Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

General Discussion

Showing Original Post only (View all)


(84,711 posts)
Sat Mar 22, 2014, 11:21 AM Mar 2014

HEADS UP "Systems Admins!"-- How the NSA Targets Those of You with 'Keys to Digital Kingdoms' [View all]

Last edited Sun Mar 23, 2014, 03:17 PM - Edit history (1)

How the NSA Targets Those with 'Keys to Digital Kingdoms'
Though accused of no wrongdoing whatsoever, spy agency targets personal computers of individuals whose job it is to protect online networks
- Jon Queally, staff writer

The latest reporting from The Intercept reveals how individuals across the world who work as 'system administrators' for computer and online networks had their personal computers and digital information targeted by National Security Agency hacking units as a way for the agency to gain access to the systems they controlled.

“Our ability to pull bits out of random places of the Internet, bring them back to the mother-base to evaluate and build intelligence off of is just plain awesome!” —NSA employee

Though those targeted were not suspected of any wrong doing whatsoever, internal NSA documents provided by NSA whistleblower Edward Snowden show that these people, called "sys admins" for short, had their email and Facebook accounts tracked as the government hackers tried to access their "network maps, customer lists, [and] business correspondence."

The overall effort by the NSA relates to previously reported programs based on Snowden documents that show efforts by the US surveillance agency and their British counterparts at the GCHQ to gain direct access to "foreign network routers" and other digital systems without the companies or governments who control those networks knowing. “Who better to target than the person that already has the ‘keys to the kingdom’?” asks one NSA-employed hacker in a post cited by The Intercept.

Strikingly, according to the reporting by journalists Ryan Gallagher and Peter Maass, these internal NSA "posts" were written by an individual NSA employee thought to be a contract "network specialist" with a highly "boastful and casual tone," describing how bits of personal data—like "pictures of cats in funny poses with amusing captions"—could also be harvested alongside information related to the professional work of the targeted sys admin. The posts are full of "hacker jargon (pwn, skillz, zomg, internetz)" and "punctuated with expressions of mischief" such as “Current mood: devious.” Another reads: “Current mood: scheming.”

Gallagher and Maass report:

It is unclear how precise the NSA’s hacking attacks are or how the agency ensures that it excludes Americans from the intrusions. The author explains in one post that the NSA scours the Internet to find people it deems “probable” administrators, suggesting a lack of certainty in the process and implying that the wrong person could be targeted. It is illegal for the NSA to deliberately target Americans for surveillance without explicit prior authorization. But the employee’s posts make no mention of any measures that might be taken to prevent hacking the computers of Americans who work as sys admins for foreign networks. Without such measures, Americans who work on such networks could potentially fall victim to an NSA infiltration attempt.

Here's how it works:

The first step, according to the posts, is to collect IP addresses that are believed to be linked to a network’s sys admin. An IP address is a series of numbers allocated to every computer that connects to the Internet. Using this identifier, the NSA can then run an IP address through the vast amount of signals intelligence data, or SIGINT, that it collects every day, trying to match the IP address to personal accounts.

“What we’d really like is a personal webmail or Facebook account to target,” one of the posts explains, presumably because, whereas IP addresses can be shared by multiple people, “alternative selectors” like a webmail or Facebook account can be linked to a particular target. You can “dumpster-dive for alternate selectors in the big SIGINT trash can” the author suggests. Or “pull out your wicked Google-fu” (slang for efficient Googling) to search for any “official and non-official e-mails” that the targets may have posted online.

Once the agency believes it has identified a sys admin’s personal accounts, according to the posts, it can target them with its so-called QUANTUM hacking techniques. The Snowden files reveal that the QUANTUM methods have been used to secretly inject surveillance malware into a Facebook page by sending malicious NSA data packets that appear to originate from a genuine Facebook server. This method tricks a target’s computer into accepting the malicious packets, allowing the NSA to infect the targeted computer with a malware “implant” and gain unfettered access to the data stored on its hard drive.

“Just pull those selectors, queue them up for QUANTUM, and proceed with the pwnage,” the author of the posts writes. (“Pwnage,” short for “pure ownage,” is gamer-speak for defeating opponents.) The author adds, triumphantly, “Yay! /throws confetti in the air.”

In a final detail worth noting, The Intercept describe how the NSA posts contained in the slides reveal the internal debate at the agency over the sheer volume of data being collected by their various surveillance techniques. Whereas some agents criticized the poor infrastructure and its inability to handle so much data from around the globe, other employees celebrated what has become known as the NSA's "collect it all approach" to the world of online surveillance.

“Our ability to pull bits out of random places of the Internet, bring them back to the mother-base to evaluate and build intelligence off of is just plain awesome!” the author writes. “One of the coolest things about it is how much data we have at our fingertips.”

This work is licensed under a Creative Commons Attribution-Share Alike 3.0 License.

31 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Yet people still defend this Aerows Mar 2014 #1
This is the behavior of criminals. woo me with science Mar 2014 #2
It shows that there is a culture within the NSA Aerows Mar 2014 #3
It's a culture. That seems exactly right. woo me with science Mar 2014 #13
the next logical step form here is blackmail tk2kewl Mar 2014 #7
Or they use this illegally obtained data Aerows Mar 2014 #20
That's what many of us thought when the KoKo Mar 2014 #21
They really think they're a separate and superior branch of government. jsr Mar 2014 #10
k&r RandiFan1290 Mar 2014 #4
Why are Americans the enemy of their own government? Oilwellian Mar 2014 #5
What a joke, that any of this has anything to do with terrorism. woo me with science Mar 2014 #12
Hence their need for this: Oilwellian Mar 2014 #15
Fabricating evidence trails to arrest Americans. woo me with science Mar 2014 #16
I can understand their concern... PoliticAverse Mar 2014 #6
Link to the Intercept Article Luminous Animal Mar 2014 #8
Thanks for posting it! KoKo Mar 2014 #11
"...individuals across the world..." randome Mar 2014 #9
here's a better article Rumold Mar 2014 #14
Thank you for posting that article again. woo me with science Mar 2014 #18
Here's an FBI agent Aerows Mar 2014 #19
Um, there is no evidence, just something a former FBI agent said -without evidence. randome Mar 2014 #22
I trust what an FBI agent says and a Federal judge Aerows Mar 2014 #23
As if the rest of the world have no rights. USA! USA! Luminous Animal Mar 2014 #17
in the actual document this article is talking about Egnever Mar 2014 #27
Kick. Aerows Mar 2014 #24
Kick woo me with science Mar 2014 #25
Kick for the DU NIGHT TECH Crowd... KoKo Mar 2014 #26
No doubt Aerows Mar 2014 #28
Another... KoKo Mar 2014 #30
Recommended Autumn Mar 2014 #29
Joseph Goebbels wildest dreams are now reality. L0oniX Mar 2014 #31
Latest Discussions»General Discussion»HEADS UP "Systems Ad...