New Snowden Documents Expose NSA's 'Core Secrets:' Infiltration Of Foreign Companies Aimed At 'Exploiting Network Technology'

from the NSA:-doing-more-with-more dept

It appears the NSA is much more than a domestic agency with many digital tentacles. It also has agents operating in other countries, much like the CIA and the FBI. New Snowden documents released by The Intercept show that the agency has "under cover" agents embedded in foreign companies for the purpose of extending its surveillance reach.

The National Security Agency has had agents in China, Germany, and South Korea working on programs that use “physical subversion” to infiltrate and compromise networks and devices, according to documents obtained by The Intercept.

The documents, leaked by NSA whistleblower Edward Snowden, also indicate that the agency has used “under cover” operatives to gain access to sensitive data and systems in the global communications industry, and that these secret agents may have even dealt with American firms. The documents describe a range of clandestine field activities that are among the agency’s “core secrets” when it comes to computer network attacks, details of which are apparently shared with only a small number of officials outside the NSA.
Judging from the documents posted (and the commentary by Peter Maass and Laura Poitras), this doesn't seem to be slanted towards industrial/economic espionage as much as it is a very broad expansion of its Tailored Access Operations -- in which the agency intercepts shipments of electronics to add backdoors, using implanted hardware or inserted code.

The documents also indicate that the NSA has worked with several domestic and foreign companies to weaken encryption, something that isn't exactly news, but is revealed here to be far more extensive than the $10 million paid to RSA to push weakened encryption.
In addition to so-called “close access” operations, the NSA’s “core secrets” include the fact that the agency works with U.S. and foreign companies to weaken their encryption systems; the fact that the NSA spends “hundreds of millions of dollars” on technology to defeat commercial encryption; and the fact that the agency works with U.S. and foreign companies to penetrate computer networks, possibly without the knowledge of the host countries.
Underneath it all is a package of six programs, running under the title of Sentry Eagle. All of these are cybersecurity-related and work together to break encryption and "exploit networks." The program itself is highly secretive, even within the agency itself. [pdf link]
“You are being indoctrinated on Sentry Eagle,” the 2004 document begins, before going on to list the most highly classified aspects of its various programs. It warns that the details of the Sentry Eagle programs are to be shared with only a “limited number” of people, and even then only with the approval of one of a handful of senior intelligence officials, including the NSA director.
The document also makes reference to the fact that details of Sentry Eagle are only to be shared with "a limited number of select government officials," but doesn't go into any greater detail on who these officials might be. Nor is there any mention of additional oversight, like the FISA court or the two intelligence committees.

Presumably, the NSA is more focused on foreign companies than domestic ones and is perhaps even working in concert with local governments to improve surveillance capabilities (in exchange for being given unlimited access to the collected data). If this is true, then buying foreign products to avoid dealing with NSA-sabotaged goods and services is a futile effort. In the wake of Snowden's leaks, many foreign businesses have stated their intent to network and communication equipment/services from non-US companies. These documents imply there may be nowhere else to go.

Filed Under: core secrets, ed snowden, infiltration, nsa, surveillance, tao


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 14 Oct 2014 @ 4:39am

    The only bit missing from a Tom Clancy plot is the private armies belonging to the various agencies.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Oct 2014 @ 5:28am

      Re:

      Sentry Six

      reply to this | link to this | view in chronology ]

    • identicon
      Trevor, 14 Oct 2014 @ 8:45am

      Re:

      At this point, I wouldn't be surprised if there actually is a "Campus" with a bunch of blank Presidential pardons lying around...

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Oct 2014 @ 11:48am

      Re:

      I would say the police are owned body and soul by DHS for the most part now. They act like a private army of brown shirts more than law enforcement upholding the ideals of justice.

      nothing like a private military formed righ under the public's noses

      reply to this | link to this | view in chronology ]

  • identicon
    the threat to peace is the USA, 14 Oct 2014 @ 5:27am

    @1

    blackwater ring a bell

    reply to this | link to this | view in chronology ]

  • icon
    TheResidentSkeptic (profile), 14 Oct 2014 @ 6:00am

    Puts a new spin on an old article...

    so then the stories of Huawei routers having "back door" and "spy" software were true... just left out the part that the NSA put it there...

    reply to this | link to this | view in chronology ]

  • identicon
    the threat to peace is the USA, 14 Oct 2014 @ 6:45am

    @4

    ding ding , once its into the usa they intercept and modify...

    YOU GET SCREWED

    THEY PROFIT

    THINGS CONTINUE AS THEY WISH

    reply to this | link to this | view in chronology ]

  • icon
    musterion (profile), 14 Oct 2014 @ 6:51am

    Lead sentence was never true

    "It appears the NSA is much more than a domestic agency with many digital tentacles" Anyone with half an ounce of brains knows this was never true. I mean read Bamford's "Puzzle Palace" and that's from the 80's

    Furthermore, do you think the Chinese have not done the same thing?

    Sheesh

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Oct 2014 @ 12:41pm

      Re: Lead sentence was never true

      No, they are too busy dealing with suppressing internal dissent to fuck around with the rest of the world.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Oct 2014 @ 7:02am

    2004 was 10 years ago.

    reply to this | link to this | view in chronology ]

  • identicon
    Citizen, 14 Oct 2014 @ 7:31am

    It's a good thing Snowden's publishers are revealing how this country attempts to anticipate the strategies and agendas of foreign powers. Since no citizens of any other country can or will so eagerly surrender their nation's defense secrets, that will help prevent any excess security here.

    Now that the publishers of Snowden's documents, (who he actually thinks are too indiscriminate), have demonstrated their compulsion to view all foreign information gathering as invasions of domestic privacy, they've essentially manifested the equivalent of societal Lupus, with an overaggressive immune reaction that is actually damaging its organs. They might also want to make a case to summon Hanssen and Ames back into action.

    reply to this | link to this | view in chronology ]

  • identicon
    Scote, 14 Oct 2014 @ 8:36am

    I think this is the kind of think Snoden meant he wouldn't have released personally.

    Snowden said he would have been more conservative than reporters have been in what to release. This kind of operation will be harmed by these revelations, and it has real implications for our foreign SigInt capabilities.

    I do think that foreign SigInt is important. The scandal in the US is that the NSA does *domestic* intercepts, not that it does foreign intercepts. (Yes, I know, American exceptionalisim, but, well, that's how we roll.)

    reply to this | link to this | view in chronology ]

    • identicon
      Rekrul, 14 Oct 2014 @ 11:45am

      Re: I think this is the kind of think Snoden meant he wouldn't have released personally.

      Snowden said he would have been more conservative than reporters have been in what to release. This kind of operation will be harmed by these revelations, and it has real implications for our foreign SigInt capabilities.

      I do think that foreign SigInt is important. The scandal in the US is that the NSA does *domestic* intercepts, not that it does foreign intercepts. (Yes, I know, American exceptionalisim, but, well, that's how we roll.)


      Except that this isn't just about the NSA spying on other countries. It's about them infiltrating foreign technology companies so that their agents can intentional weaken the security of network devices and even install backdoors in them. These devices are used not only in foreign countries, but also in the US.

      You know the Shellshock vulnerability that everyone is worried about? They're putting that kind of stuff into routers and other network hardware to make hacking them easier. Hell, the US intelligence agencies might even be responsible for creating the Shellshock bug.

      You don't think that's the kind of thing people should know about?

      reply to this | link to this | view in chronology ]

      • icon
        That One Guy (profile), 14 Oct 2014 @ 11:58am

        Re: Re: I think this is the kind of think Snoden meant he wouldn't have released personally.

        Beat me to it. The important take-away here isn't that they're spying on foreign groups and performing actions to further that goal, it's that yet again, they are shown to be blatantly weakening security to make their jobs easier.

        That always needs to be pointed out, as while it makes their jobs easier, it does so by making everyone else less safe.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Oct 2014 @ 9:55am

    It's ironic the NSA gets all huffy and puffy about insider threats after the Snowden revelations. Yet the NSA itself is covertly infiltrating technology firms by having agents apply for jobs there. Then using them as insider threats to plant backdoors in products and steal encryption keys.

    reply to this | link to this | view in chronology ]

    • identicon
      Citizen, 14 Oct 2014 @ 10:35am

      Re:

      Yes, this country's government is more alarmed by efforts at cyber attacks on us from foreign countries, than their efforts to infiltrate foreign countries.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Oct 2014 @ 11:42am

    committing what they would call terrorist attacks if other countries did the same to the USA.

    Fight terrorism says Us government while secretly committing terrorist acts against foreign nations.

    Eventually the other countries are going to stop letting themselves get bullied by the US and fight back.

    reply to this | link to this | view in chronology ]

    • identicon
      PRMan, 14 Oct 2014 @ 12:13pm

      When you say that, why am I reminded of this?

      Revelation 18 (NIV)

      Lament Over Fallen Babylon

      18 After this I saw another angel coming down from heaven. He had great authority, and the earth was illuminated by his splendor. 2 With a mighty voice he shouted:

      “‘Fallen! Fallen is Babylon the Great!’[a]
      She has become a dwelling for demons
      and a haunt for every impure spirit,
      a haunt for every unclean bird,
      a haunt for every unclean and detestable animal.
      3 For all the nations have drunk
      the maddening wine of her adulteries.
      The kings of the earth committed adultery with her,
      and the merchants of the earth grew rich from her excessive luxuries.”

      Threefold Woe Over Babylon’s Fall

      9 “When the kings of the earth who committed adultery with her and shared her luxury see the smoke of her burning, they will weep and mourn over her. 10 Terrified at her torment, they will stand far off and cry:

      “‘Woe! Woe to you, great city,
      you mighty city of Babylon!
      In one hour your doom has come!’

      11 “The merchants of the earth will weep and mourn over her because no one buys their cargoes anymore— 12 cargoes of gold, silver, precious stones and pearls; fine linen, purple, silk and scarlet cloth; every sort of citron wood, and articles of every kind made of ivory, costly wood, bronze, iron and marble; 13 cargoes of cinnamon and spice, of incense, myrrh and frankincense, of wine and olive oil, of fine flour and wheat; cattle and sheep; horses and carriages; and human beings sold as slaves.

      14 “They will say, ‘The fruit you longed for is gone from you. All your luxury and splendor have vanished, never to be recovered.’ 15 The merchants who sold these things and gained their wealth from her will stand far off, terrified at her torment. They will weep and mourn 16 and cry out:

      “‘Woe! Woe to you, great city,
      dressed in fine linen, purple and scarlet,
      and glittering with gold, precious stones and pearls!
      17 In one hour such great wealth has been brought to ruin!’

      “Every sea captain, and all who travel by ship, the sailors, and all who earn their living from the sea, will stand far off. 18 When they see the smoke of her burning, they will exclaim, ‘Was there ever a city like this great city?’ 19 They will throw dust on their heads, and with weeping and mourning cry out:

      “‘Woe! Woe to you, great city,
      where all who had ships on the sea
      became rich through her wealth!
      In one hour she has been brought to ruin!’

      reply to this | link to this | view in chronology ]

      • identicon
        Eric Stein, 14 Oct 2014 @ 12:45pm

        Re: When you say that, why am I reminded of this?

        Interesting. But wouldn't you prefer something a little more recent?

        We are building a religion
        We are building it bigger
        We are widening the corridors
        And adding more lanes

        We are building a religion
        A limited edition
        We are now accepting callers
        For these pendant key chains

        To resist it is useless
        It is useless to resist it
        His cigarette is burning
        But he never seems to ash

        He is grooming his poodle
        He is living comfort eagle
        You can meet at his location
        But you'd better come with cash

        Now his hat is on backwards
        He can show you his tattoos
        He is in the music business
        He is calling you "DUDE!"

        "Comfort Eagle"
        CAKE

        reply to this | link to this | view in chronology ]

    • identicon
      Citizen, 14 Oct 2014 @ 1:48pm

      Re:

      What country to you live in that isn't flooded by cyber attacks from foreign governments and rogue organizations? How would you defend against them?

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Oct 2014 @ 3:58pm

        Re: Re:

        A good place to start would be not weakening security that will be sold in your own country.

        reply to this | link to this | view in chronology ]

        • identicon
          Citizen, 15 Oct 2014 @ 1:11pm

          Re: Re: Re:

          That's a valid point, but the premise was that those backdoors were not intended to be announced to the public, It was their disclosure that increased the probability of them being exploited for attacks or other espionage against this country.

          reply to this | link to this | view in chronology ]

          • icon
            John Fenderson (profile), 16 Oct 2014 @ 8:22am

            Re: Re: Re: Re:

            "the premise was that those backdoors were not intended to be announced to the public"

            Which is a completely brain-dead premise. Even if everyone officially involved in creating or using the back doors keeps there mouth shut, the odds are very good that the back doors would be discovered and publicized by outsiders.

            The only difference is that the publication would be limited to the cracker & script kiddie crowds -- the very people who we least want to have them, and nobody else would be aware that they are vulnerable.

            reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 14 Oct 2014 @ 11:55am

    Not quite

    In the wake of Snowden's leaks, many foreign businesses have stated their intent to network and communication equipment/services from non-US companies. These documents imply there may be nowhere else to go.

    A foreign company/service might be compromised, and if it isn't it will take some work for the NSA to do so.

    A US company/service is compromised by default; if the NSA hasn't already compromised their security, it's simply because they haven't gotten around to it yet, and if they do want to, one 'legal' order is all it takes.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Oct 2014 @ 2:13pm

    And to think that all of this was paid for by the American Tax Payer... it just boggles the mind.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.