recommended reading

NSA Intercepts Laptops Purchased Online to Install Malware

An aerial view of the NSA's Utah Data Center in Bluffdale, Utah.

An aerial view of the NSA's Utah Data Center in Bluffdale, Utah. // Rick Bowmer/AP File Photo

According to a new report from Der Spiegel on the National Security Agency's top team of hackers, the agency intercepted electronics purchased online before delivery to install malware and other spying tools. 

NSA's Tailored Access Operations (TAO) division is responsible for the biggest hacks we've learned about in the last year, so Der Spiegel's report is a special look at the methods and madness behind the NSA's all-star team. When a world leader's cell phone is hacked by the NSA, the TAO team is responsible. They're the hackers who can access anyone, anywhere, under any condition. 

TAO hackers can track your digital movements remotely by exploiting security flaws in an operating system, like Windows, for example. (It's a TAO favorite.) But when new-fangled remote access hacking strategies don't work, though, the NSA goes old school. The agency's most-skilled team of hackers does not always work from behind a computer screen. Occasionally a target must be physically intercepted before the NSA can access their information. In these instances, TAO waits for the target to order new electronics. When their surveillance system alerts that Target X just bought a new laptop, the TAO intercepts the mail order, and has the computer delivered to an NSA facility. They then open the package, and install their malware technology onto the target's new computer. The product is then repackaged and sent along its merry way

If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called "load stations," agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.

These minor disruptions in the parcel shipping business rank among the "most productive operations" conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks "around the world."

You have to be on the NSA's target list already in order for this to happen.

Read the full story at TheWire.com.

Threatwatch Alert

Social Media Takeover

Qatar News Agency Says Hackers Published Fake Stories

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.