NSA can spy on computers via radio, Snowden leaks show
Snowden fallout continues, as news organizations use leaks to probe how the NSA is breaking into computers not linked to the Internet and, mistakenly, believed to be not open to attack.
WASHINGTON — The National Security Agency can spy on computers that aren’t physically connected to the Internet. That’s a takeaway from a big New York Times story Wednesday on NSA technical capabilities.
How? One method is to use small radio transceivers concealed within otherwise normal-looking USB plugs. These spy plugs (code name: “Cottonmouth I”) can sweep through an affected machine and broadcast stolen information to hidden relay stations up to eight miles away.
A relative of this program involves tiny circuit boards physically inserted into computers, either at the factory or via clandestine methods on-site. They allow the NSA to connect to computers which users believe to be safely insulated from Internet-based hacker attacks.
All told, the US has implanted spy software in some 100,000 computers around the world, according to David Sanger and Thom Shanker of the Times, under the overall auspices of a program named “Quantum." (Yes, a 2008 James Bond movie was called “Quantum of Solace," but that’s apparently a coincidence.) Iran has been a target, as well as Russian military networks, drug cartels, and European Union trade institutions. But the biggest focus of US interest here is China, particularly Chinese cyberwar capabilities.
“The United States has targeted Unit 61398, the Shanghai-based Chinese Army unit believed to be responsible for many of the biggest cyberattacks on the United States, in an effort to see attacks being prepared,” write Messrs. Sanger and Shanker.
Parts of this story have previously appeared elsewhere. The German news magazine Der Spiegel has published a list of NSA products that included “Cottonmouth," for instance. A Danish paper has printed a map showing where Quantum incursions occurred.
These pieces all appear based on documents provided by NSA leaker Edward Snowden, though the Times supplemented its story with extensive further reporting. In fact, the Times may have had the gist of these revelations for some time: The paper notes that, at the request of US intelligence officials, it previously withheld some details of the foreign infiltration program when writing about clandestine US efforts to derail Iran’s nuclear program in 2012.
That history shows how much publication standards have changed, writes Harvard Law School professor Jack Goldsmith at the Lawfare national security legal blog.
Wednesday’s revelations don’t deal with the privacy of US citizens, he notes. The infiltration program appears to deal exclusively with surveillance of foreign systems and intelligence – precisely the sort of thing the NSA is supposed to do. Quantum does not appear to push against any sort of NSA legal limits.
In 2012, the Times agreed not to talk about the program. In 2014, it went ahead. The big difference may be the environment created by Mr. Snowden in which all of the NSA’s activities appear to be fair game for public discussion.
“The particularly bad news for the NSA is that the NYT is more discreet than foreign journalistic outlets,” writes Mr. Goldsmith.
Goldsmith adds that US intrusion of foreign networks appears to be similar to the sorts of things the US complains that China is doing. This obvious hypocrisy isn’t going to help the US in its efforts to get Beijing to rein in Chinese cyber units.
The US doesn’t use NSA capabilities to steal trade secrets in the name of bettering the bottom line of particular US firms, an NSA spokesman told the Times for Wednesday’s story. But China considers economic secrets a legitimate intelligence target and may not be swayed by this argument, given that US diplomats routinely pressure other countries to do things – such as buy US aircraft – that benefit specific national firms.
“It’s all cheating in the name of national strength. If it’s acceptable for us to do it, we really can’t perform moral outrage that our rivals are doing it,” writes surveillance and intelligence expert Marcy Wheeler on her "emptywheel" blog.
Against this background, President Obama on Friday is expected to announce some tightening in the way the NSA handles millions of US phone records, among other things. He’s also expected to outline some broader oversight procedures for the process which determines which foreign leaders become NSA targets.
The speech caps a months-long review of NSA activities by a White House panel of outside experts appointed in response to Snowden’s revelations.