http://www.washingtonpost.com/world/national-security/us-spy-agencies-mounted-231-offensive-cyber-operations-in-2011-documents-show/2013/08/30/d090a6ae-119e-11e3-b4cb-fd7ce041d814_story.html
> U.S. intelligence services carried out 231 offensive cyber-operations in > 2011, the leading edge of a clandestine campaign that embraces the Internet > as a theater of spying, sabotage and war, according to top-secret documents > obtained by The Washington Post. > > That disclosure, in a classified intelligence budget provided by NSA leaker > Edward Snowden, provides new evidence that the Obama administration's growing > ranks of cyberwarriors infiltrate and disrupt foreign computer networks. ..... > Additionally, under an extensive effort code-named GENIE, U.S. computer > specialists break into foreign networks so that they can be put under > surreptitious U.S. control. Budget documents say the $652 million project has > placed "covert implants," sophisticated malware transmitted from far away, in > computers, routers and firewalls on tens of thousands of machines every year, > with plans to expand those numbers into the millions. > > The documents provided by Snowden and interviews with former U.S. officials > describe a campaign of computer intrusions that is far broader and more > aggressive than previously understood. The Obama administration treats all > such cyber-operations as clandestine and declines to acknowledge them. > > The scope and scale of offensive operations represent an evolution in policy, > which in the past sought to preserve an international norm against acts of > aggression in cyberspace, in part because U.S. economic and military power > depend so heavily on computers. > > "The policy debate has moved so that offensive options are more prominent > now," said former deputy defense secretary William J. Lynn III, who has not > seen the budget document and was speaking generally. "I think there's more of > a case made now that offensive cyberoptions can be an important element in > deterring certain adversaries." > > Of the 231 offensive operations conducted in 2011, the budget said, nearly > three-quarters were against top-priority targets, which former officials say > includes adversaries such as Iran, Russia, China and North Korea and > activities such as nuclear proliferation. The document provided few other > details about the operations. > > Stuxnet, a computer worm reportedly developed by the United States and Israel > that destroyed Iranian nuclear centrifuges in attacks in 2009 and 2010, is > often cited as the most dramatic use of a cyberweapon. Experts said no other > known cyberattacks carried out by the United States match the physical damage > inflicted in that case. > > U.S. agencies define offensive cyber-operations as activities intended "to > manipulate, disrupt, deny, degrade, or destroy information resident in > computers or computer networks, or the computers and networks themselves," > according to a presidential directive issued in October 2012. .... > U.S. intelligence services are making routine use around the world of > government-built malware that differs little in function from the "advanced > persistent threats" that U.S. officials attribute to China. .... > Much more often, an implant is coded entirely in software by an NSA group > called Tailored Access Operations (TAO). As its name suggests, TAO builds > attack tools that are custom-fitted to their targets. ..... > The NSA appears to be planning a rapid expansion of those numbers, which were > limited until recently by the need for human operators to take remote control > of compromised machines. Even with a staff of 1,870 people, GENIE made full > use of only 8,448 of the 68,975 machines with active implants in 2011. > > For GENIE's next phase, according to an authoritative reference document, the > NSA has brought online an automated system, code-named TURBINE, that is > capable of managing "potentially millions of implants" for intelligence > gathering "and active attack." -- Kim Holburn IT Network & Security Consultant T: +61 2 61402408 M: +61 404072753 mailto:[email protected] aim://kimholburn skype://kholburn - PGP Public Key on request _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
