FacebookTwitterGoogle+RedditEmail

The NSA’s Band of Technology Criminals

by ALFREDO LOPEZ

On this website, we’ve speculated that one outcome of the flood of NSA-centered revelations has been to desensitize U.S. citizens and diminish outrage at what is actually revealed. We are becoming conditioned to the horror story that is the National Security Administration.

Right before Christmas, we got another dose of breath-taking outrageousness through the reporting of a group of journalists courtesy of the German weekly news magazine Der Spiegel. The report profiles the work of a powerful unit of technological thugs called the Tailored Access Operations unit or TAO — either an unfortunate coincidence in naming or a reflection of disdain for another culture.

By the NSA’s own admission, this is among its most important programs and one of its fastest growing. Its existence has already been reported on by the Washington Post based on Edward Snowden information. These Spiegel articles add disturbing details to the picture.

The unit, founded in 1997 and now comprised of an estimated 1,000 technologists and support staff in a half dozen offices nationwide, attacks highly selective and well-protected targets. It steals data, conducts on-line denial of service and other attacks against computers and servers in other countries (including government servers and websites), sneaks into offices and other locations to break open and tamper with computers, and intercepts shipments of equipment to break into those and insert modifications that will allow NSA data capture.

Yet, as frightening as this activity is, perhaps TAO’s greatest attack is on the Internet itself. It has turned a technology that was designed to enable communication among the world’s people into an implement of war and sabotage. In fact, one TAO paper explains the need to “support Computer Network Attacks as an integrated part of military operations.”

In the NSA’s on-line war effort, this is its shock troop, housed separately from all other NSA staff and drawn from the NSA’s elite programmers and hackers. “Their job is breaking into, manipulating and exploiting computer networks, making them hackers and civil servants in one,” the Spiegel report explains. And their assignments are usually to go after those “targets” that have proven most resistant to the NSA’s normal spying and data-capture methods.

Snowden documents demonstrate how wide and pervasive this unit’s work has become. According to Bloomberg Businessweek, TAO operations intercept and collect about two petabytes of data every hour — for reference, a petabyte is a quadrillion bytes of data (the article you’re reading contains about 12,000 bytes).

That almost unfathomable amount of spy information reflects a frenzied level of operation. “During the middle part of the last decade,” the Spiegel report explains, “the special unit succeeded in gaining access to 258 targets in 89 countries — nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.”

The specifics of one profiled operation, targeting Mexico, profile the most routine and basic TAO work. In a project named “Operation Whitetamale”, TAO staffers in Texas zeroed in on Mexico’s Secretariat for Public Security, a 20,000 person agency responsible at the time for overseeing Mexico’s police, counterterrorism, prison system and border police.

The NSA has a section called “Target Selection” that is responsible for listing individuals, organizations and agencies whose data the NSA wants. Some time ago, the Target Selection staff gave TAO a list of Mexican government officials it wanted to spy on. For the most part, these weren’t people suspected of wrong-doing. The NSA wanted to track them to evaluate their performance in the various anti-drug and border-control projects the U.S. is most interested in and their attitudes and internal communications about those programs. In short, they wanted to spy on them.

TAO went to work. They first hacked into the officials’ email accounts (including that of Mexico’s President), probably the easiest of their tasks. Using that as a basis, they then obtained IP addresses (the unique number assigned to every computer on the Internet) for computers used for email. They then captured the individual IP addresses of many Secretariat employees. With that info, they would know when people are on-line and what they’re doing when they are. They captured all kinds of non-public information including conversations, internal reports, meeting minutes and diagrams of the security agencies’ structures and video surveillance. All of it was turned over to the NSA for processing.

But that spying, which caused an outcry in Mexico and a diplomatic mess when discovered, is only a small part of TAO’s activities.

One TAO presentation, revealed in Snowden documents, describes the importance of “Computer Network Exploitation” which means capturing actual control over servers, workstations, firewalls, routers, handsets, phone switches, even SCADA systems (the computerized systems that run factory and industrial operations). If you have control over those systems, not only can you capture data but you can actually shut down communications and even parts of an economy.

If that seems like science-fiction, the Stuxnet program is worth considering. Jointly developed by the United States and Israel, the program targeted Iran’s nuclear industry by unleashing a computer virus that successfully sabotaged the Iranian nuclear research and development program and set it back years. That SCADA attack left as many as 1,000 Iranian centrifuges unusable. It was a form of warfare with absolutely no declaration of war or, for that matter, reliable evidence that Iran was doing anything that might be dangerous to anyone.

Those who think they may be safe from this kind of sabotage because they live in the United States apparently need to think again. The NSA, relying mostly on TAO staff, has been running a huge “hackers’ project”: inserting “trojans” (programs that live on your computer and, when triggered, can do just about anything the hacker wants) on an estimated 85,000 computers world-wide. A trojan can report on every single thing you do on the Internet and some of them can, in fact, destroy all of your stored data.

It’s here that the legal questions arise. If you hack a computer anywhere on earth and start capturing its data you are going to capture data from U.S. citizens because, in a world-wide system like the Internet, people in this country communicate with people in other countries (and from other governments) world-wide. That type of spying on U.S. citizens is, in fact, completely illegal.

What’s more TAO has developed highly sophisticated methods for implanting. Usually trojans are delivered to your computer via emails that unleash the infection when you open them. At this point, many regular Internet users (often burned by a trojan plant) don’t open those emails so their success rate has dropped enormously. But TAO’s trojan-planting success rate is a reported 80 percent based on NSA documents.

The question is what are they doing differently; the answer is that they use Facebook, Yahoo, Twitter and YouTube (among other social networking services) as a kind of backdoor to computers. Users of these services interact with them in scores of ways during an on-line session. TAO has figured out ways to insert the virus during those interactions probably by hacking into the servers these companies maintain.

This kind of “outside server capture” is one of TAO’s major tactics. Apparently the unit’s hackers work assiduously to “capture” servers and computers all over the world. Once they’ve infected non-NSA servers, they use those outside servers to conduct or expand attacks and spying. In short, they recruit computers world-wide to their army without the owners’ permission or knowledge.

The amount of damage that can be done by server capture is nightmare-provoking. According to NSA reports, TAO staff has used these remote stations to perform all types of data capture and even to manipulate the on-line movement of Internet users. In one project, targeting the Belgian telecom company Belgacom, TAO used captured servers to force company engineers to go to NSA websites that were masquerading as the legitimate sites the engineers were seeking. The Belgians thought they were transferring information to their own protected websites but were actually giving all that information to the NSA.

This thirst for stolen data appears insatiable and TAO’s quest for mega-data is expanding constantly. Perhaps the most dramatic example is TAO’s cracking of the “SEA-ME-WE-4”, a massive telecommunications cable system that runs under-water linking Europe with the North Africa, the Gulf States, Pakistan, India and extending to Malaysia and Thailand. TAO hacked the computers managing the system and captured about it. Then the NSA successfully intercepted and captured information on the system’s layout, structure and data handling. This gave it the ability to intercept massive amounts of transferred data; it can even shut the cable’s data transfer down if it wants.

What distinguishes TAO from the rest of the NSA, besides the sophistication and scope of its on-line attacks and data-theft, is its willingness to sneak into offices and server centers and plant data-capture devices into equipment there. This way, collaborating with FBI and CIA personnel, TAO can attack networks that aren’t on the Internet such as office and building-wide networks. According to Snowden documents, the FBI provides jets to ferry TAO staffers to remote locations so they can break into those offices at times when there are few people in a building. They complete their work in a matter of minutes and the information collection or sabotage automatically begins; the documents indicate that there are CIA and FBI personnel in those offices to collect and move the captured data.

The presence of the FBI in these operations is significant. The Bureau, by law, usually investigate domestic targets so, while we don’t know which offices TAO has targeted, it’s logical to assume they are either in or linked to offices in the United States.

In fact, they frequently don’t need to visit offices. TAO intercepts a shipment of computers destined for a target location and routes them to what it calls “load offices” There, TAO staffers expertly open the packages, insert the malware (usually trojans) into the computers, cell phones or other devices, close the package and send the equipment on to its original destination. These offices are receiving equipment that is already hacked and ready to send information to the NSA.

How “illegal” is TAO? When it is used on U.S. citizens or residents, it’s completely illegal and it’s not possible to fathom how these activities could be conducted on the Internet without affecting data coming from or going into this country. When the activities are outside the U.S., the judgements enter the murky world of espionage which has very few rules and prohibitions.

But, illegal or not, these activities are immoral and destructive. The Internet has been built to facilitate human communication world-wide effectively facilitating our collaboration and mutual support as a human race. Programs like TAO cynically and brazenly misuse that functionality as a tool of war. They do just the opposite of why we created the Internet in the first place and stand as tributes to the moral terpitude of the government that rules us.

Alfredo Lopez writes about technology issues for This Can’t Be Happening!

Alfredo Lopez writes about technology issues for This Can’t Be Happening!

More articles by:
Weekend Edition
June 24, 2016
Friday - Sunday
John Pilger
A Blow for Peace and Democracy: Why the British Said No to Europe
Pepe Escobar
Goodbye to All That: Why the UK Left the EU
Michael Hudson
Revolts of the Debtors: From Socrates to Ibn Khaldun
Andrew Levine
Summer Spectaculars: Prelude to a Tea Party?
Kshama Sawant
Beyond Bernie: Still Not With Her
Mike Whitney
¡Basta Ya, Brussels! British Voters Reject EU Corporate Slavestate
Tariq Ali
Panic in the House: Brexit as Revolt Against the Political Establishment
Paul Street
Miranda, Obama, and Hamilton: an Orwellian Ménage à Trois for the Neoliberal Age
Ellen Brown
The War on Weed is Winding Down, But Will Monsanto Emerge the Winner?
Gary Leupp
Why God Created the Two-Party System
Conn Hallinan
Brexit Vote: a Very British Affair (But Spain May Rock the Continent)
Ruth Fowler
England, My England
Jeffrey St. Clair
Lines Written on the Occasion of Bernie Sanders’ Announcement of His Intention to Vote for Hillary Clinton
Norman Pollack
Fissures in World Capitalism: the British Vote
Paul Bentley
Mercenary Logic: 12 Dead in Kabul
Binoy Kampmark
Parting Is Such Sweet Joy: Brexit Prevails!
Elliot Sperber
Show Me Your Papers: Supreme Court Legalizes Arbitrary Searches
Jan Oberg
The Brexit Shock: Now It’s All Up in the Air
Nauman Sadiq
Brexit: a Victory for Britain’s Working Class
Brian Cloughley
Murder by Drone: Killing Taxi Drivers in the Name of Freedom
Ramzy Baroud
How Israel Uses Water as a Weapon of War
Brad Evans – Henry Giroux
The Violence of Forgetting
Ben Debney
Homophobia and the Conservative Victim Complex
Margaret Kimberley
The Orlando Massacre and US Foreign Policy
David Rosen
Americans Work Too Long for Too Little
Murray Dobbin
Do We Really Want a War With Russia?
Kathy Kelly
What’s at Stake
Louis Yako
I Have Nothing “Newsworthy” to Report this Week
Pete Dolack
Killing Ourselves With Technology
David Krieger
The 10 Worst Acts of the Nuclear Age
Lamont Lilly
Movement for Black Lives Yields New Targets of the State
Martha Rosenberg
A Hated Industry Fights Back
Robert Fantina
Hillary, Gloria and Jill: a Brief Look at Alternatives
Chris Doyle
No Fireworks: Bicentennial Summer and the Decline of American Ideals
Michael Doliner
Beyond Dangerous: the Politics of Climate
Colin Todhunter
Modi, Monsanto, Bayer and Cargill: Doing Business or Corporate Imperialism?
Steve Church
Brexit: a Rush for the Exits!
Matthew Koehler
Mega Corporation Gobbles Up Slightly Less-Mega Corporation; Chops Jobs to Increase Profits; Blames Enviros. Film at 11.
David Green
Rape Culture, The Hunting Ground, and Amy Goodman: a Critical Perspective
Ed Kemmick
Truckin’: Pro Driver Dispenses Wisdom, Rules of the Road
Alessandro Bianchi
“China Will React if Provoked Again: You Risk the War”: Interview with Andre Vltchek
Christy Rodgers
Biophilia as Extreme Sport
Missy Comley Beattie
At Liberty
Ron Jacobs
Is Everything Permitted?
Cesar Chelala
The Sad Truth About Messi
FacebookTwitterGoogle+RedditEmail