Security Advisor

Documents Shed Light on NSA Surveillance Tools

Plus: The security agency is actively researching encryption-breaking quantum computing technology.

Predictably, the latest NSA leaks are being met once again with strong words of condemnation from those large tech firms in the middle of the news. This time it's Cisco, Apple and Dell.

In a report filed by the German news magazine Der Spiegel last week, the publication provided some details on the National Security Agency's Tailored Access Operations (TAO) unit, a group created to insert backdoors into telecommunications devices and networks, including Cisco routers, iPhones, and the BlackBerry network.

According to Der Spiegal, this subgroup " the NSA's top operative unit -- something like a squad of plumbers that can be called in when normal access to a target is blocked." And to get access to these blocked targets, actions included placing and monitoring software and custom firmware, deploying cyber attacks on targeted systems and instigating in traditional espionage to get "...access to our very hardest targets," according to a former TAO chief that was quoted in the leaked documents viewed by Der Spiegal.

TAO has at its disposal the ability to order tech that will help it bypass security features in hardware from Cisco and Dell, according to a leaked 50-page document that, according to Der Spiegal, reads more like a consumer catalog.

"Some of the equipment available is quite inexpensive," read the news report. "A rigged monitor cable that allows "TAO personnel to see what is displayed on the targeted monitor," for example, is available for just $30. But an 'active GSM base station' -- a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones -- costs a full $40,000."

While many of the tools at the NSA's disposal are specific manufacturer hardware -- one such tool can attack the firmware found in Seagate, Western Digital and Samsung hard drives, another tool called "Jetplow" can be implanted in Cisco networks to bypass firmware -- there was no information found that linked the manufacturers with working closely with government officials to create these tools.

Manufacturers connected to the latest leaks, including Dell and Cisco, are publically denouncing the actions of the NSA and will investigate all security related issues.

"We take very seriously any issues that may impact the integrity of our products or customer security and privacy," said Dell in a released statement. "Should we become aware of a possible vulnerability in any of Dell's products we will communicate with our customers in a transparent manner as we have done in the past."

Cisco also released a similar statement and reiterated that it doesn't work with any government agency " weaken our products for exploitation, nor to implement any so-called security 'back doors' in our products," wrote Cisco Senior Vice President John Stewart in a blog post.

NSA Developing Encryption-Breaking Quantum Computer
According to additional documents obtained by The Washington Post, the NSA is continuing to develop new technology to add to its catalog of tools. In a set of reports obtained from former NSA contractor Edward Snowden, the security agency is actively working towards " "a cryptologically useful quantum computer" that would be capable of breaking all present forms of encryption used online.

While the development of a quantum computer would basically give the NSA access to any and all encrypted data, it doesn't appear the government agency's attempts are close to making any sort of breakthrough. And, even though there have been institutes that have made gains in quantum computers, including European Union-sponsored labs, the practicality and timeframe in which a working model could be developed is vague due to the incredibly complex science behind it all.

However, while the development of an actual working quantum computer, either by the NSA or another institute, may be decades away, the fact that the NSA has devoted almost $80 million in its research on the topic should not be ignored, said Daniel Lidar, a professor of electrical engineering and the director of the Center for Quantum Information Science and Technology at the University of Southern California.

"The irony of quantum computing is that if you can imagine someone building a quantum computer that can break encryption a few decades into the future, then you need to be worried right now," said Lindar to The Washington Post.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.


comments powered by Disqus

Subscribe on YouTube