of a full revolution is going to unseat, them either. and given americans' apathy and blind trust in continually voting against their own best interests, this won't be solved in our lifetime.

    • Re:crime? (Score:5, Insightful)

      by hackus (159037) on Wednesday March 12, 2014 @03:23PM (#46467245) Homepage

      Jail?

      Oh, I am sorry...you are thinking of JUSTICE. No no...laws apply to YOU..thats JUST US.

      JUSTICE is for anybody not you, and it works this way:

      1) Eric Holder runs guns for the mexican cartels in a act of subverting the law of the land, the constitution by orchestrating heavy arms into very violent people on the Mexican border hoping the chaos that will inevitably follow through with the subversion of law abiding citizens right to bear arms.

      You know, because, if you have border incidents, they don't want people able to defend themselves.

      While this is going on, DHS is plotting to kill every man women and child in the USA through the acquisition of ludicrous amounts of ammo.

      HOLLOW POINT BULLETS AND SNIPER AMMO, not pistol ammo. MILITARY GRADE AMMO.

      I mean, ammo in the BILLIONS OF ROUNDS. You would need hundreds of MILLIONS of terrorists to justify that sort of purchase.

      Do I need to draw anyone a picture or is it just a coincidence that the population of the USA is about 280 Million?

      280 Million terrorists.

      Yeah, terrorists because you don't like having your money confiscated when the banker cronies come and take it all.

      2) Look at these lawless people and the BANKS THAT SUPPORT THEM.

      New data centers that are funded for criminal industrial espionage, which is the primary activity of the NSA, with PRINTED dollars, because the economy could never afford to build any of this stuff.

      From the NSA data centers to the really outrageous F35 program, which cost about 2 trillion to maintain a world wide fighter force of F35's when fully deployed.
      (Probably more and if they can ever deliver it because they can't get the thing to work.)

      Does anyone know what we collect in taxes? It's about 2 trillion. No really, go look it up. ALL of the collected tax revenue for one year, would go JUST for maintaining a fleet of F35's world wide on all of those bases we have.

      Meanwhile these BANKERS print money and destroy the dollar value and as a result creates mischief. If you spend 2 trillion on air planes, you logically have to print the rest of the money to pay for everything else.

      The SAME MISCHIEF THAT IS GOING ON IN THE UKRAINE right now. Did you see who they hired?

      A Banker. A nice London Banker!

      These people are everywhere and where they go lawlessness follows.

      3) Have you noticed our youth have no where to go? You know why? Well, for one thing the economy is totally managed by the federal reserve.

      The whole thing is rigged. LIBOR. Rigged. Silver Gold Prices, Rigged. Stock Market...

      RIIIIIIIIGGGGGGEEEEEEEDD!

      You tell me how the stock market can be so high when there is virtually no growth ANWYHERE IN THE WORLD, let alone the United States, which has like 35% unemployment.

      You know once upon a time we had laws in place so Bankers couldn't control everything through monopolies. We use to have like a huge number of banks in the USA. Laws were put there so that the banks could not combine and do a EPIC meltdown, or forge any mischief. What do we have now?

      5 banks controlling like 85% of the market? What happens when one of them goes titsup?

      Yeah, remember the Anti Trust laws? Remember the glass steagall laws?

      Yeah they got rid of them. You know why?

      Because they want to steal it ALL that is why, and they don't want to be held accountable for ANYTHING.

      Justice is for JUST US, NOT THEM.

      I am not even going to go into OBAMA CARE, because at this point I am really freaking ticked off at all of this banker mishief and the hollowed politicians from our so called TWO PARTY, really ONE PARTY system.

      ONE PARTY to SCREW YOU.

      Two Party so they can laughably claim you have a choice when you vote.

      • Okay, generally insightful and well put. But I need to point out that the Hague Convention prohibits hollow point bullets in warfare and as such they are certainly not military rounds. Also, vastly more rounds of ammo are expended in practice, training, and re-certification exams than will ever be shot at live targets. I would be surprised if DHS and all its agents used less than a billion rounds of ammo a year - 99+% of which would be shot at paper targets.
      • by antdude (79039)

        What about the independent parties?

    • Re:crime? (Score:5, Interesting)

      by PolygamousRanchKid (1290638) on Wednesday March 12, 2014 @03:55PM (#46467623)

      Armed insurrection is our only option at this point. We need to form something like the "Molly Maguires": http://en.wikipedia.org/wiki/M... [wikipedia.org]

      It's not mentioned in the article, but they used to lop off the heads of mine managers who were exploiting destitute immigrant miners in the late 1800's. The Maguires obviously couldn't strike back at the Robber Barons who owned the mines, so they attacked the henchmen of the Robber Barons. They would drop the heads off on the doorsteps of other ruthless mine managers to give them a message. My high school history teacher attended a funeral in Eastern Pennsylvania, and the funeral parlor manager said that they still had some unidentified heads in jars in the basement.

      So post the names of NSA employees publicly, and let's start collecting heads. The NSA is an enemy of the United States of America now, and all the values of the Founding Fathers. The system of checks and balances has been destroyed by a rogue branch of the US government.

      • So post the names of NSA employees publicly, and let's start collecting heads.

        Why bother with the hassle, effort and expense. The best way to deal with the NSA is to cut their ludacrious budget. Then watch the outrageous sci-fi super surveillance software projects subsequently implode.

  • by ackthpt (218170) on Wednesday March 12, 2014 @02:22PM (#46466467) Homepage Journal

    to pull out my old C64, dust it off and find my floppies.

    to a happier and simpler time

    • You could afford a 1541?

      Most of us couldn't, cost more than the computer itself!

      • by ackthpt (218170)

        You could afford a 1541?

        Most of us couldn't, cost more than the computer itself!

        I upgraded to an Indus GT. =]

    • by H0p313ss (811249)

      to pull out my old C64, dust it off and find my floppies.

      to a happier and simpler time

      I was a VIC 20 guy myself. (Because no matter how many times we explained it to our parents they had no clue why what we really wanted was an Apple][...)

      As much as I miss those days, you'll have to pry my modern hardware from my cold dead hands, I rather like living in the 21st century where I can deploy applications to servers around the world with a click of a mouse and read books, watch movies and manipulate my entire music collection from a super computer in the palm of my hand.

    • Shh, or the NSA_BOT will document your suspicious activities for review.

    • by rvw (755107)

      to pull out my old C64, dust it off and find my floppies.

      to a happier and simpler time

      You remember PEEK and POKE? What is this discussion about? Peeking and poking!

    • by antdude (79039)

      Um, NSA can still install malwares onto it. It will be slower and more complex for that to happen. ;)

  • by SplatMan_DK (1035528) on Wednesday March 12, 2014 @02:23PM (#46466489) Homepage Journal

    I can't believe this claim.

    I bet they did this a decade ago, and this article is just a way to make people believe it hasn't actually happened yet ...

    - Jesper

    • 'Expert System,' which is designed to operate 'like the brain.

      This is the point where it started sounding like a syfy.... Maybe they have malware but I doubt it operates like the brain.

    • by AmiMoJo (196126) *

      Well, it shows they were planning it back in 2009, so presumably they already have done it. We need to focus on detection.

  • Linux version? (Score:5, Interesting)

    by Capt.DrumkenBum (1173011) on Wednesday March 12, 2014 @02:24PM (#46466495)
    If not, we could finally be looking at the year of Linux on the desktop. :)
    For me Linux on the desktop came about five years ago.
    • Re: (Score:2, Troll)

      by BasilBrush (643681)

      Right. Because it's not as if they found a bug in GnuTLS security the other week, that compromises HTTP security in many Linux apps. A bug that may or may not have been planted by the NSA, but either way has been undiscovered for 9 years.

      There is nothing about Linux that makes it safer from government hacking. In fact the openness that allows many people, who's actual identities are not know to anyone, to contribute code makes it more vulnerable than a closed commercial OS.

      At least with a closed commercial

  • by Are You Kidding (1734126) on Wednesday March 12, 2014 @02:32PM (#46466601)
    Is my Kaspersky Antivirus going to find and remove their viruses? Or even better, perhaps some enterprising hacker will write a tool that that sends its own malware back through the NSA bot net and trashes their servers. When I was a youngster "We Have Met The Enemy and He Is Us" was amusing. Now it it taken as a guiding principle by our intelligence services. It's sad.
    • Is my Kaspersky Antivirus going to find and remove their viruses?

      It seems like a good idea to avoid American make anti-virus software, as they may be working in cooperation with the NSA. But going for a Russian one doesn't seem like a terribly good idea, as you'll just get spied on by their security services instead. (Recently Russia gave out goodie bags to G20 representatives which contained spyware in USB drives and power supplies.)

      Likewise British and Israeli anti-virus would be a bad choice given their history of surveillance and cooperating with the US.

      So which country that we trust a bit more has an anti-virus company?

      • by AHuxley (892839)
        You would need the skills to find the malware, note the ip/systems it reports back and have a history of finding gov backed malware efforts (made by gov or their favoured contractors).
        Some Russian firms have a great track record of finding varied gov backed malware deep in computer systems around the world and then telling the world of their findings.
        US software groups doing the same work might face the reality of national security letters, sealed courts or a gov chat.
        Recall the Magic Lantern, Carnivore
    • by bug1 (96678)

      Antivirus programs wouldnt even find and remove the sony rootkit.
      If you want to pay to be secure then you are not.

  • by dweller_below (136040) on Wednesday March 12, 2014 @02:36PM (#46466629)
    So, now it turns out that the NSA really was attacking me. Just because I ran the routers and a few other critical things.

    20 years ago, when I first started ranting about the NSA it was mostly theoretical. I ranted because there was no proof they were not evil. The stickers on my laptop's mic and camera were a bit of a joke. People would ask about them and it would give me a chance to rant. That's all I really wanted. A chance to rant from time to time.

    But, now it is clear that all my rants were too conservative.

    Now I am doing IT security for a university. I spend all day attempting to hold off the attacks of foreign governments. Some of those attacks now appear to be my own government. I never really wanted to be this paranoid. And it still appears that I am not paranoid enough.

    When will I ever be able to take off this stupid tinfoil hat?

    Congress keeps railing against money wasted on social programs. It appears the NSA and the CIA are elaborate social programs for sociopaths. Why can't we defund them?

    • by FudRucker (866063)
      I physically removed the camera and microphone from my laptop, cant hack what does not exist anymore.

      its not that i do anything wrong, even if i am typing up chocolate cake recipes it is still none of their fucking business what i am doing, maybe i am using a cad program to build custom motorcycle parts i dont want those fascist pigs to steal it and give it to their criminal friends on wallstreet
      • by noh8rz10 (2716597)

        that's the way to go. I covered my laptop camera with a sticker. haven't had the balls to do the mike yet. it's a very convoluted process on a macbook.

      • Re: (Score:2, Funny)

        by Anonymous Coward

        I am a fat old dude, I just moon my computer every day -- A moon a day keeps the NSA away.

      • by Burz (138833)

        Qubes systems [qubes-os.org] can keep things like cameras and mics effectively beyond the reach of remote attackers while running Linux and Windows apps.

        The core of the system is a pairing of Xen and X11/Linux which isolates the graphics, network and other risky services into less trusted domains. The result is that the trusted X11 can always show you what security context a window or other graphical element represents, even if the untrusted X11 in a VM becomes compromised-- You can't be tricked into thinking a malware el

  • This is from 2009, so they've probably done it by now.

  • Fight terrorism! (Score:3, Interesting)

    by Anonymous Coward on Wednesday March 12, 2014 @03:00PM (#46466945)

    By far the most effective way to fight terrorism these days would seem to be by dismantling the NSA. It's the largest terrorist organization in the world.

    And what a lot of money would be saved.

  • Must be missing something... I can't imagine how one could reasonably intend to infect millions of machines and not expect their stash of 0-days to be discovered and plugged in short order.. unless NSA plans to social engineer all of their victims to run the "fre3 v1agra" installer seems like a great way for NSA to shoot itself in the foot.

    • Well the following may well have been the NSAs work, and they got away with it for 9 years.

      http://arstechnica.com/securit... [arstechnica.com]

    • by AHuxley (892839)
      The method worked for tested encryption machines for embassies around the world, telcos helped for years without the press or staff really knowing too much... whats a few bugs in closed or open source code - reviews by people with great skills will find it all over time.
      Think of all the domestic and international offices, embassies, banks, govs, telcos, firms, brands, NGO's, police forces, armies, secretaries.. spreadsheets, crypto that has been sold or given as aid or for cooperation that provides a way i
  • Whaddarthey gonna do? Buy Adobe?

  • Anybody wonder if the plans in these documents (circa 2009?) have maybe adapted and become the recent Linksys worm [sans.edu]?
  • Developing massive attack tools like that make a global cyber war more likely.
    As with the initial ICBM's the first one to strike may believe to win.
    Very dangerous, and foolish.

  • In a world where 90% of desktops can't even display a JPEG securely, to not have this capability would be dereliction of duty.
  • by Anonymous Coward on Wednesday March 12, 2014 @03:45PM (#46467509)

    How many Xbox One consoles have sold? Microsoft claims 4 million+. That's 4 million homes that have each willing placed the most sophisticated NSA spy device imaginable in prime position to track the household residents 24/7.

    Microsoft and their NSA partners, when considering the change of policy that allows (in theory) people to use the console WITHOUT either Kinect of an online connection (both originally compulsory requirements), found that market research indicated a 95%+ likelihood of users choosing to use the console in an NSA optimal fashion.

    Essentially, if a person were thick enough to ignore the clear warnings that Microsoft designed the Xbox One to spy on users, they'd actually take a pride in setting up their console according to the NSA guidelines.

    Snowden proves over, and over, and over, and over that the GCHQ and NSA are about every aspect of 'full surveillance', and that those people who don't consider themselves as valid targets are exactly the people the NSA are most interested in hitting. A kid screaming the N-word over and over while playing an online game of 'Call of Duty' may one day be a politician whose vote is sought in support of yet another vile war of aggression. Showing him video of his 'racist' outbursts, and asking him how his electorate might respond to such a 'leak' in the press will gain the vote of 90%+ of all people blackmailed this way.

    Yet the Xbox One goes so much further. A 'super computer' (by the definition of less than a decade back) connects to a military grade sensor that actually measures the speed of light at each pixel, providing for unprecedented analysis of movement in the room. The Xbox One can be trivially taught to recognise any common pattern of movement (especially the rhythmic movements associated with sexual activity), and begin recording/uploading when such a trigger happens.

    Every Xbox One is continually running facial and voice recognition services. And the result of these calculations is uploaded daily to NSA servers in the cloud. NSA computers, mostly using algorithms designed by Google for this purpose, process the facial photographs and voice samples to extract better identification information. The NSA goal is to know who enters/leaves every room with an Xbox One, and when.

    The NSA NEVER, EVER, EVER needs hacking or 'trojans' to control the Xbox One computer system. Microsoft provides the NSA with a copy of every Xbox One encryption/authorisation key, so EVERY single online console 'phones home' to NSA servers, and any one of these consoles can be instantly remotely controlled by an NSA agent.

    The NSA has far more than its 'fair' share of paedophiles. These individuals have unlimited access to the camera systems of Xbox One consoles located in the bedrooms of children. The video that flows from these cameras is encrypted on-the-fly, so the NSA sex criminal that chooses to use the NSA facility this way can avoid detection if he has even one working braincell.

    Snowden is giving a VERY limited snapshot of NSA/GCHQ behaviour in the distant past- 'distant' in the sense that even 5 years back is an eternity when considering the world of computer based surveillance. The owners of Slashdot emphasis, as much as they can, lesser and obsolete abuses by the NSA.

    The Xbox One makes all previous forms of full surveillance look like they belong in the Stone Age, and yet Microsoft/NSA reputation management policies on forums and social networks ensure that, even today, those that warn about Xbox One spying are dismissed as "paranoid nut-cases". Every single tech site, this one included, has the official position that no NSA spying occurs via the Xbox One. Every monster in History has followed the principle "if you operate through lies, make your lies as BOLD as possible- the bigger the lie the better it works".

       

    • by dbIII (701233)
      I was very impressed with the above post until I got to this bit:

      connects to a military grade sensor that actually measures the speed of light at each pixel,

      At that point I despaired at how someone that obviously received a decent education in english was very badly shortchanged with their school science education. IMHO that decline goes hand in hand with acceptance that those in power know what's best, instead of what should happen with the people administering a nation merely being in place to be servant

  • Okay, everybody, stop your whining. I'm pretty sure every one of us reading slashdot has had somewhere near the middle of his or her to-do list something along the lines of "script mass exploit of remote computers in case I ever need to give the entire world a big F-U". There it is, just below "implement monitoring for everything" and just above "stock up for immanent apocalypse" (which fell a few spots in late 2012). It probably won't ever float high enough to actually make much progress on, but we've all

  • “Hacking routers has been good business for us and our 5-eyes partners for some time,” notes one NSA analyst in a top-secret document dated December 2012. “But it is becoming more apparent that other nation states are honing their skillz [sic] and joining the scene.”

    This is the really scary part. Other nations are doing it and soon criminal organizations will be doing it, if not already. They are destroying the internet as we know it. Purchase something online and have your money

    • by PPH (736903)

      The Rest Of The World should be working on hacking BGP to make paths between the NSA and the world unroutable.

  • I love the Expert System. Was it designed by the Really Clever Person? Is Dr. Evil working on the Really Stupid System to counter it? Go figure, or not, depending on the Really Mathematical System.
  • There's been shitloads of malware infections since 2009 despite everyone's best efforts and more people moving off XP to win7.

As far as we know, our computer has never had an undetected error. -- Weisert

Working...