US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet

An anonymous reader sends this news from the Washington Post: "U.S. intelligence services carried out 231 offensive cyber-operations in 2011, the leading edge of a clandestine campaign that embraces the Internet as a theater of spying, sabotage and war, according to top-secret documents [from Edward Snowden]. Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed 'covert implants,' sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions. ... The implants that [an NSA group called Tailored Access Operations (TAO)] creates are intended to persist through software and equipment upgrades, to copy stored data, 'harvest' communications and tunnel into other connected networks. This year TAO is working on implants that “can identify select voice conversations of interest within a target network and exfiltrate select cuts,” or excerpts, according to one budget document. In some cases, a single compromised device opens the door to hundreds or thousands of others."

wow

[alienzed]

that is so cool.

Re:wow

[Zaldarr]

Not to mention fucking terrifying.

Re:wow

[Digital+Ebola]

Yeah. And to think that they can't secure their own networks, hence that Snowden got this out.

Sometimes I wonder if the NSA planted some or all of this stuff to impress the hell out of the world and strike fear into the hearts of the Opposition. I mean, this is straight out of a Sci-Fi plot: Homer Simpsonvich brings one infected iPod into his FSB headquarters, and soon the whole goddamned place is full of programs that are listening in on anything in sight, autonomously making cuts to exfiltrate back to Ft. Meade, copying anything that looks interesting, and surviving whatever the Opponents do to the host machines.

Securing a network is always harder than attacking a network and you can never fully understand a person's intentions when you grant them access. I'm sure a small part of what they publish is a psyop of some kind but for the most part, yes, sci-fi is reality. We are not the only ones doing it and we may not even be the best.

When you start to consider everyone who is "operating" on the Internet, things get really scary, really quick. The new cold war will be one of constant paranoia of an attack that can influence a piece of critical infrastructure. There have been small rumored instances but until the Hiroshima of the online world happens, it will be a constant game of shadows and you never, ever, fully know or understand an operator's capabilities.

Sci-fi, indeed.

Re:wow

This is why the critical infrastructure, whose failure could cost lives and fortunes, doesn't belong on the network. The sluice gates on the dam, the control rods in the reactor, the ventilator machine standing between granny and the reaper—none of that belongs on a network. So what if you have to pay someone to get off his ass and check an inconvenient readout manually: at least that's a job created in an otherwise machine-driven economy.

Re:wow

[ron_ivi]

Norton 360 that is completely worthless against their root kit?

For all we know, Norton 360 might *be* their root kit.

Re:wow

[tragedy]

Considering that the US has been, in recent years espousing the theory that cyber-attacks should be treated as real acts of war, suitable for real retaliation with real weapons, I would say it's pretty terrifying.

Re:wow

[rainer_d]

This is why the critical infrastructure, whose failure could cost lives and fortunes, doesn't belong on the network.

Didn't help Iran when STUXNET hit, did it?
The truth is: if you have no network-connection, people start using USB-sticks over and over - which creates a completely different attack-surface.
Air-gapping critical infrastructure isn't a bad idea - but it can't be an excuse to not secure these system at all.

Allies?

[rtb61]

Allies, "ALLIES", we don't need no stinkin' Allies. All of it, ALL OF IT, ours, we, want it all, exploit it, burn it, the whole world, it's ours, Ours, OURS.

Seriously out of control. Looks like Chinese hardware is the least of the worlds problems. With the US Stupidity Services trying to purposefully break everyone's networks and insert back doors that only they, and their contractors, and anyone who wants to pay those contractors knows about.

Morons there is no such thing as an exclusive back door. Once you broken the security of other countries networks, you leave access for anyone waiting to exploit, bet anything you like those morons did not at all to monitor and ensure those back doors were not exploited by others. I wonder how many times now the US government has blatantly lied about cyber attacks they launched that have been discovered and then blamed on other countries and pseudo organisation like Anonymous.

How many attacks have they launched they were designed to do nothing else but increase their budget?

Re:Allies?

[NoKaOi]

Personally, I take comfort in knowing that this will only be used against foreigner's computers, since I am a US citizen. Just like how we were assured the collection of phone data only applied to foreigners. Damn it, why does my CPU usage keep spiking?

Re:Allies?

[erikkemperman]

John Bolton [theguardian.com] has a more nuanced view. No doubt you will disagree.

I'm not particularly nuanced, I don't suppose. Point taken. But are you now posting op-eds in support of your claim? By John Bolton, no less... The pinnacle of nuance, to be sure. But all right, rather than shoot the messenger, which would be easy here, let's look at what he wrote. (Note to others, the following quotes are Bolton, not cold fjord)

Snowden initially violated his oath to safeguard the national security secrets entrusted to him by revealing National Security Agency (NSA) programs arguably affecting the privacy of US citizens

Conventiently not mentioning his other, more fundamental, oath to protect the US constitution? Also, "arguably affecting the privacy"... We can omit the "arguably" here, it seems to me; that has been Snowden's main point (which has not been creditably disputed, as far as I know).

Snowden's sympathizers and anti-American activists have so far largely controlled his story line

Cleverly mentioning "Snowden sympathizers" and "anti-American activists" in close conjunction. The implication being, without actually demonstrating, that they are one and the same. Echoes of Al-Qaeda and Iraq, a decade ago. Bolton's statement that these have "controlled the story line" is arguably true, but not for lack of trying.

We do not yet know whether Snowden jeopardized US agents, but vital sources and methods of intelligence gathering and operations are clearly at risk

Hm, that contradicts the point you were making about how thousands of operatives were already in grave danger. Although I suppose you will say that you were talking about UK operatives. Ok, I'll give you that, sort of.

Snowden has given Beijing something it couldn't achieve on its own: moral equivalence. Now, China can portray itself as a victim, besieged by America, and simply trying to defend itself.

Do you really not see the hypocrisy here? For years the West has accused China and Russia of doing exactly what they were themselves doing all along. So the "damage" here is that the falsely claimed moral highground is now exposed as dishonest fiction.

Snowden's initial leaks on NSA programs also caused substantial political harm, above and beyond the intelligence damage. Several European governments which co-operated with the US are now predictably running for the tall grass, endangering the continuity of existing programs and damaging prospects for future co-operation

Again, taking for granted that *of course* the US were spying on allies, this doesn't even need defending in Bolton's world. The damage is in showing the hypocrisy. Bolton thinks this is a wonderful argument, I say that this statement, coming from a senior US (ex)official, just discredits US diplomacy even further.

As with the Bradley Manning/WikiLeaks exposure of thousands of classified State Department and Pentagon cables, Europeans want to know why Washington can't protect sensitive information.

False, Europeans want to know why their supposed partners in Washington are treating them like adversaries. The bulk of the cables, I might add, turned out to be "embarrassing" rather than "dangerous" to the US.

But Beijing does not deserve moral equivalence, given the intensity of its cyber-attacks against America. The key point is that China struck first, developing a pronounced asymmetric advantage.

I don't know who struck first, if that even makes sense, but I notice Bolton doesn't give any argument to support his claim. What has been revealed though, is that the West was striking for a long time while publicly denying it.

Then he does a bit of character assassination, I am in no position to judge either way. My personal impression, though it should not count for much, is that Snowd

It may be a coincidence

[sandbagger]

But I can't find a single typewriter in any antique shops any more.

Re:Now, for the other angle, is this treason?

[oheso]

Whistleblowing on a secret US government agency that's governed (if at all) by secret laws and secret courts, and is clearly out of control? Sorry, that would never cross the line into treason. It's the agency which is breaking the law.

Re:Now, for the other angle, is this treason?

[tragedy]

What operatives? None of the people involved in this are working undercover, they're working in cubicles in office blocks in the US.

Re:at what point do illegal, secret acts of war

[Jmc23]

We aren't talking about the beacon of the free world, we're talking about the USA!

Re:Now, for the other angle, is this treason?

[c0lo]

If Snowden leaked this at this point he's exposing information on operations, methods, everything. At what point does it cross the line and become treason? Is there a line which gets crossed where every Snowden supporter would say "this has gone too far"?

As a non-US citizen and potentially impacted by the US govt actions, I don't have any incentive to say "this has gone too far".

Re:Serious question for the Linux community

[tftp]

I bet that if such a backdoor was discovered by China or Russia, that they'd use it as a propaganda weapon and we'd thus know about it.

It would be more realistic to expect them to use the backdoor to their advantage, while it lasts.

Some backdoors are very hard to detect because there is no obvious bug or a backdoor in any one place; with the size of the code base as it is, who would be crawling through the source of some USB driver that works just fine? As a crude example:

static int a[MAX_LENGTH];
void ioctl_handler(int i, int d) {
int *p = &a[0] + GetOffset(i, MAX_LENGTH);
*p = d;
}

There is no bug here. Now, elsewhere:

int GetOffset(int i, int len) { return (i < len?) i : (len-1); }

Welcome to poking any RAM location of your choice (limited only by sizeof(int).)

Re:holy shit

[wmac1]

Then you shouldn't take and store photos and videos (obviously using and on your computer). You shouldn't use phone (since it has a microphone and possibly camera).. You shouldn't use Windows, ... and Android, ...oh and Linux and almost every connected device and software.

Basically it is a frightening fact that we can hardly run from ubiquitous surveillance since the whole connected electronics devices can be used for spying on us. Unless you leave in a farm, do not have communication devices and spend cash only. But I doubt even that would be enough.

Can we have Orwell's 1984 instead?

Re:Now, for the other angle, is this treason?

[Sabriel]

That's seriously a good question. The ironic answer is that the knowledge that would be sufficient to make an informed decision (as to where the line should be other than an annoyingly vague "whatever doesn't make it worse for humanity") is being withheld from us. Any actual example we could use would be based on what we already know, which isn't going to be whatever the government is still keeping secret - the good _and_ the bad.

Which puts us all between something of a rock and a hard place.

Having read this particular article, it doesn't mention any specific operations, nor any specific methods. I say "specific" because, while it does reveal that the US government is exploiting vulnerabilities in software and hardware (really not a surprise), it does not reveal specifics that would allow an enemy to distinguish between "US government exploit" and "random joe exploit".

I also found this part interesting: "The NSA designs most of its own implants, but it devoted $25.1 million this year to “additional covert purchases of software vulnerabilities” from private malware vendors, a growing gray-market industry based largely in Europe." Apparently, providing 25.1 million dollars of additional demand for unethical behaviour is now within the NSA's newest line in the sand, to go along with global warrant-less electronic surveillance of everyone including its own citizens within its own borders.

Which means here's the thing:

The US government crossed its constitutional line under a veil of secrecy from its own people and then said: I'll keep going.
Edward Snowden crossed his personal line under the orders of the US government and then said: I'm turning whistleblower.

So right now, I'm a lot more worried about the US government's limits than Snowden's.

Re:Now, for the other angle, is this treason?

[sjames]

That depends of if we decide the NSA has gone far enough to be considered a domestic enemy of the people. It lies to congress, it lies to the citizens, and it may be lying to the president as well. That doesn't sound much like a legit government agency. It spies on Americans and subverts the Constitution. That sounds like something an enemy does.