General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsThe NSA reportedly poses as Facebook to spread malware
After failing to infect targets with malware in spam emails, the U.S. National Security Agency has reportedly turned to Facebook.
According to a report by The Intercept, the NSA disguises itself as a fake Facebook server to perform man-in-the-middle and man-on-the-side attacks and spread malware. The Intercept is the first in a series of publications created by Pierre Omidyars First Look Media.
Journalists Ryan Gallagher and Glenn Greenwald claim that Facebook users are tricked into visiting what looks like an ordinary Facebook page. From there, they claim, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive.
Facebook did not immediately respond to VentureBeats request for comment on the news. The Intercept offers the following details from Facebook:
Facebook spokesman Jay Nancarrow said the company had no evidence of this alleged activity. He added that Facebook implemented HTTPS encryption for users last year, making browsing sessions less vulnerable to malware attacks.
A purportedly official animation, uploaded on Vimeo, reveals how the NSA conducts the Facebook hack:
http://venturebeat.com/2014/03/12/the-nsa-reportedly-poses-as-facebook-to-spread-malware/
NSA surveillance initiative named Owning the Net.
Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.
The intelligence communitys top-secret Black Budget for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named Owning the Net.
The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass a wider variety of networks and enabling greater automation of computer network exploitation.
Consequently, the NSA has turned to new and more advanced hacking techniques. These include performing so-called man-in-the-middle and man-on-the-side attacks, which covertly force a users internet browser to route to NSA computer servers that try to infect them with an implant.
To perform a man-on-the-side attack, the NSA observes a targets Internet traffic using its global network of covert accesses to data as it flows over fiber optic cables or satellites. When the target visits a website that the NSA is able to exploit, the agencys surveillance sensors alert the TURBINE system, which then shoots data packets at the targeted computers IP address within a fraction of a second.
In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the targets computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive. A top-secret animation demonstrates the tactic in action.
https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/
Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations disturbing. The NSAs surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.
When they deploy malware on systems, Hypponen says, they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.
http://www.f-secure.com/en/web/home_us/home?s_tnt=48484:1:0
G_j
(40,372 posts)so I am going to ignore this story...
Ichingcarpenter
(36,988 posts)i'm gonna ignore that you are going to ignore.
So there
WhaTHellsgoingonhere
(5,252 posts)and we know it's not legit because someone who has spent any time surfing the net would have named the operation "pwning the Net".
LiberalEsto
(22,845 posts)It seems to be that the NSA should be substantially shrunk and weakened, but who among our elected officials has the guts to try?
Ichingcarpenter
(36,988 posts)is that their constant growing crap could destroy the internet.
jsr
(7,712 posts)Hard to decide, ain't it?
Although Facebook (so far) lacks an enforcement arm that can arrest/imprison/torture/kill citizens, so they're the lesser evil here.
randome
(34,845 posts)Funny how these scare-mongering journalists never pose that question.
I bet there are detectives somewhere who are right now listening in to someone's phone calls!
[hr][font color="blue"][center]A ton of bricks, a ton of feathers. It's still gonna hurt.[/center][/font][hr]
Ichingcarpenter
(36,988 posts)the supreme court and Congress?
Russ Tice, Bush-Era Whistleblower, Claims NSA Ordered Wiretap Of Barack Obama In 2004
http://www.huffingtonpost.com/2013/06/20/russ-tice-nsa-obama_n_3473538.html
randome
(34,845 posts)Tice was unfairly treated by the Bush Administration. But every year or so he comes out now with a new revelation. He's starting to sound like someone trying to sell us something, IMO.
And none of this addresses my original point: why wouldn't a good journalist pose that question to his/her readers? Because his primary goal is to scare us.
[hr][font color="blue"][center]A ton of bricks, a ton of feathers. It's still gonna hurt.[/center][/font][hr]
questionseverything
(9,661 posts)The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system codenamed TURBINE is designed to allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.
In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the Expert System, which is designed to operate like the brain. The system manages the applications and functions of the implants and decides what tools they need to best extract data from infected machines.
Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations disturbing. The NSAs surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.
When they deploy malware on systems, Hypponen says, they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.
Hypponen believes that governments could arguably justify using malware in a small number of targeted cases against adversaries. But millions of malware implants being deployed by the NSA as part of an automated process, he says, would be out of control.
That would definitely not be proportionate, Hypponen says. It couldnt possibly be targeted and named. It sounds like wholesale infection and wholesale surveillance.
randome
(34,845 posts)But just because a system can scale up to that level doesn't mean it is doing so. Hell, I could write a computer virus tomorrow and it would be capable of being deployed to millions of PCs. The potential is always there, that's part of the Information Age we live in.
They're still talking about 'control implants by groups'. What groups? A terrorist cell in Pakistan? A drug cartel in Mexico? Curious minds would want to know that so as to have a fuller picture.
[hr][font color="blue"][center]A ton of bricks, a ton of feathers. It's still gonna hurt.[/center][/font][hr]
ancianita
(36,137 posts)hootinholler
(26,449 posts)The NSA is not a law enforcement agency.
I also bet your detectives are operating under an actual warrant, and not a fishing license.
randome
(34,845 posts)If you don't think the U.S. should spy on anyone, that's a valid opinion but not one that won't be shared by many.
They never ask supply this basic question: is what the NSA doing in this instance illegal? Most likely it isn't but why would a good journalist not at least throw that question out for our consideration? They don't want us to think about that for ourselves.
[hr][font color="blue"][center]You should never stop having childhood dreams.[/center][/font][hr]
hootinholler
(26,449 posts)I was thinking of NSA in a law enforcement meaning when you meant as a subject of investigation.
They can spy on the world, but they may not own the intertubes, which BTW, is a recently revealed goal of theirs.
Rex
(65,616 posts)voluntarily defends the NSA over every concern...they sometimes come out looking strange imo.
questionseverything
(9,661 posts)A man-in-the-middle attack is a similar but slightly more aggressive method that can be used by the NSA to deploy its malware. It refers to a hacking technique in which the agency covertly places itself between computers as they are communicating with each other.
This allows the NSA not only to observe and redirect browsing sessions, but to modify the content of data packets that are passing between computers.
The man-in-the-middle tactic can be used, for instance, to covertly change the content of a message as it is being sent between two people, without either knowing that any change has been made by a third party.
DJ13
(23,671 posts)Is there any malware scanner that can detect the malware used by the NSA?
Or are the scanner programmers compromised as well?
IDemo
(16,926 posts)# Block Facebook
127.0.0.1 www.facebook.com
127.0.0.1 facebook.com
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 www.static.ak.fbcdn.net
127.0.0.1 login.facebook.com
127.0.0.1 www.login.facebook.com
127.0.0.1 fbcdn.net
127.0.0.1 www.fbcdn.net
127.0.0.1 fbcdn.com
127.0.0.1 www.fbcdn.com
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 www.static.ak.connect.facebook.com
PhilSays
(55 posts)When they get the warrant, I'm sure it's very effective if the person connected to terrorism has a Facebook account.
erronis
(15,355 posts)ChisolmTrailDem
(9,463 posts)WillyT
(72,631 posts)woo me with science
(32,139 posts)These people are fascists.