Sunday, September 1, 2013

US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet

From Slashdot:

"U.S. intelligence services carried out 231 offensive cyber-operations in 2011, the leading edge of a clandestine campaign that embraces the Internet as a theater of spying, sabotage and war, according to top-secret documents [from Edward Snowden]. Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed 'covert implants,' sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions. ... The implants that [an NSA group called Tailored Access Operations (TAO)] creates are intended to persist through software and equipment upgrades, to copy stored data, 'harvest' communications and tunnel into other connected networks. This year TAO is working on implants that “can identify select voice conversations of interest within a target network and exfiltrate select cuts,” or excerpts, according to one budget document. In some cases, a single compromised device opens the door to hundreds or thousands of others."=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Still trying to understand how this was allowed to happen and hasn't been realized by security vendors sooner?

So the Australian Government won't let Huawei bid on projects because suspect that there's spyware on their devices / appliances, yet we now KNOW that devices from US based companies are potentially riddled with US written spyware.

From a technical perspective, the vendors whose routers and firewalls have the malware present MUST have been involved and let it be installed.

The likes of Cisco, Checkpoint etc. would 100% have been involved and allowed this to happen otherwise they would have picked it up.

As other commentators on Slashdot have raised, the problem is that if an exploit is present on a device, there's nothing stopping anyone else in addition to the original installer getting access to the compromised device.

If this article is true (and it looks pretty legit) this is possibly the biggest security breach on a global scale in the last decade.

What legal consequences will the US-based engineers involved now face?

Will be interesting to see if any software makes its way onto the interwebs to check if your router / firewall has been compromised.

I think Obama asked for a cowboy outfit for Christmas and all he got was the NSA...

No comments:

Post a Comment