News & Politics  
comments_image Comments

Snowden Docs Expose How the NSA "Infects" Millions of Computers and Impersonates Facebook

NSA masqueraded as Facebook server to infiltrate user data using malware 'implants.'
 
 
Share

Photo Credit: YouTube.com/Screenshot/democracynow

 
 
 
 

New disclosures from Edward Snowden show the NSA is massively expanding its computer hacking worldwide. Software that automatically hacks into computers — known as malware "implants" — had previously been kept to just a few hundred targets. But the news website The Intercept reports that the NSA is spreading the software to millions of computers under an automated system codenamed "Turbine." The Intercept has also revealed the NSA has masqueraded as a fake Facebook server to infect a target’s computer and exfiltrate files from a hard drive. We are joined by The Intercept reporter Ryan Gallagher.


 

 

 

 

 

 

 

 

 

 

 

 

 

 

Transcript

This is a rush transcript. Copy may not be in its final form.

Amy Goodman : We turn now to our last segment, the latest on leaks from Edward Snowden. TheIntercept.org reported last week the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process. The Intercept also revealed the NSA has masqueraded as a fake Facebook server to infect a target’s computer and exfiltrate files from a hard drive.

Joining us now is Ryan Gallagher from The Intercept, co-wrote the piece, "[How] the NSA Plans to Infect 'Millions' of Computers with Malware." Explain, Ryan.

Ryan Gallagher : Hi, Amy. Yeah, and the story we wrote last week, really, the key thing about it is the extent to which these techniques have really rapidly escalated in the last decade. And what we can see and what we reported was that, since about 2004, the National Security Agency has expanded the use of what it calls these "implants," which are sort of malicious software implants within computers and computer networks, and even phone networks, to basically steal data from those systems. About 10 years ago, they had, they say, about a hundred and a hundred and — between a hundred and 150 of these implants, but within the last decade that expanded to an estimated 100,000, in some reports, and they’re building a system to be capable of deploying "millions," in their own words, of these implants.

AG: The revelation around the issue of Facebook has led Facebook founder Mark Zuckerberg to call President Obama on Wednesday and demand an explanation. He later wrote in a blog post, quote, "I’ve been so confused and frustrated by the repeated reports of the behavior of the US government. When our engineers work tirelessly to improve security, we imagine we’re protecting you against criminals, not our own government."

RG: Yeah, and Mark Zuckerberg was definitely very agitated, we think, about the report and seems to have got on the phone to Obama. And interestingly, the NSA later issued a — actually claimed that they hadn’t impersonated U.S. websites. However, their own documents actually say that they pretended to be the Facebook server for this particular surveillance technique, so their denial sort of doesn’t really hold up to scrutiny when compared with their own documents. And there’s a bit of sort of a — you know, there’s questions to be asked about that.

AG: So how do people protect themselves?

RG: Well, I mean, the problem is, if you’re really in the NSA’s crosshairs or one of these surveillance agencies’ crosshairs, it’s very difficult to protect yourself against it. But there are all kinds of methods that people can use to reduce their level of risk. For instance, you know, using encryption technology can guard against all kinds of surveillance, and using certain kinds of operating systems, like the Linux operating system, can limit their ability to target you in this way. But yeah, you know, this is a problem, that they’re developing these technologies to deliberately circumvent, you know, privacy-enhancing tools, security tools that people use. And that’s what a lot of people are very worried about, because that poses a fundamental question for the security of the Internet.