Wider extent of spy agency’s hacking exposed in magazine
Berlin – A German magazine lifted the lid on the United States’ National Security Agency’s hacking unit yesterday, reporting that American spies intercept computer deliveries, exploit hardware vulnerabilities, and even hijack Microsoft’s internal reporting system to spy on their targets.
Der Spiegel’s revelations relate to a division of the NSA known as Tailored Access Operations, or TAO, which is painted as an elite team of hackers specialising in stealing data from the toughest of targets. Citing internal NSA documents, the magazine said yesterday that TAO’s mission was ‘‘ Getting the ungettable’’ and quoted an unnamed intelligence official as saying TAO had gathered ‘‘ some of the most significant intelligence our country has ever seen’’.
Der Spiegel said TAO had a catalogue of hi- tech gadgets for particularly hard- to- crack cases, including computer monitor cables specially modified to record what is being typed across the screen, USB sticks secretly fitted with radio transmitters to broadcast stolen data over the airwaves, and fake base stations intended to intercept mobile phone signals.
The NSA did not rely only on James Bond- style spy gear, the magazine said. Some of the attacks described by Der Spiegel exploit weaknesses in the architecture of the internet to deliver malicious software to specific computers.
Others take advantage of weaknesses in hardware or software distributed by some of the world’s leading information technology companies, including Cisco Systems and China’s Huawei Technologies, the magazine reported.
Der Spiegel cited a 2008 mail order catalogue- style list of vulnera- bilities that NSA spies could exploit from companies such as Irvine, California- based Western Digital Corp or Round Rock, Texas- based Dell. The magazine said that suggested the agency was ‘‘ compromising the technology and products of American companies’’.
Old- fashioned methods got a mention too. Der Spiegel said that if the NSA tracked a target ordering a new computer or other electronic accessories, TAO could tap its allies in the FBI and the CIA, intercept the hardware in transit, and take it to a secret workshop where it could be discretely fitted with espionage software before being sent on its way. Intercepting computer equipment in such a way was among the NSA’s ‘‘ most productive operations ’’ and had helped harvest intelligence from around the world, one document cited by Der Spiegel stated.
One of the most striking reported revelations concerned the NSA’s alleged ability to spy on Microsoft Corp’s crash reports, familiar to many users of the Windows operating system as the dialogue box which pops up when a game freezes or a Word document dies. Der Spiegel said the NSA was also sifting through the reports to help spies break into machines running Windows.
One NSA document cited by the magazine appeared to poke fun at Microsoft’s expense, replacing the software giant’s standard error report message with the words: ‘‘ This information may be intercepted by a foreign sigint ( signals intelligence) system to gather detailed information and better exploit your machine.’’
Microsoft said that information sent by customers about technical issues in such a manner was limited. ‘‘ We would have significant concerns if the allegations about government actions are true,’’ a company representative said yesterday.
Microsoft is one of several US firms that have demanded more transparency from the NSA in the wake of the revelations of former intelligence worker Edward Snowden, whose disclosures have ignited an international debate over privacy and surveillance.