Meetup Vulnerabilities: Escalation of Privilege and Redirection of Funds

NSA Malware Attacks Exposed; Over 50,000 Computers Hacked

Edward Snowden, the infamous ex-NSA employee, is still creating waves with his leaked documents. The latest evidence sheds light on the NSA’s hacking capabilities and the extent of the damage done. Tailored Access Operations (TAO), a special unit with a task-force of more than a thousand hackers, orchestrated the cyber-attacks.

The American Intelligence Service has made extensive use of Computer Network Exploitation (CNE), planting “dormant digital agents” in more than 50,000 computers and compromising entire networks. The Washington Post reported earlier this year that these cyber-espionage activities have been going on since 1998.

NSA’s management presentation slide from 2012 includes a detailed world map with CNE access points distributed in various strategic locations. The worrying revelations prove yet again that nobody is immune to cyber-attacks. This is an effective and inexpensive way to monitor suspects and fetch sensitive information.

Spyware was planted in the targeted computers using backdoors, loopholes and other system vulnerabilities. The NSA then activated the remotely controlled files at the push of a button, taking control of the hacked computers and harvesting the desired information. Over 200 offensive cyber-operations were carried out in 2011 only.

The dangerous malware is still active in computers all around the world. Thousands of users are still unaware of the existence of the Worms and Trojans, which are lurking around in their systems. NSA officials were approached by Dutch media outlet before the story was released, but they refused to comment on the revelations.

British intelligence service GCHQ has also been involved in similar hacking activity over the years. The episode surfaced in September 2013, when spyware was detected by the Belgian telecom giant Belgacom. The infiltrations took place after unsuspecting employees clicked on planted links after they were lured into a fictive LinkedIn page.

The bottom line is that all computers and networks are vulnerable to attack. But not only hacktivists, cyber-criminals and commercial concerns indulge in this wrong and unethical practice. Intelligence agencies are often overlooked and underestimated, but pose a huge security risk to people, networks, organizations and even countries.

Source 1 – NSA Cyber-Operations

Source 2 – NSA Infected 50,000 Computer Networks

Jump to Category