Of all the National Security Agency headlines from the past couple of weeks, the most prominent has been use of the FBI and CIA to intercept shipments of PCs and other electronics gear to install spyware. The reports raise a bit of irony, as the U.S. has warned that China has done the same thing by installing so-called backdoors on Huawei devices.
The latest revelations surfaced over the weekend in a report by Der Spiegel, a German news magazine. While the story cites NSA documents, it does not specifically name former NSA contract employee Edward Snowden as the source.
Office of Tailored Access Operations
The Der Spiegel report details the NSA's use of a special task force called the Office of Tailored Access Operations, or TAO, which is more capable of carrying out these blatant security attacks. Based upon prior documents, it seems as though the NSA generally relies on passive spying to attain its massive collection of data, but in some situations, TAO takes over when those passive activities are not enough.
"This gets them to their destination at the right time and can help them to disappear again undetected after even as little as a half hour's work," Der Spiegel said. Cisco Systems, Juniper Networks, Dell, Seagate, Western Digital, Maxtor, Samsung, and Huawei, were all named in the magazine's report.
TAO documents counted 279 operations globally in which the task force was actively involved in 2010. Laptop and desktop computers and their accessories were a primary target, with shipments intercepted through the help of the FBI and CIA so that spyware could be installed, but the documents cited other targets successfully penetrated, including an underwater communications cable network and Mexico's security service.
While the report did not directly implicate the named companies in any sort of scandal, some executives are already accepting the fact that the NSA could have intercepted packages to accomplish its goals.
"We read the media reports, and we've noted the references to Huawei and our peers," William Plummer, a Huawei vice president told Wired. "As we have said, over and over again -- and as now seems to be validated -- threats to networks and data integrity can come from any and many sources."
The latest report on the NSA is ironic in that U.S. officials have warned that China could be doing the same types of things that the NSA now is accused of doing.
In 2012, the U.S. House Intelligence Committee went so far as to release a report urging that equipment from Huawei, a Chinese company, should not be used, as it was likely that the Chinese government had compromised Huawei's products. Huawei has never been able to prove that China is not compromising its devices but that no longer seems to matter, as the NSA is doing it as well.
The only legitimate difference between U.S. statements against Huawei and what the NSA is doing is that the U.S. had envisioned a scenario in which Huawei executives were cooperating with Chinese officials. That differs from what appears to be happening in the U.S., where the NSA is reportedly going behind the companies' backs to hack devices.
Posted: 2013-12-31 @ 5:55pm PT
Privacy is more important now than ever before. We may not be able to hide from the NSA, but we can stop using sites like Facebook and Google. Just think about it. If you care so much about your privacy, if you are outraged by all of the NSA spying, then WHY are you using facebook and google. Those companies are just as bad, if not worse, than the NSA. This is why I advocate using privacy-based sites such as DuckDuckGo, Ravetree, HushMail, etc.