Feds Waged Hundreds Of Cyberattacks On Other Countries; Spent $25 Million Buying Vulnerabilities

from the we-are-the-cybersecurity-threat dept

It’s pretty typical for companies and governments hoping to “bury” important bad news to release it late on a Friday evening, hoping to miss the news cycle. If you’re extra lucky, that Friday happens to come right before a long weekend, such as Labor Day. But, for the life of me, I can’t figure out why a major news publication, like the Washington Post would break a big story on a Friday night before Labor Day weekend, pretty much guaranteeing that it doesn’t get very much attention at all. Very bizarre — but we figured we’d try to bring this story to you guys on Tuesday, back after the week is underway so the story doesn’t get lost. The details: as suspected, the US is actually one of the leading proponents of offensive cyberattacks. This isn’t a huge surprise, since they’ve more or less admitted to having “broad powers” but there have been questions both about the rules of engagement and just how often the US uses these capabilities.

Wonder no more. The Washington Post’s Barton Gellman has the story from the black budget, showing 231 offensive cyber-operations in 2011, a number that likely went up quite a bit in 2012 (and again in 2013). For all the hype about “cybersecurity” threats from abroad, it still looks like the biggest cybersecurity threat out there is our own government. And, yes, everyone already knows about Stuxnet, and it sounds like most of these offensive efforts aren’t nearly as ambitious, but there’s still a lot going on.

Separately, the story confirms earlier reports that the US government is a huge purchaser of exploits from various hackers, choosing to exploit them, rather than use them to help protect our systems. For 2013, the feds budgeted $25.1 million for the “additional covert purchases of software vulnerabilities.” But, that’s really on a fraction of the number of exploits. The report notes that most vulnerabilities the NSA uses actually are designed at home.

Also those few hundred attacks appear to downplay the capabilities of the NSA (and the CIA) should they want to do more, because it sounds like they’ve hacked into a variety of networks and have zombie machines at the ready:

By the end of this year, GENIE is projected to control at least 85,000 implants in strategically chosen machines around the world. That is quadruple the number — 21,252 — available in 2008, according to the U.S. intelligence budget.

The NSA appears to be planning a rapid expansion of those numbers, which were limited until recently by the need for human operators to take remote control of compromised machines. Even with a staff of 1,870 people, GENIE made full use of only 8,448 of the 68,975 machines with active implants in 2011.

For GENIE’s next phase, according to an authoritative reference document, the NSA has brought online an automated system, code-named TURBINE, that is capable of managing “potentially millions of implants” for intelligence gathering “and active attack.”

While the fact that the NSA is doing all of this isn’t a huge surprise and merely confirms earlier reports, the actual scale of the operations is certainly quite eye-opening.

Filed Under: , , , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Feds Waged Hundreds Of Cyberattacks On Other Countries; Spent $25 Million Buying Vulnerabilities”

Subscribe: RSS Leave a comment
Anonymous Coward says:

The NSA is systematically weakening US computer security

That seems like a bold and non-obvious statement, so let me explain.

There are two ways to break into someone else’s system: (1) break into it (2) wait for someone else to break into it, then exploit the opening they’ve graciously provided for you.

It’s clear that the NSA is attacking large numbers of systems and doing so successfully. By doing that, they’re punching holes in those systems’ defenses, and of course those holes are now exploitable by anybody else who comes along equipped with sufficient knowledge.

There are plenty of people equipped with sufficient knowledge, including freelance security experts as well as those in the employ of other governments, not all of which are friendly to the US and none of which are guaranteed to be friendly to the US a year or a decade or a century from now.

But it gets worse: one of the secondary consequences of this strategy is that control of a compromised system doesn’t only have value in terms of what that system holds (or transmits/receives); it has value in terms of what that system is and where it is. In a traditional military situation, “holding the high ground” is a desirable tactic; the same is true in computer security. Having control of a random Windows box on the far end of a DSL connection isn’t particularly important; but having control of a Solaris server sitting on someone’s corporate network is.

Thus, the NSA is, in essence, paving the way for others. They’re making the task of gaining control of large numbers of strategic systems much easier than it should be.

Sneeje (profile) says:

Re: The NSA is systematically weakening US computer security

An interesting analysis. To continue the analogy about high-ground, in warfare a particular high-ground is scarce–it cannot be held by two competing parties. It seems less clear whether that particular constraint applies to vulnerabilities and compromised systems.

Anonymous Coward says:

I get the feeling that the predictions of a “Cyber-Pearl Harbor” are ever more likely to come true.

The US is building an offensive capability positioned to attack other nations. It’s only a matter of time before someone gets scared and tries disable that capability.

Once that happens the revenge will be seen as justified. Personally I don’t want to play the part of Japan…

out_of_the_blue says:

Oh, MAYBE was overshadowed by possibility of ACTUAL WAR?

“But, for the life of me…” — Really, Mike? Did you entirely MISS this weekend that US might launch attacks against Syria and touch off reactions by Iran, Russia, and maybe China that might lead to World War 3, even a nuclear exchange?

There’s nothing really new here is another major point.

But speaking of Stuxnet, it seems possible that Fukushima was infected with it, from reports that metering indicated no problems while there clearly was. If so, then that US/Israeli attempt to sabotage Iran may be responsible for largest nuclear disaster in history.

Worse than being censored on the net is being advertised. You can escape censorship with your ideas intact; advertising explicitly has the goal of changing you.

halley (profile) says:

Now that a few dozen smaller bombshell releases have been made in the press, it’s time to start collecting them in an easy-to-digest format. People are going to get bombshell-fatigued; I’m sure I’m forgetting some of the revelations already. Infographics, bullet lists, executive summaries. Group related findings together; explain the implications of each. Make up a checklist of all the forms of communication, or a matrix if you want to break out everyone, residents, citizens, and other populations under surveillance.

Anonymous Coward says:

NSA likes to target routers with “implants”, aka malware/spyware. Once the router is compromised, the NSA can then launch further attacks inside the LAN network that router is connected too.

Effectively bypassing firewalls and easily spreading their malware to unprotected LAN computers on that network.

I believe Snowden already mentioned routers are a high priority target for Unconstitutional NSA spies.

art guerrilla (profile) says:

i presume you were being droll...

…in wondering why the wapo released this during the normal ‘bury the story’ time frame…

as the wapo has LONG been working hand-in-glove with the -in general- powers that be, and -in particular- with the alphabet soup spooks…

limited hangouts, and all that…
they can’t avoid ALL the slime that is being revealed, so they might as well control some portion of it from being presented in too revelatory fashion…

(oh, and -once again, for the umpteenth time- revelatory is TOO a fucking word, you useless spel czech crapware)

also, completely agree with the poster who talked about how this DECREASES computer security for EVERYONE (including the attackers!): you make a tool, someone is going to turn it against you, sure as night follows day…

art guerrilla
aka ann archy

Chronno S. Trigger (profile) says:

So this “Cyber War” the US government has been warning us about is a real thing and they are the ones waging it. Why am I not surprised?

It’s only a matter of time before someone turns around and gives the schoolyard bully a black eye. I’ve seen it quite a few times when I was in school, and sometimes you just have to stand back and let it happen. But I say this to the rest of the world, I and most of my fellow citizens are not involved nor condone these practices. Go ahead, give the bully a black eye, just leave us out of it.

Too far from DC says:

These are ALL just SYMPTOMS, must excise the problem

How am I supposed to be capable of building ANY kind of decent life when……

….the government has DEFINITELY BEEN INFILTRATED (via encroachment) by the lowest form of human life (the Fascists) and once again are attempting to take over the world?

….the people in elected government positions refuse to comply with their official duties and execute their oaths of office sworn to God and man alike?

…when a previously “fair” Supreme Court (with similar timing to both other branches of govt) by its recent decisions does willfully demonstrate their “opinions” are for sale just like in Congress. (If money is speech, and corporations are people so must bullets be, and murder no longer a crime as no corporation can be incarcerated for its crimes)

…when POTUS (BOTH terms) refuses to open his personal records AT ANY TIME or ANY REASON since 2007?

…when POTUS illegitimately pursues acts of blatant terrorism against his own population, then claims “for my security” he has no option but burn three Constitution & Bill of Rights?

…when the NSA, TSA, DHS etc. so filled with hubris to vacate their charters for ego driven “control” they prove by deed their priority is government security, NOT national security?

….We The People can only count on one thing from a government usurped by those whose actions define them as psychopathic, THE ABSOLUTE NECESSITY FOR MILLIONS of We The People, to travel to DC and bodily capture these worst of all criminals, and put them on public trial with public disposition of sentences.

I’m near the West Coast, and have already been bled dry of even the resources needed to travel to DC, or I would be happy for History to remember me as the man who began the American Revolution v. 2.0

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...