Implanted Eyes: NSA Puts Radio Spyware Inside Computers
Latest reporting based on Snowden documents reveals agency can even spy on computers not connected to internet
According to the New York Times, and based on input from security officials and documents leaked by whistleblower Edward Snowden, the NSA has "implanted software in nearly 100,000 computers around the world" allowing it to spy on devices not connected to the internet using radio signals and creating clandestine surveillance networks.
The Times reports:
While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.
The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.
The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.
The NSA program is called Quantum, which the NSA has only been used on "valid foreign intelligence targets" but refused to discuss with the Times the overall scope of the program.
Here's what it looks like (click for larger image):
“What’s new here is the scale and the sophistication of the intelligence agency’s ability to get into computers and networks to which no one has ever had access before,” said James Andrew Lewis, the cybersecurity expert at the Center for Strategic and International Studies in Washington. “Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the U.S. a window it’s never had before.”