recommended reading

NSA Intercepts Laptops Purchased Online to Install Malware

An aerial view of the NSA's Utah Data Center in Bluffdale, Utah.

An aerial view of the NSA's Utah Data Center in Bluffdale, Utah. // Rick Bowmer/AP File Photo

According to a new report from Der Spiegel on the National Security Agency's top team of hackers, the agency intercepted electronics purchased online before delivery to install malware and other spying tools. 

NSA's Tailored Access Operations (TAO) division is responsible for the biggest hacks we've learned about in the last year, so Der Spiegel's report is a special look at the methods and madness behind the NSA's all-star team. When a world leader's cell phone is hacked by the NSA, the TAO team is responsible. They're the hackers who can access anyone, anywhere, under any condition. 

TAO hackers can track your digital movements remotely by exploiting security flaws in an operating system, like Windows, for example. (It's a TAO favorite.) But when new-fangled remote access hacking strategies don't work, though, the NSA goes old school. The agency's most-skilled team of hackers does not always work from behind a computer screen. Occasionally a target must be physically intercepted before the NSA can access their information. In these instances, TAO waits for the target to order new electronics. When their surveillance system alerts that Target X just bought a new laptop, the TAO intercepts the mail order, and has the computer delivered to an NSA facility. They then open the package, and install their malware technology onto the target's new computer. The product is then repackaged and sent along its merry way

If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called "load stations," agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.

These minor disruptions in the parcel shipping business rank among the "most productive operations" conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks "around the world."

You have to be on the NSA's target list already in order for this to happen.

Read the full story at TheWire.com.

Threatwatch Alert

Accidentally leaked credentials / Software vulnerability

Cloudflare Bug Leaked Passwords, Dating Chats and Other Sensitive Info for Months

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.