classified documents show that the NSA was creating its own back doors — directly into Huawei’s networks.
The agency pried its way into the servers in Huawei’s sealed headquarters
According to N.S.A. documents provided by the former contractor Edward J. Snowden. It obtained information about the workings of the giant routers and complex digital switches that Huawei boasts connect a third of the world’s population, and monitored communications of the company’s top executives.One of the goals of the operation, code-named “Shotgiant,” was to find any links between Huawei and the People’s Liberation Army, one 2010 document made clear. But the plans went further: to exploit Huawei’s technology so that when the company sold equipment to other countries — including both allies and nations that avoid buying American products — the N.S.A. could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyberoperations.
N.S.A. analysts made clear that they were looking for more than just “signals intelligence” about the company and its connections to Chinese leaders; they wanted to learn how to pierce its systems so that when adversaries and allies bought Huawei equipment, the United States would be plugged into those networks. (The Times withheld technical details of the operation at the request of the Obama administration, which cited national security concerns.)
The N.S.A.’s operations against China do not stop at Huawei. Last year, the agency cracked two of China’s biggest cellphone networks, allowing it to track strategically important Chinese military units, according to an April 2013 document leaked by Mr. Snowden. Other major targets, the document said, are the locations where the Chinese leadership works. The country’s leaders, like everyone else, are constantly upgrading to better, faster Wi-Fi — and the N.S.A. is constantly finding new ways in.
Their targets, they noted, closely align with China’s stated economic and strategic directives. As China strove to develop drones and next-generation ballistic and submarine-launched missiles in recent years, the N.S.A. and its partners watched as one group of privately employed engineers based in Guangzhou in southern China pilfered the blueprints to missile, satellite, space, and nuclear propulsion technology from businesses in the United States, Canada, Europe, Russia and Africa.
And as China strove to make its own inroads on the web, officials said another group of private hackers infiltrated Google, Adobe and dozens of other global technology companies in 2010. Lately, the officials said, that group and its counterparts are also going after security firms, banks, chemical companies, automakers and even nongovernment organizations.
NSA workers not only succeeded in accessing the email archive, but also the secret source code of individual Huwaei products. Software source code is the holy grail of computer companies.
The classified posts reveal how the NSA official aspired to create a database that would function as an international hit list of sys admins to potentially target. Yet the document makes clear that the admins are not suspected of any criminal activity – they are targeted only because they control access to networks the agency wants to infiltrate. “Who better to target than the person that already has the ‘keys to the kingdom’?” one of the posts says.
The NSA wants more than just passwords. The document includes a list of other data that can be harvested from computers belonging to sys admins, including network maps, customer lists, business correspondence and, the author jokes, “pictures of cats in funny poses with amusing captions.” The posts, boastful and casual in tone, contain hacker jargon (pwn, skillz, zomg, internetz) and are punctuated with expressions of mischief. “Current mood: devious,” reads one, while another signs off, “Current mood: scheming.”
The author of the posts, is a network specialist in the agency’s Signals Intelligence Directorate, according to other NSA documents. The same author wrote secret presentations related to the NSA’s controversial program to identify users of the Tor browser – a privacy-enhancing tool that allows people to browse the Internet anonymously. The network specialist, who served as a private contractor prior to joining the NSA, shows little respect for hackers who do not work for the government. One post expresses disdain for the quality of presentations at Blackhat and Defcon, the computer world’s premier security and hacker conferences:
It is unclear how precise the NSA’s hacking attacks are or how the agency ensures that it excludes Americans from the intrusions. The author explains in one post that the NSA scours the Internet to find people it deems “probable” administrators, suggesting a lack of certainty in the process and implying that the wrong person could be targeted. It is illegal for the NSA to deliberately target Americans for surveillance without explicit prior authorization. But the employee’s posts make no mention of any measures that might be taken to prevent hacking the computers of Americans who work as sys admins for foreign networks. Without such measures, Americans who work on such networks could potentially fall victim to an NSA infiltration attempt.
The NSA declined to answer questions about its efforts to hack system administrators or explain how it ensures Americans are not mistakenly targeted. Agency spokeswoman Vanee’ Vines said in an email statement: “A key part of the protections that apply to both U.S. persons and citizens of other countries is the mandate that information be in support of a valid foreign intelligence requirement, and comply with U.S. Attorney General-approved procedures to protect privacy rights.”
The agency is working to aggressively scale its ability to break into computers to perform what it calls “computer network exploitation,” or CNE: the collection of intelligence from covertly infiltrated computer systems. Hacking into the computers of sys admins is particularly controversial because unlike conventional targets – people who are regarded as threats – sys admins are not suspected of any wrongdoing.
Once the agency believes it has identified a sys admin’s personal accounts, according to the posts, it can target them with its so-called QUANTUM hacking techniques. The Snowden files reveal that the QUANTUM methods have been used to secretly inject surveillance malware into a Facebook page by sending malicious NSA data packets that appear to originate from a genuine Facebook server. This method tricks a target’s computer into accepting the malicious packets, allowing the NSA to infect the targeted computer with a malware “implant” and gain unfettered access to the data stored on its hard drive.
“Just pull those selectors, queue them up for QUANTUM, and proceed with the pwnage,” the author of the posts writes.
In one case, these tactics were used by the NSA’s British counterpart, Government Communications Headquarters, or GCHQ, to infiltrate the Belgian telecommunications company Belgacom. As Der Speigel revealed last year, Belgacom’s network engineers were targeted by GCHQ in a QUANTUM mission named “Operation Socialist” – with the British agency hacking into the company’s systems in an effort to monitor smartphones.
While targeting innocent sys admins may be surprising on its own, the “hunt sys admins” document reveals how the NSA network specialist secretly discussed building a “master list” of sys admins across the world, which would enable an attack to be initiated on one of them the moment their network was thought to be used by a person of interest. One post outlines how this process would make it easier for the NSA’s specialist hacking unit, Tailored Access Operations (TAO), to infiltrate networks and begin collecting, or “tasking,” data:
Aside from offering up thoughts on covert hacking tactics, the author of these posts also provides a glimpse into internal employee complaints at the NSA. The posts describe how the agency’s spies gripe about having “dismal infrastructure” and a “Big Data Problem” because of the massive volume of information being collected by NSA surveillance systems. For the author, however, the vast data troves are actually something to be enthusiastic about.
“Our ability to pull bits out of random places of the Internet, bring them back to the mother-base to evaluate and build intelligence off of is just plain awesome!” the author writes. “One of the coolest things about it is how much data we have at our fingertips.”
Communications Security Establishment of Canada (CSEC), the secretive Ottawa-based agency that tracks foreign computer, radio and telephone communications. It is classified top secret.
Prepared in 2011, the document was shared with other members of the Five Eyes, CSEC’s alliance with counterparts from the United States, United Kingdom, Australia and New Zealand. A copy given to the U.S. National Security Agency would have been among those leaked by Mr. Snowden.
The spyware, which CSEC analysts code-named Snowglobe, collected its victims’ e-mails.
It was detected in targets in Canada, Spain, Greece, Norway, Ivory Coast and Algeria.
But the target appeared to be primarily in Iran, focusing on the country’s foreign ministry, the Atomic Energy Organization of Iran, the Iran University of Science and Technology and two Tehran schools heavily involved in nuclear research, Malek-E-Ashtar University of Technology and Imam Hussein University.
There was few other details about Snowglobe’s objectives outside Iran.
Under the headline “Victimology: Global,” the document lists one possible target among the Five Eyes country: “possible targeting of a French-language Canadian media organization.”
No further specifics are provided on the Canadian target.
The slide speculates that the French eavesdroppers targeted Greece because it is “possibly associated with [the] European Financial Association,” and they were interested in Algeria and Ivory Coast because they are former French colonies.
The memo outlines circumstantial evidence that led CSEC to conclude that Snowglobe was a French intelligence operation.
The program doesn’t fit a “cybercrime profile,” CSEC said.
Also, CSEC analysts noted that the spyware’s programmer left his or her username amid the computer coding: “Titi,” a French diminutive or “colloquial term for a small person.”
Furthermore, the program’s internal name was “Babar,” an elephant character in a popular French children’s book.
The slide presentation concludes with the revelation that CSEC has now detected a more sophisticated version of the software, dubbed Snowman, which its programmers haven’t yet been able to crack.
Le Monde cited anonymous French diplomatic and intelligence sources saying that France used to have to rely on the United States and Israel for its insights about Iran. However, between 2006 and 2010, French signals intelligence agents developed a computer-spying capacity that now allows them to trade sensitive information with their American, British, German and Israeli counterparts.
France’s intelligence services may be behind an e-mail spying operation that was aimed at Iran’s nuclear program but also ensnared other targets, including a francophone Canadian media outlet, says a report in the French newspaper Le Monde.
Relying on a document leaked by the former intelligence contractor Edward Snowden, the newspaper said Canada’s electronic spying agency uncovered the French spying software in November 2009.
Spying: How Orange and intelligence services cooperate
According to an internal document of the British secret service technical (GCHQ), the equivalent of the U.S. National Security Agency (NSA), the DGSE has a close cooperation with “a French telecommunications operator.” The length of their relationship, the description of the specific expertise of the company as well as the investigation of the World used to conclude that it is France Telecom- Orange .
According to GCHQ, the DGSE and the French incumbent work together to improve the national interception networks communication skills and work together to break the encryption of data flowing through the network. France Telecom is a major player in the surveillance system in France.
DATA COLLECTION FREE OF CONTROL
This note, taken from the archives of the NSA by her ex-consultant Edward Snowden, ensures that the relationship between the French DGSE and the operator is a major advantage over its Western counterparts. One of the strengths of the DGSE lies in the fact that not only the permissions granted by the legislature to access customer data from France Telecom- Orange . It has especially without the knowledge of control, a free and access total to networks and data flow passing through.
This free collection of control, through the French operator on massive data concerning both French and foreigners. It is used by the DGSE, which puts it at the disposal of all French intelligence agencies to track the sharing of technical information and its database. These data are also shared with foreign allies such as GCHQ. Finally, the French operator develops, in partnership with the DGSE, research in cryptology.
At the highest level of the State, in France, we refuse to comment, but it tells the world that if the public authority became a minority (27%) in the capital of France Telecom, the oldest French operator still considered “a public service delegation.” The expertise of the company, which was first administration, contributes in an essential way, “as now” on homeland security and autonomy of decision of the French leaders.
“The relationship between France Telecom and the DGSE is not the same as that found in the Prism NSA program, which has contractual relationships with Internet giants, says a former chief of French intelligence service. In France is consubstantial. “There is no formalization of this cooperation between the DGSE and France Telecom-Orange. It is worn by persons authorized secret- defense within the company, and perpetuated for at least thirty years by engineers who commute between the two institutions.
“INTERNAL USE AND UNOFFICIAL”
Daily in the company, this link is managed by a very small number of people in three services. Management networks in the first place, manages, including the so-called “landing” stations, where Telecom-Orange submarine cables affecting France France berth and transit of the massive flows of data collected. Presorting can easily be carried out in different countries and regions of origin, and everything is stored in the premises of the DGSE.
“The mass transit data is stored for internal and unofficial usage, details a frame attached to the management of networks. But the focal point is the access provider, like that, you cross traffic of the data and the identity of those who exchange. It is for this reason that the DGSE is in contact with all French operators. “
DGSE also relies on international direction of the operator, which operates subsidiaries mobile abroad. Orange plays in some cases a strategic role. He has accompanied the French military operations in Mali and the Central African Republic . Finally, security management, guarded ancient art direction of the DGSE hunting is the main interlocutor of the secret services. It ensures, with Orange Business Services, on issues of data protection and decryption.
Asked the boss of Orange, Stéphane Richard, stated that “persons authorized secret defense may have to manage within the company, the relationship with the State services including access to networks, but they do not have to let me see . All this is done under the responsibility of public authorities within a legal framework. “ DGSE has refused to comment.
Sources: https://firstlook.org/theintercept/article/2014/03/20/inside-nsa-secret-efforts-hunt-hack-system-administrators/ , http://www.nytimes.com/2014/03/23/world/asia/nsa-breached-chinese-servers-seen-as-spy-peril.html , http://s3.documentcloud.org/documents/1094880/huawei-powerpoint-slides.pdf , http://translate.google.com/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fwww.lemonde.fr%2Finternational%2Farticle%2F2014%2F03%2F20%2Fdgse-orange-des-liaisons-incestueuses_4386264_3210.html&act=url , http://www.theglobeandmail.com/news/national/french-spy-software-targeted-canada-report/article17608109/#dashboard/follows/
You’ve just read New Snowden Leaks 3/20/14 – 3/23/14 Email Spying Program, NSA Targets, Hacking System Administrators, Orange