Feedback
Tech
NSA Snooping

NSA's Malware Methods Outed in Latest Leak

The latest report from the top-secret documents that former National Security Agency contractor Edward Snowden made off with describes the agency's efforts to infect and monitor PCs much in the way ordinary hackers do. The methods aren't particularly original, but the scale of the operations is huge.

Ryan Gallagher and Glenn Greenwald reported on the revelations in great detail, but the takeaway is fairly straightforward. The NSA is employing hacking tools that will sound familiar to anyone in the security field: browser exploits, man-in-the-middle attacks and plain old spam.

Andreas Franke / picture-alliance/dpa/AP

The difference between the NSA and a garden-variety hacker, however, is that the NSA has extraordinary access to critical infrastructure like Internet backbones. An attack that's impossible for a single Russian hacker to pull off becomes child's play when the NSA attempts it because of the privileges afforded to a federal intelligence agency.

In addition, the scope of the surveillance is large enough that a separate system for managing the malware and data had to be created. This automated infection and control mechanism again raises the question of whether the surveillance has sufficient oversight.

Gallagher and Greenwald's report is bursting with program code names: Hammerstein, Fashioncleft, Turmoil, Pressure Wave, Metrotube, and Toygrippe all figure in a single slide. It's clear the NSA has a robust software ecosystem for writing and deploying malware, and the agency is actively expanding the program.

For more information, check out the rest of the post at FirstLook.org.