Sometimes it appears that the world’s most modern spies are just as reliant on conventional methods of reconnaissance as their predecessors.
Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called “load stations,” agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.
These minor disruptions in the parcel shipping business rank among the “most productive operations” conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks “around the world.”
Boldfaced emphasis added by me.
I remember a TV report about our Dubya-led attack on Iraq. It bragged that we blinded some of Iraq’s defenses by installing malware on a printer.
So all those things you’ve been merrily ordering online?
I’d consider them all to be compromised.
This is a good reason to buy in-person at brick and mortar stores.
If those stores don’t grab onto this lifeline, they deserve to die.
And if they die, we’re all doomed.
Same-day update: The more I think about this, the more I don’t like it.
Are FedEx and UPS now arms of the NSA?
How can interdiction even work on something sent overnight? Can they get a subpoena for a package that fast?
How many complaints to Amazon about overnight deliveries being late are due to NSA interception and tinkering? Does Amazon know about this?
What about all those computers people buy online from Apple?
Can the NSA even tamper with tablets and phones before delivery?
And notice that wording: “or related accessories.” What else can they interfere with and turn into a spying machine?
Second same-day update: The NSA is poisoning the entire well.
What if you buy used electronics that have been tampered with to turn them into a spying machine? How would you ever know?
What happens to packages that are stolen before they’re delivered to the target?
And just because someone buys something, it doesn’t mean they’re the end user. How does the NSA know if something is being bought as a gift?
This entire thing gets even worse the more I think about it.
Third same-day update: Catalog Advertises NSA Toolbox
A rigged monitor cable that allows “TAO personnel to see what is displayed on the targeted monitor,” for example, is available for just $30. But an “active GSM base station” — a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones — costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million.
The ANT division doesn’t just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer’s motherboard that is the first thing to load when a computer is turned on.
This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this “Persistence” and believe this approach has provided them with the possibility of permanent access.
Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung, all of which, with the exception of latter, are American companies. Here, too, it appears the US intelligence agency is compromising the technology and products of American companies.
Yep, it just gets worse.
Imagine buying a used PC with a spying BIOS! Or being given a used hard drive with spying firmware! And how could anyone ever dream a simple cable could be spying?