The U.S. National Security Agency (NSA) and the Pentagon have inserted software and hardware “implants” into nearly 100,000 computers around the world, according to a report in the New York Times late Tuesday.
Most of this effort appears involve surreptitiously sticking surveillance software into target PCs via the network, but some of it involved physical access. It’s hard to remotely target a so-called “air-gapped” computer that has no network access, so the NSA also uses small radio transceivers when it can, either in a tiny circuit board (which would suggest manufacturer involvement) or hidden in a USB plug. The transceivers communicate with equipment held by an NSA field operative, who can be up to 8 miles away.
These techniques were already revealed in a series of stories in Der Spiegel at the end of last year (that included the above picture). However, although it’s vague on the split between software and physical implants, the NYT story does add a sense of scale, along with a few other interesting details:
- The NYT knew about some of this back in the summer of 2012 – a year before the Snowden revelations began – when it reported on U.S. attacks against Iranian nuclear facilities. However, it withheld the information “at the request of American intelligence officials”.
- The Chinese military is a major target, particularly the elements that conduct “cyber-attacks”. Official sources told the NYT that these implants are generally used to detect incoming threats.
- The U.S. “set up two data centers in China – perhaps through front companies – from which it can insert malware into computers.”
That last bit apparently comes from the Snowden documents, and to be honest, even though it doesn’t name names or locations, I feel a bit squeamish about its revelation. That said, given the amount of interaction the writers of the piece clearly had with senior sources in the NSA and U.S. military, I would hope that anyone who might worry as a result of publication had plenty of warning.