NSA spying report shows what its elite hacking units can do

It sees you when Windows has crashed and you send the error report. In some cases, it sees you even when you’re not online. It, unsurprisingly, is the NSA, according to leaked internal documents seen by German magazine Der Spiegel. This is just the latest NSA spying report that again raises the question of whether tech companies can truly secure their customers’ information.

Spiegel introduces us to TAO, or the Office of Tailored Operations, as well as ANT, or Access Network Technology. They’re the National Security Agency’s elite hacking units, and Spiegel points out that their spying techniques range from new to old. One of the agency’s more traditional techniques is intercepting hardware shipments and installing malware on them before sending them along to their original intended destinations.

Similar to the report a couple of months ago that the NSA was secretly tapping into Google and Yahoo Internet traffic, the Spiegel report shows how the agency has gained backdoor access to its targets by exploiting the technology of companies such as Microsoft, Cisco, Huawei, Dell and others. And it seems to relish doing so: One internal slide shows an altered Microsoft Windows message, the kind you see when you’re urged to send an error report because your machine just crashed. Instead of “We have created an error report that you can help to improve Windows. We will treat this report as confidential and anonymous,” the dialog box reads, “This information may be intercepted by a foreign SIGINT system to gather detailed information and better exploit your machine.”

The report mentions that the NSA targets routers and names Cisco Systems, among other companies. In response, the San Jose-based networking giant said in a blog post Sunday that it has launched an investigation. “We are deeply concerned with anything that may impact the integrity of our products or our customers’ networks and continue to seek additional information.” And Cisco echoes what has now become a familiar refrain from tech companies that seem to be shell-shocked by some of the revelations that have trickled out since June: “We do not work with any government to weaken our products for exploitation, nor to implement any so-called security ‘back doors’ in our products.”

 

Photo: TAO, an elite hacking unit of the National Security Agency, does not work out of this Fort Meade, Md., building, but at an NSA office in San Antonio, Texas.  (Associated Press archives)

Levi Sumagaysay Levi Sumagaysay (3572 Posts)

Levi Sumagaysay is editor of the combined SiliconBeat and Good Morning Silicon Valley. She also blogs and is the online producer for SiliconValley.com, the Mercury News tech website. Email: lsumagaysay (at) bayareanewsgroup (dot-com).