Feds Waged Hundreds Of Cyberattacks On Other Countries; Spent $25 Million Buying Vulnerabilities

from the we-are-the-cybersecurity-threat dept

It's pretty typical for companies and governments hoping to "bury" important bad news to release it late on a Friday evening, hoping to miss the news cycle. If you're extra lucky, that Friday happens to come right before a long weekend, such as Labor Day. But, for the life of me, I can't figure out why a major news publication, like the Washington Post would break a big story on a Friday night before Labor Day weekend, pretty much guaranteeing that it doesn't get very much attention at all. Very bizarre -- but we figured we'd try to bring this story to you guys on Tuesday, back after the week is underway so the story doesn't get lost. The details: as suspected, the US is actually one of the leading proponents of offensive cyberattacks. This isn't a huge surprise, since they've more or less admitted to having "broad powers" but there have been questions both about the rules of engagement and just how often the US uses these capabilities.

Wonder no more. The Washington Post's Barton Gellman has the story from the black budget, showing 231 offensive cyber-operations in 2011, a number that likely went up quite a bit in 2012 (and again in 2013). For all the hype about "cybersecurity" threats from abroad, it still looks like the biggest cybersecurity threat out there is our own government. And, yes, everyone already knows about Stuxnet, and it sounds like most of these offensive efforts aren't nearly as ambitious, but there's still a lot going on.

Separately, the story confirms earlier reports that the US government is a huge purchaser of exploits from various hackers, choosing to exploit them, rather than use them to help protect our systems. For 2013, the feds budgeted $25.1 million for the "additional covert purchases of software vulnerabilities." But, that's really on a fraction of the number of exploits. The report notes that most vulnerabilities the NSA uses actually are designed at home.

Also those few hundred attacks appear to downplay the capabilities of the NSA (and the CIA) should they want to do more, because it sounds like they've hacked into a variety of networks and have zombie machines at the ready:
By the end of this year, GENIE is projected to control at least 85,000 implants in strategically chosen machines around the world. That is quadruple the number — 21,252 — available in 2008, according to the U.S. intelligence budget.

The NSA appears to be planning a rapid expansion of those numbers, which were limited until recently by the need for human operators to take remote control of compromised machines. Even with a staff of 1,870 people, GENIE made full use of only 8,448 of the 68,975 machines with active implants in 2011.

For GENIE’s next phase, according to an authoritative reference document, the NSA has brought online an automated system, code-named TURBINE, that is capable of managing “potentially millions of implants” for intelligence gathering “and active attack.”
While the fact that the NSA is doing all of this isn't a huge surprise and merely confirms earlier reports, the actual scale of the operations is certainly quite eye-opening.

Reader Comments (rss)

(Flattened / Threaded)

  1. identicon
    Anonymous Coward, Sep 3rd, 2013 @ 5:54am

    The NSA is systematically weakening US computer security

    That seems like a bold and non-obvious statement, so let me explain.

    There are two ways to break into someone else's system: (1) break into it (2) wait for someone else to break into it, then exploit the opening they've graciously provided for you.

    It's clear that the NSA is attacking large numbers of systems and doing so successfully. By doing that, they're punching holes in those systems' defenses, and of course those holes are now exploitable by anybody else who comes along equipped with sufficient knowledge.

    There are plenty of people equipped with sufficient knowledge, including freelance security experts as well as those in the employ of other governments, not all of which are friendly to the US and none of which are guaranteed to be friendly to the US a year or a decade or a century from now.

    But it gets worse: one of the secondary consequences of this strategy is that control of a compromised system doesn't only have value in terms of what that system holds (or transmits/receives); it has value in terms of what that system is and where it is. In a traditional military situation, "holding the high ground" is a desirable tactic; the same is true in computer security. Having control of a random Windows box on the far end of a DSL connection isn't particularly important; but having control of a Solaris server sitting on someone's corporate network is.

    Thus, the NSA is, in essence, paving the way for others. They're making the task of gaining control of large numbers of strategic systems much easier than it should be.

    reply to this | link to this | view in thread ]

  2. identicon
    Anonymous Coward, Sep 3rd, 2013 @ 5:59am

    usual situation, then. blame everyone else for doing something so it keeps attention off of the one that is doing it the most! again, as usual, it's the USA! oh, and dont forget to add on the UK government! it is so far into Obama's pants, it cant get out!

    reply to this | link to this | view in thread ]

  3. icon
    Peter (profile), Sep 3rd, 2013 @ 6:04am

    You go girl... sorry, boy, uh man..

    I know the subject line is pretty weak, I'll grant you that, but nonetheless I just want to say your doing a beautiful job, you really are. Please keep it up -- your one of the most important people we have -- for all of the stories about the NSA, not just one or two.

    reply to this | link to this | view in thread ]

  4. identicon
    Anonymous Coward, Sep 3rd, 2013 @ 6:04am

    I get the feeling that the predictions of a "Cyber-Pearl Harbor" are ever more likely to come true.

    The US is building an offensive capability positioned to attack other nations. It's only a matter of time before someone gets scared and tries disable that capability.

    Once that happens the revenge will be seen as justified. Personally I don't want to play the part of Japan...

    reply to this | link to this | view in thread ]

  5. icon
    Sneeje (profile), Sep 3rd, 2013 @ 6:07am

    Re: The NSA is systematically weakening US computer security

    An interesting analysis. To continue the analogy about high-ground, in warfare a particular high-ground is scarce--it cannot be held by two competing parties. It seems less clear whether that particular constraint applies to vulnerabilities and compromised systems.

    reply to this | link to this | view in thread ]

  6. This comment has been flagged by the community. Click here to show it
    out_of_the_blue, Sep 3rd, 2013 @ 6:13am

    Oh, MAYBE was overshadowed by possibility of ACTUAL WAR?

    "But, for the life of me..." -- Really, Mike? Did you entirely MISS this weekend that US might launch attacks against Syria and touch off reactions by Iran, Russia, and maybe China that might lead to World War 3, even a nuclear exchange?

    There's nothing really new here is another major point.

    But speaking of Stuxnet, it seems possible that Fukushima was infected with it, from reports that metering indicated no problems while there clearly was. If so, then that US/Israeli attempt to sabotage Iran may be responsible for largest nuclear disaster in history.

    Worse than being censored on the net is being advertised. You can escape censorship with your ideas intact; advertising explicitly has the goal of changing you.

    reply to this | link to this | view in thread ]

  7. icon
    halley (profile), Sep 3rd, 2013 @ 6:26am

    Now that a few dozen smaller bombshell releases have been made in the press, it's time to start collecting them in an easy-to-digest format. People are going to get bombshell-fatigued; I'm sure I'm forgetting some of the revelations already. Infographics, bullet lists, executive summaries. Group related findings together; explain the implications of each. Make up a checklist of all the forms of communication, or a matrix if you want to break out everyone, residents, citizens, and other populations under surveillance.

    reply to this | link to this | view in thread ]

  8. identicon
    Anonymous Coward, Sep 3rd, 2013 @ 6:30am

    NSA likes to target routers with "implants", aka malware/spyware. Once the router is compromised, the NSA can then launch further attacks inside the LAN network that router is connected too.

    Effectively bypassing firewalls and easily spreading their malware to unprotected LAN computers on that network.

    I believe Snowden already mentioned routers are a high priority target for Unconstitutional NSA spies.

    reply to this | link to this | view in thread ]

  9. identicon
    Anonymous Coward, Sep 3rd, 2013 @ 6:39am

    I do not know about all this but to an old time controls engineer you seem to have a very compelling case of why an analog control system is inherently superior to a digital one impossible to crack.

    reply to this | link to this | view in thread ]

  10. identicon
    Anonymous Coward, Sep 3rd, 2013 @ 6:39am

    Re: Oh, MAYBE was overshadowed by possibility of ACTUAL WAR?

    No Blue, Fukushima was infected by an earthquake and a tsunami. Slightly beyond the capabilities of The Rich™ I'm afraid.

    reply to this | link to this | view in thread ]

  11. identicon
    Anonymous Coward, Sep 3rd, 2013 @ 6:50am

    Re: Oh, MAYBE was overshadowed by possibility of ACTUAL WAR?

    may be responsible for largest nuclear disaster in history

    Chernobyl rather predates Stuxnet a wide margin.

    reply to this | link to this | view in thread ]

  12. icon
    art guerrilla (profile), Sep 3rd, 2013 @ 7:18am

    i presume you were being droll...

    ...in wondering why the wapo released this during the normal 'bury the story' time frame...

    as the wapo has LONG been working hand-in-glove with the -in general- powers that be, and -in particular- with the alphabet soup spooks...

    limited hangouts, and all that...
    they can't avoid ALL the slime that is being revealed, so they might as well control some portion of it from being presented in too revelatory fashion...

    (oh, and -once again, for the umpteenth time- revelatory is TOO a fucking word, you useless spel czech crapware)

    also, completely agree with the poster who talked about how this DECREASES computer security for EVERYONE (including the attackers!): you make a tool, someone is going to turn it against you, sure as night follows day...

    art guerrilla
    aka ann archy

    reply to this | link to this | view in thread ]

  13. icon
    Jesse (profile), Sep 3rd, 2013 @ 7:38am

    We need cybersecurity laws because after we're done pissing the whole world off they will be coming after us!

    reply to this | link to this | view in thread ]

  14. identicon
    Anonymous Coward, Sep 3rd, 2013 @ 8:43am


    As we learned in kindergarten: He who smelt it dealt it.

    reply to this | link to this | view in thread ]

  15. icon
    Chronno S. Trigger (profile), Sep 3rd, 2013 @ 9:10am

    So this "Cyber War" the US government has been warning us about is a real thing and they are the ones waging it. Why am I not surprised?

    It's only a matter of time before someone turns around and gives the schoolyard bully a black eye. I've seen it quite a few times when I was in school, and sometimes you just have to stand back and let it happen. But I say this to the rest of the world, I and most of my fellow citizens are not involved nor condone these practices. Go ahead, give the bully a black eye, just leave us out of it.

    reply to this | link to this | view in thread ]

  16. identicon
    PRMan, Sep 3rd, 2013 @ 10:00am

    Re: Re: The NSA is systematically weakening US computer security

    Well, according to Gary McKinnon, the Brit that was in the Pentagon system, the Chinese kept kicking him out.

    reply to this | link to this | view in thread ]

  17. icon
    gorehound (profile), Sep 3rd, 2013 @ 11:56am

    More than just one person is going to go after this Corrupted POS Government.Not only do they use illegal unconstitutional methods against us, the Citizens, but one can only imagine what they are doing to others who are not in our Nation.

    reply to this | link to this | view in thread ]

  18. identicon
    Edward Teach, Sep 3rd, 2013 @ 1:04pm

    Which Botnet does this 85,000 correspond to?

    reply to this | link to this | view in thread ]

  19. icon
    That Anonymous Coward (profile), Sep 3rd, 2013 @ 3:24pm

    And the funny question is, how long had they been doing this type of work before someone realized it could be done to us?
    I guess that whole cyber pearl harbor thing, where we were just innocents who were going to be attacked was a bigger lie than first thought.

    reply to this | link to this | view in thread ]

  20. identicon
    Too far from DC, Sep 3rd, 2013 @ 3:52pm

    These are ALL just SYMPTOMS, must excise the problem

    How am I supposed to be capable of building ANY kind of decent life when......

    ....the government has DEFINITELY BEEN INFILTRATED (via encroachment) by the lowest form of human life (the Fascists) and once again are attempting to take over the world?

    ....the people in elected government positions refuse to comply with their official duties and execute their oaths of office sworn to God and man alike?

    ...when a previously "fair" Supreme Court (with similar timing to both other branches of govt) by its recent decisions does willfully demonstrate their "opinions" are for sale just like in Congress. (If money is speech, and corporations are people so must bullets be, and murder no longer a crime as no corporation can be incarcerated for its crimes)

    ...when POTUS (BOTH terms) refuses to open his personal records AT ANY TIME or ANY REASON since 2007?

    ...when POTUS illegitimately pursues acts of blatant terrorism against his own population, then claims "for my security" he has no option but burn three Constitution & Bill of Rights?

    ...when the NSA, TSA, DHS etc. so filled with hubris to vacate their charters for ego driven "control" they prove by deed their priority is government security, NOT national security?

    ....We The People can only count on one thing from a government usurped by those whose actions define them as psychopathic, THE ABSOLUTE NECESSITY FOR MILLIONS of We The People, to travel to DC and bodily capture these worst of all criminals, and put them on public trial with public disposition of sentences.

    I'm near the West Coast, and have already been bled dry of even the resources needed to travel to DC, or I would be happy for History to remember me as the man who began the American Revolution v. 2.0

    reply to this | link to this | view in thread ]

  21. identicon
    Zem, Sep 3rd, 2013 @ 4:49pm


    Sometimes the bully doesn't get a black eye. Instead they get to grow old, alone, wondering why they have no friends.

    reply to this | link to this | view in thread ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Insider Shop - Show Your Support!

Hide this ad »
Essential Reading
Techdirt Deals
Hide this ad »
Techdirt Insider Chat
Hide this ad »
Recent Stories
Advertisement - Amazon Prime Music
Hide this ad »


Email This

This feature is only available to registered users. Register or sign in to use it.