FacebookTwitterGoogle+RedditEmail

The NSA’s Band of Technology Criminals

by ALFREDO LOPEZ

On this website, we’ve speculated that one outcome of the flood of NSA-centered revelations has been to desensitize U.S. citizens and diminish outrage at what is actually revealed. We are becoming conditioned to the horror story that is the National Security Administration.

Right before Christmas, we got another dose of breath-taking outrageousness through the reporting of a group of journalists courtesy of the German weekly news magazine Der Spiegel. The report profiles the work of a powerful unit of technological thugs called the Tailored Access Operations unit or TAO — either an unfortunate coincidence in naming or a reflection of disdain for another culture.

By the NSA’s own admission, this is among its most important programs and one of its fastest growing. Its existence has already been reported on by the Washington Post based on Edward Snowden information. These Spiegel articles add disturbing details to the picture.

The unit, founded in 1997 and now comprised of an estimated 1,000 technologists and support staff in a half dozen offices nationwide, attacks highly selective and well-protected targets. It steals data, conducts on-line denial of service and other attacks against computers and servers in other countries (including government servers and websites), sneaks into offices and other locations to break open and tamper with computers, and intercepts shipments of equipment to break into those and insert modifications that will allow NSA data capture.

Yet, as frightening as this activity is, perhaps TAO’s greatest attack is on the Internet itself. It has turned a technology that was designed to enable communication among the world’s people into an implement of war and sabotage. In fact, one TAO paper explains the need to “support Computer Network Attacks as an integrated part of military operations.”

In the NSA’s on-line war effort, this is its shock troop, housed separately from all other NSA staff and drawn from the NSA’s elite programmers and hackers. “Their job is breaking into, manipulating and exploiting computer networks, making them hackers and civil servants in one,” the Spiegel report explains. And their assignments are usually to go after those “targets” that have proven most resistant to the NSA’s normal spying and data-capture methods.

Snowden documents demonstrate how wide and pervasive this unit’s work has become. According to Bloomberg Businessweek, TAO operations intercept and collect about two petabytes of data every hour — for reference, a petabyte is a quadrillion bytes of data (the article you’re reading contains about 12,000 bytes).

That almost unfathomable amount of spy information reflects a frenzied level of operation. “During the middle part of the last decade,” the Spiegel report explains, “the special unit succeeded in gaining access to 258 targets in 89 countries — nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.”

The specifics of one profiled operation, targeting Mexico, profile the most routine and basic TAO work. In a project named “Operation Whitetamale”, TAO staffers in Texas zeroed in on Mexico’s Secretariat for Public Security, a 20,000 person agency responsible at the time for overseeing Mexico’s police, counterterrorism, prison system and border police.

The NSA has a section called “Target Selection” that is responsible for listing individuals, organizations and agencies whose data the NSA wants. Some time ago, the Target Selection staff gave TAO a list of Mexican government officials it wanted to spy on. For the most part, these weren’t people suspected of wrong-doing. The NSA wanted to track them to evaluate their performance in the various anti-drug and border-control projects the U.S. is most interested in and their attitudes and internal communications about those programs. In short, they wanted to spy on them.

TAO went to work. They first hacked into the officials’ email accounts (including that of Mexico’s President), probably the easiest of their tasks. Using that as a basis, they then obtained IP addresses (the unique number assigned to every computer on the Internet) for computers used for email. They then captured the individual IP addresses of many Secretariat employees. With that info, they would know when people are on-line and what they’re doing when they are. They captured all kinds of non-public information including conversations, internal reports, meeting minutes and diagrams of the security agencies’ structures and video surveillance. All of it was turned over to the NSA for processing.

But that spying, which caused an outcry in Mexico and a diplomatic mess when discovered, is only a small part of TAO’s activities.

One TAO presentation, revealed in Snowden documents, describes the importance of “Computer Network Exploitation” which means capturing actual control over servers, workstations, firewalls, routers, handsets, phone switches, even SCADA systems (the computerized systems that run factory and industrial operations). If you have control over those systems, not only can you capture data but you can actually shut down communications and even parts of an economy.

If that seems like science-fiction, the Stuxnet program is worth considering. Jointly developed by the United States and Israel, the program targeted Iran’s nuclear industry by unleashing a computer virus that successfully sabotaged the Iranian nuclear research and development program and set it back years. That SCADA attack left as many as 1,000 Iranian centrifuges unusable. It was a form of warfare with absolutely no declaration of war or, for that matter, reliable evidence that Iran was doing anything that might be dangerous to anyone.

Those who think they may be safe from this kind of sabotage because they live in the United States apparently need to think again. The NSA, relying mostly on TAO staff, has been running a huge “hackers’ project”: inserting “trojans” (programs that live on your computer and, when triggered, can do just about anything the hacker wants) on an estimated 85,000 computers world-wide. A trojan can report on every single thing you do on the Internet and some of them can, in fact, destroy all of your stored data.

It’s here that the legal questions arise. If you hack a computer anywhere on earth and start capturing its data you are going to capture data from U.S. citizens because, in a world-wide system like the Internet, people in this country communicate with people in other countries (and from other governments) world-wide. That type of spying on U.S. citizens is, in fact, completely illegal.

What’s more TAO has developed highly sophisticated methods for implanting. Usually trojans are delivered to your computer via emails that unleash the infection when you open them. At this point, many regular Internet users (often burned by a trojan plant) don’t open those emails so their success rate has dropped enormously. But TAO’s trojan-planting success rate is a reported 80 percent based on NSA documents.

The question is what are they doing differently; the answer is that they use Facebook, Yahoo, Twitter and YouTube (among other social networking services) as a kind of backdoor to computers. Users of these services interact with them in scores of ways during an on-line session. TAO has figured out ways to insert the virus during those interactions probably by hacking into the servers these companies maintain.

This kind of “outside server capture” is one of TAO’s major tactics. Apparently the unit’s hackers work assiduously to “capture” servers and computers all over the world. Once they’ve infected non-NSA servers, they use those outside servers to conduct or expand attacks and spying. In short, they recruit computers world-wide to their army without the owners’ permission or knowledge.

The amount of damage that can be done by server capture is nightmare-provoking. According to NSA reports, TAO staff has used these remote stations to perform all types of data capture and even to manipulate the on-line movement of Internet users. In one project, targeting the Belgian telecom company Belgacom, TAO used captured servers to force company engineers to go to NSA websites that were masquerading as the legitimate sites the engineers were seeking. The Belgians thought they were transferring information to their own protected websites but were actually giving all that information to the NSA.

This thirst for stolen data appears insatiable and TAO’s quest for mega-data is expanding constantly. Perhaps the most dramatic example is TAO’s cracking of the “SEA-ME-WE-4”, a massive telecommunications cable system that runs under-water linking Europe with the North Africa, the Gulf States, Pakistan, India and extending to Malaysia and Thailand. TAO hacked the computers managing the system and captured about it. Then the NSA successfully intercepted and captured information on the system’s layout, structure and data handling. This gave it the ability to intercept massive amounts of transferred data; it can even shut the cable’s data transfer down if it wants.

What distinguishes TAO from the rest of the NSA, besides the sophistication and scope of its on-line attacks and data-theft, is its willingness to sneak into offices and server centers and plant data-capture devices into equipment there. This way, collaborating with FBI and CIA personnel, TAO can attack networks that aren’t on the Internet such as office and building-wide networks. According to Snowden documents, the FBI provides jets to ferry TAO staffers to remote locations so they can break into those offices at times when there are few people in a building. They complete their work in a matter of minutes and the information collection or sabotage automatically begins; the documents indicate that there are CIA and FBI personnel in those offices to collect and move the captured data.

The presence of the FBI in these operations is significant. The Bureau, by law, usually investigate domestic targets so, while we don’t know which offices TAO has targeted, it’s logical to assume they are either in or linked to offices in the United States.

In fact, they frequently don’t need to visit offices. TAO intercepts a shipment of computers destined for a target location and routes them to what it calls “load offices” There, TAO staffers expertly open the packages, insert the malware (usually trojans) into the computers, cell phones or other devices, close the package and send the equipment on to its original destination. These offices are receiving equipment that is already hacked and ready to send information to the NSA.

How “illegal” is TAO? When it is used on U.S. citizens or residents, it’s completely illegal and it’s not possible to fathom how these activities could be conducted on the Internet without affecting data coming from or going into this country. When the activities are outside the U.S., the judgements enter the murky world of espionage which has very few rules and prohibitions.

But, illegal or not, these activities are immoral and destructive. The Internet has been built to facilitate human communication world-wide effectively facilitating our collaboration and mutual support as a human race. Programs like TAO cynically and brazenly misuse that functionality as a tool of war. They do just the opposite of why we created the Internet in the first place and stand as tributes to the moral terpitude of the government that rules us.

Alfredo Lopez writes about technology issues for This Can’t Be Happening!

Alfredo Lopez writes about technology issues for This Can’t Be Happening!

More articles by:
Weekend Edition
July 29, 2016
Friday - Sunday
Michael Hudson
Obama Said Hillary will Continue His Legacy and Indeed She Will!
Jeffrey St. Clair
She Stoops to Conquer: Notes From the Democratic Convention
Rob Urie
Long Live the Queen of Chaos
Ismael Hossein-Zadeh
Evolution of Capitalism, Escalation of Imperialism
Margot Kidder
My Fellow Americans: We Are Fools
Ralph Nader
Hillary’s Convention Con
Lewis Evans
Executing Children Won’t Save the Tiger or the Rhino
Vijay Prashad
The Iraq War: a Story of Deceit
Chris Odinet
It Wasn’t Just the Baton Rouge Police Who Killed Alton Sterling
Brian Cloughley
Could Trump be Good for Peace?
Patrick Timmons
Racism, Freedom of Expression and the Prohibition of Guns at Universities in Texas
Gary Leupp
The Coming Crisis in U.S.-Turkey Relations
Pepe Escobar
Is War Inevitable in the South China Sea?
Norman Pollack
Clinton Incorruptible: An Ideological Contrivance
Robert Fantina
The Time for Third Parties is Now!
Andre Vltchek
Like Trump, Hitler Also Liked His “Small People”
Serge Halimi
Provoking Russia
David Rovics
The Republicans and Democrats Have Now Switched Places
Andrew Stewart
Countering The Nader Baiter Mythology
Rev. William Alberts
“Law and Order:” Code words for White Lives Matter Most
Ron Jacobs
Something Besides Politics for Summer’s End
David Swanson
It’s Not the Economy, Stupid
Erwan Castel
A Faith that Lifts Barricades: The Ukraine Government Bows and the Ultra-Nationalists are Furious
Steve Horn
Did Industry Ties Lead Democratic Party Platform Committee to Nix Fracking Ban?
Robert Fisk
How to Understand the Beheading of a French Priest
Colin Todhunter
Sugar-Coated Lies: How The Food Lobby Destroys Health In The EU
Franklin Lamb
“Don’t Cry For Us Syria … The Truth is We Shall Never Leave You!”
Caoimhghin Ó Croidheáin
The Artistic Representation of War and Peace, Politics and the Global Crisis
Frederick B. Hudson
Well Fed, Bill?
Harvey Wasserman
NY Times Pushes Nukes While Claiming Renewables Fail to Fight Climate Change
Elliot Sperber
Pseudo-Democracy, Reparations, and Actual Democracy
Uri Avnery
The Orange Man: Trump and the Middle East
Marjorie Cohn
The Content of Trump’s Character
Missy Comley Beattie
Pick Your Poison
Kathleen Wallace
Feel the About Turn
Joseph Grosso
Serving The Grid: Urban Planning in New York
John Repp
Real Cooperation with Nations Is the Best Survival Tactic
Binoy Kampmark
The Scourge of Youth Detention: The Northern Territory, Torture, and Australia’s Detention Disease
Kim Nicolini
Rain the Color Blue with a Little Red In It
Cesar Chelala
Gang Violence Rages Across Central America
Phillip Kim et al.
Open Letter to Bernie Sanders from Former Campaign Staffers
Tom H. Hastings
Africa/America
Robert Koehler
Slavery, War and Presidential Politics
Charles R. Larson
Review: B. George’s “The Death of Rex Ndongo”
July 28, 2016
Paul Street
Politician Speak at the DNC
FacebookTwitterGoogle+RedditEmail