“The
National Security Agency has had agents in China, Germany, and South
Korea working on programs that use 'physical subversion' to
infiltrate and compromise networks and devices, according to
documents obtained by The Intercept.”
“Previous
disclosures about the NSA’s corporate partnerships have focused
largely on U.S. companies providing the agency with vast amounts of
customer data, including phone records and email traffic. But
documents published today by The Intercept suggest that even as the
agency uses secret operatives to penetrate them, companies have also
cooperated more broadly to undermine the physical infrastructure of
the internet than has been previously confirmed.”
“In
addition to so-called 'close access' operations, the NSA’s 'core
secrets' include the fact that the agency works with U.S. and foreign
companies to weaken their encryption systems; the fact that the NSA
spends 'hundreds of millions of dollars' on technology to defeat
commercial encryption; and the fact that the agency works with U.S.
and foreign companies to penetrate computer networks, possibly
without the knowledge of the host countries. Many of the NSA’s core
secrets concern its relationships to domestic and foreign
corporations.”
“...
the agency also participates in a variety of 'human intelligence'
programs that are grouped under the codename Sentry Osprey. According
to the briefing document’s description of Sentry Osprey, the NSA
'employs its own HUMINT assets (Target Exploitation—TAREX) to
support SIGINT operations.'”
“The
TAREX guide lists South Korea, Germany, and Beijing, China as sites
where the NSA has deployed a 'forward-based TAREX presence;' TAREX
personnel also operate at domestic NSA centers in Hawaii, Texas, and
Georgia. It also states that TAREX personnel are assigned to U.S.
embassies and other 'overseas locations,' but does not specify where.
The document does not say what the 'forward-based' personnel are
doing, or how extensive TAREX operations are. But China, South Korea,
and Germany are all home to large telecommunications equipment
manufacturers, and China is known to be a key target of U.S.
intelligence activities.”
“There
is a long history of overt NSA involvement with American companies,
especially telecommunications and technology firms. Such firms often
have employees with security clearances who openly communicate with
intelligence agencies as part of their duties, so that the government
receives information from the companies that it is legally entitled
to receive, and so that the companies can be alerted to classified
cyber threats. Often, such employees have previously worked at the
NSA, FBI, or the military.”
“...
the NSA is just one intelligence agency that would stand to benefit
from these operations. China’s intelligence establishment is
believed to be just as interested in penetrating American companies
as the NSA is believed to be interested in penetrating Chinese
firms.”
“The
description of Sentry Hawk, which involves attacks on computer
networks, also indicates close ties with foreign as well as American
companies.”
“The
avalanche of NSA disclosures since the Snowden leaks began in 2013
has shattered whatever confidence technologists once had about their
networks. When asked for comment on the latest documents, Prince, the
CEO of CloudFlare, began his response by saying, 'We’re
hyper-paranoid about everything.'”
More:
Comments
Post a Comment