Latest leak exposes how government agents “hunt” network system administrators to get data
Source: Steve Watson
The latest leak to come from the Edward Snowden treasure trove of NSA documents shows how those working for the NSA really feel about spying on people who have done nothing wrong – they love it.
Public comments by NSA officials usually run along the lines of how unfortunate it is that the agency has to collect so much data and analyse it to look for bad guys. However, in private, as we will see, some who work for the NSA think it’s actually a great thing because it means NSA can spy on whoever they want, whenever they want.
The following screen shot emphasizes this, as one hacker working for the NSA literally brags about how good he thinks trawling masses of data is, describing the ability as “down right cool” and “just plain awesome”.
“One of the coolest things about it is how much data we have at our fingertips.” the unnamed official in NSA’s Signals Intelligence Directorate writes, adding that it’s awesome that spooks have the “ability to pull bits out of random places of the Internet, bring them back to the mother-base.”
The documents (full set here) were released by The Intercept, the new online home of Glenn Greenwald and several other journalists with access to Snowden’s leaks. The posts were published in 2012 on an internal NSA discussion board hosted on the agency’s classified servers.
The arrogant tone of the posts, which even come complete with “current mood” emoticons, reads like that of a teenage hacker operating in his mom’s basement. One post is signed off with “Current mood: devious,” while another states “Current mood: scheming.” The writer frequently uses common internet slang such as ‘pwn’, ‘skillz’, ‘zomg’, and ‘internetz’.
In reality, however, this hacker has the US government and every tool that comes with it fully behind him.
In a second post, the hacker admits that the NSA “hunts” sys admins, system administrators who control computer networks, across which much communications data flows. The post describes how the NSA targets the private email and Facebook accounts of sys admins, in an effort to garner information useful for hacking into their computers and gaining access to the entire network of computers they control.
“By infiltrating the computers of system administrators who work for foreign phone and Internet companies, the NSA can gain access to the calls and emails that flow over their networks.” The Intercept notes.
Those targeted are not suspected of any wrong doing, they are merely seen as “the person that already has the ‘keys to the kingdom’” as one of the posts says, adding that sys admins are just “a means to an end.”
As was recently revealed in another expose, the NSA uses so-called QUANTUM hacking techniques to covertly inject surveillance malware into the computers of such targets. One method of doing this, as revealed by the leaks, was for the NSA to masquerade as a Facebook server, tricking computers into accepting malicious packets, and allowing NSA to infect them and harvest data from them.
“Just pull those selectors, queue them up for QUANTUM, and proceed with the pwnage,” the hacker writes, using hacker abbreviation for “pure ownage”, meaning ‘owning a target or opponent’. “Yay! /throws confetti in the air.” the NSA employee sarcastically adds.
The posts also reveal that the NSA sought to collate a huge database of sys admins whose networks the agency could infiltrate and compromise to grab data on any person of interest using the network.
“It is unclear how precise the NSA’s hacking attacks are or how the agency ensures that it excludes Americans from the intrusions.” the latest report adds, highlighting how the NSA continually justifies this activity by claiming it only targets foreign entities and individuals.
The NSA hacker makes no mention of any precaution taken by the NSA to prevent the targeting of any Americans who work as sys admins for foreign networks. Such activity, which we already know the NSA has engaged in, would be unconstitutional and illegal.