Home page logo
/

isn logo Information Security News mailing list archives

NSA's automated hacking engine offers hands-free pwning of the world
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 13 Mar 2014 05:47:54 +0000 (UTC)

http://arstechnica.com/information-technology/2014/03/nsas-automated-hacking-engine-offers-hands-free-pwning-of-the-world/

By Sean Gallagher
Ars Technica
March 12, 2014

Since 2010, the National Security Agency has kept a push-button hacking system called Turbine that allows the agency to scale up the number of networks it has access to from hundreds to potentially millions. The news comes from new Edward Snowden documents published by Ryan Gallagher and Glenn Greenwald in The Intercept today. The leaked information details how the NSA has used Turbine to ramp up its hacking capacity to "industrial scale," plant malware that breaks the security on virtual private networks (VPNs) and digital voice communications, and collect data and subvert targeted networks on a once-unimaginable scale.

Turbine is part of Turbulence, the collection of systems that also includes the Turmoil network surveillance system that feeds the NSA's XKeyscore surveillance database. While it is controlled from NSA and GCHQ headquarters, it is a distributed set of attack systems equipped with packaged "exploits" that take advantage of the ability the NSA and GCHQ have to insert themselves as a "man in the middle" at Internet chokepoints. Using that position of power, Turbine can automate functions of Turbulence systems to corrupt data in transit between two Internet addresses, adding malware to webpages being viewed or otherwise attacking the communications stream.

Since Turbine went online in 2010, it has allowed the NSA to scale up from managing hundreds of hacking operations each day to handling millions of them. It does so by taking people out of the loop of managing attacks, instead using software to identify, target, and attack Internet-connected devices by installing malware referred to as "implants." According to the documents, NSA analysts can simply specify the type of information required and let the system figure out how to get to it without having to know the details of the application being attacked.

The "selectors" that analysts can use to target victims through Turbine are significant. Using Turmoil as a targeting system, Turbine can look for identifying cookies from a number of Web services, including Google, Yahoo, Twitter, Facebook, Hotmail, and DoubleClick, as well as those from the Russian services Mail.ru, Rambler, and Yandex. Those cookies are all available for targeting purposes, as is user account information from a whole host of services.

[...]



--
Find the best IT Security talent without breaking your recruiting budget.
Jobs cross-posted to Simply Hired, Facebook and LinkedIn.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/


  By Date           By Thread  

Current thread:
  • NSA's automated hacking engine offers hands-free pwning of the world InfoSec News (Mar 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault