Leaked Documents: GCHQ Made Port-Scanning Entire Countries a Standard Spy Tool 58
Advocatus Diaboli writes with this excerpt from Heise: Since the early days of TCP, port scanning has been used by computer saboteurs to locate vulnerable systems. In a new set of top secret documents seen by Heise, it is revealed that in 2009, the British spy agency GCHQ made port scans a "standard tool" to be applied against entire nations. Twenty-seven countries are listed as targets of the HACIENDA program in the presentation, which comes with a promotional offer: readers desiring to do reconnaissance against another country need simply send an e-mail.
Also from the article:
The list of targeted services includes ubiquitous public services such as HTTP and FTP, as well as common administrative protocols such as SSH (Secure SHell protocol – used for remote access to systems) and SNMP (Simple Network Management Protocol – used for network administration) (Figure 4). Given that in the meantime, port scanning tools like Zmap have been developed which allow anyone to do comprehensive scans, it is not the technology used that is shocking, but rather the gargantuan scale and pervasiveness of the operation.
And we're surprised why? (Score:5, Insightful)
So basically this is an article about the intelligence agencies using the same tricks criminals and security specialists in the industry have been using for years?
Let me show you my shocked face ... :|
We are surprised because... (Score:5, Insightful)
We are surprised because these are our governments spending our tax payer dollars to find exploits in computers in foreign countries that have done us no wrong. While you may have no scruples about this sort of thing, most of the rest of us are offended when something is done in our names that we would never stand having done to us.