Feds Waged Hundreds Of Cyberattacks On Other Countries; Spent $25 Million Buying Vulnerabilities
from the we-are-the-cybersecurity-threat dept
It’s pretty typical for companies and governments hoping to “bury” important bad news to release it late on a Friday evening, hoping to miss the news cycle. If you’re extra lucky, that Friday happens to come right before a long weekend, such as Labor Day. But, for the life of me, I can’t figure out why a major news publication, like the Washington Post would break a big story on a Friday night before Labor Day weekend, pretty much guaranteeing that it doesn’t get very much attention at all. Very bizarre — but we figured we’d try to bring this story to you guys on Tuesday, back after the week is underway so the story doesn’t get lost. The details: as suspected, the US is actually one of the leading proponents of offensive cyberattacks. This isn’t a huge surprise, since they’ve more or less admitted to having “broad powers” but there have been questions both about the rules of engagement and just how often the US uses these capabilities.
Wonder no more. The Washington Post’s Barton Gellman has the story from the black budget, showing 231 offensive cyber-operations in 2011, a number that likely went up quite a bit in 2012 (and again in 2013). For all the hype about “cybersecurity” threats from abroad, it still looks like the biggest cybersecurity threat out there is our own government. And, yes, everyone already knows about Stuxnet, and it sounds like most of these offensive efforts aren’t nearly as ambitious, but there’s still a lot going on.
Separately, the story confirms earlier reports that the US government is a huge purchaser of exploits from various hackers, choosing to exploit them, rather than use them to help protect our systems. For 2013, the feds budgeted $25.1 million for the “additional covert purchases of software vulnerabilities.” But, that’s really on a fraction of the number of exploits. The report notes that most vulnerabilities the NSA uses actually are designed at home.
Also those few hundred attacks appear to downplay the capabilities of the NSA (and the CIA) should they want to do more, because it sounds like they’ve hacked into a variety of networks and have zombie machines at the ready:
By the end of this year, GENIE is projected to control at least 85,000 implants in strategically chosen machines around the world. That is quadruple the number — 21,252 — available in 2008, according to the U.S. intelligence budget.
The NSA appears to be planning a rapid expansion of those numbers, which were limited until recently by the need for human operators to take remote control of compromised machines. Even with a staff of 1,870 people, GENIE made full use of only 8,448 of the 68,975 machines with active implants in 2011.
For GENIE’s next phase, according to an authoritative reference document, the NSA has brought online an automated system, code-named TURBINE, that is capable of managing “potentially millions of implants” for intelligence gathering “and active attack.”
While the fact that the NSA is doing all of this isn’t a huge surprise and merely confirms earlier reports, the actual scale of the operations is certainly quite eye-opening.