http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html
> On-Call Digital Plumbers > > One of the two main buildings at the former plant has since housed a > sophisticated NSA unit, one that has benefited the most from this expansion > and has grown the fastest in recent years -- the Office of Tailored Access > Operations, or TAO. This is the NSA's top operative unit -- something like a > squad of plumbers that can be called in when normal access to a target is > blocked. > > According to internal NSA documents viewed by SPIEGEL, these on-call digital > plumbers are involved in many sensitive operations conducted by American > intelligence agencies. TAO's area of operations ranges from counterterrorism > to cyber attacks to traditional espionage. The documents reveal just how > diversified the tools at TAO's disposal have become -- and also how it > exploits the technical weaknesses of the IT industry, from Microsoft to Cisco > and Huawei, to carry out its discreet and efficient attacks. > > The unit is "akin to the wunderkind of the US intelligence community," says > Matthew Aid, a historian who specializes in the history of the NSA. "Getting > the ungettable" is the NSA's own description of its duties. "It is not about > the quantity produced but the quality of intelligence that is important," one > former TAO chief wrote, describing her work in a document. The paper seen by > SPIEGEL quotes the former unit head stating that TAO has contributed "some of > the most significant intelligence our country has ever seen." The unit, it > goes on, has "access to our very hardest targets." ... > But it is the growth of the unit's Texas branch that has been uniquely > impressive, the top secret documents reviewed by SPIEGEL show. These > documents reveal that in 2008, the Texas Cryptologic Center employed fewer > than 60 TAO specialists. By 2015, the number is projected to grow to 270 > employees. In addition, there are another 85 specialists in the "Requirements > & Targeting" division (up from 13 specialists in 2008). The number of > software developers is expected to increase from the 2008 level of three to > 38 in 2015. The San Antonio office handles attacks against targets in the > Middle East, Cuba, Venezuela and Colombia, not to mention Mexico, just 200 > kilometers (124 miles) away, where the government has fallen into the NSA's > crosshairs. ..... > When TAO selects a computer somewhere in the world as a target and enters its > unique identifiers (an IP address, for example) into the corresponding > database, intelligence agents are then automatically notified any time the > operating system of that computer crashes and its user receives the prompt to > report the problem to Microsoft. An internal presentation suggests it is > NSA's powerful XKeyscore spying tool that is used to fish these crash reports > out of the massive sea of Internet traffic. .... > A comprehensive internal presentation titled "QUANTUM CAPABILITIES," which > SPIEGEL has viewed, lists virtually every popular Internet service provider > as a target, including Facebook, Yahoo, Twitter and YouTube. "NSA QUANTUM has > the greatest success against Yahoo, Facebook and static IP addresses," it > states. The presentation also notes that the NSA has been unable to employ > this method to target users of Google services. Apparently, that can only be > done by Britain's GCHQ intelligence service, which has acquired QUANTUM tools > from the NSA. .... > Take, for example, when they intercept shipping deliveries. If a target > person, agency or company orders a new computer or related accessories, for > example, TAO can divert the shipping delivery to its own secret workshops. > The NSA calls this method interdiction. At these so-called "load stations," > agents carefully open the package in order to load malware onto the > electronics, or even install hardware components that can provide backdoor > access for the intelligence agencies. All subsequent steps can then be > conducted from the comfort of a remote computer. -- Kim Holburn IT Network & Security Consultant T: +61 2 61402408 M: +61 404072753 mailto:[email protected] aim://kimholburn skype://kholburn - PGP Public Key on request _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
