New Snowden Documents Expose NSA's 'Core Secrets:' Infiltration Of Foreign Companies Aimed At 'Exploiting Network Technology'
from the NSA:-doing-more-with-more dept
It appears the NSA is much more than a domestic agency with many digital tentacles. It also has agents operating in other countries, much like the CIA and the FBI. New Snowden documents released by The Intercept show that the agency has “under cover” agents embedded in foreign companies for the purpose of extending its surveillance reach.
The National Security Agency has had agents in China, Germany, and South Korea working on programs that use “physical subversion” to infiltrate and compromise networks and devices, according to documents obtained by The Intercept.
The documents, leaked by NSA whistleblower Edward Snowden, also indicate that the agency has used “under cover” operatives to gain access to sensitive data and systems in the global communications industry, and that these secret agents may have even dealt with American firms. The documents describe a range of clandestine field activities that are among the agency’s “core secrets” when it comes to computer network attacks, details of which are apparently shared with only a small number of officials outside the NSA.
Judging from the documents posted (and the commentary by Peter Maass and Laura Poitras), this doesn’t seem to be slanted towards industrial/economic espionage as much as it is a very broad expansion of its Tailored Access Operations — in which the agency intercepts shipments of electronics to add backdoors, using implanted hardware or inserted code.
The documents also indicate that the NSA has worked with several domestic and foreign companies to weaken encryption, something that isn’t exactly news, but is revealed here to be far more extensive than the $10 million paid to RSA to push weakened encryption.
In addition to so-called “close access” operations, the NSA’s “core secrets” include the fact that the agency works with U.S. and foreign companies to weaken their encryption systems; the fact that the NSA spends “hundreds of millions of dollars” on technology to defeat commercial encryption; and the fact that the agency works with U.S. and foreign companies to penetrate computer networks, possibly without the knowledge of the host countries.
Underneath it all is a package of six programs, running under the title of Sentry Eagle. All of these are cybersecurity-related and work together to break encryption and “exploit networks.” The program itself is highly secretive, even within the agency itself. [pdf link]
“You are being indoctrinated on Sentry Eagle,” the 2004 document begins, before going on to list the most highly classified aspects of its various programs. It warns that the details of the Sentry Eagle programs are to be shared with only a “limited number” of people, and even then only with the approval of one of a handful of senior intelligence officials, including the NSA director.
The document also makes reference to the fact that details of Sentry Eagle are only to be shared with “a limited number of select government officials,” but doesn’t go into any greater detail on who these officials might be. Nor is there any mention of additional oversight, like the FISA court or the two intelligence committees.
Presumably, the NSA is more focused on foreign companies than domestic ones and is perhaps even working in concert with local governments to improve surveillance capabilities (in exchange for being given unlimited access to the collected data). If this is true, then buying foreign products to avoid dealing with NSA-sabotaged goods and services is a futile effort. In the wake of Snowden’s leaks, many foreign businesses have stated their intent to network and communication equipment/services from non-US companies. These documents imply there may be nowhere else to go.