Sunday, December 29, 2013

We're From The NSA And We're Here To Help

Found an interesting article everyone should read at Zero Hedge. The NSA's book of bugging goodness made it out and to cut to the chase, we're screwed.

The latest revelation from the biggest wholesale spying scandal since Nixon, exposed by Germany's Spiegel which continues the strategy of revealing Snowden leaks on a staggered, delayed basis, involves a back door access-focused NSA division called ANT, (which supposedly stands for Access Network Technology), described by Spiegel as "master carpenters" for the NSA's TAO (Tailored Access Operations, read more about TAO here). The ANT people have "burrowed into nearly all the security architecture made by the major players in the industry -- including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell.
What caught my eye more than anything was this:
The ANT division doesn't just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer's motherboard that is the first thing to load when a computer is turned on.

This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this "Persistence" and believe this approach has provided them with the possibility of permanent access.

Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung, all of which, with the exception of latter, are American companies. Here, too, it appears the US intelligence agency is compromising the technology and products of American companies.

Other ANT programs target Internet routers meant for professional use or hardware firewalls intended to protect company networks from online attacks. Many digital attack weapons are "remotely installable" -- in other words, over the Internet. Others require a direct attack on an end-user device -- an "interdiction," as it is known in NSA jargon -- in order to install malware or bugging equipment.
If you're an IT guy you know what this means. Everything you do to clean your PC, reload it, replace the hard drive, encrypt it, it doesn't matter. as soon as you connect to the internet they can read you. Even if you miraculously clean everything on your machine they've got you moving through the internet's routers.

Yeah, yeah I know. If you don't have anything to hide you have nothing to worry about. Of course it depends on who's judging you.

Source article: http://www.zerohedge.com/news/2013-12-29/nsas-50-page-catalog-back-door-penetration-techniques-revealed

No comments: