NSA compromised more than 50000 networks with malware

A new report based on documents leaked by Snowden revealed that the NSA placed malicious software on more than 50000 networks around the world.

The NSA infected more than 50000 networks worldwide with malicious software designed to steal sensitive information. The large-scale cyber espionage operation was revealed once again by documents provided by former NSA consultant Edward Snowden according to Dutch media outlet NRC.

“The NSA declined to comment and referred to the US Government. A government spokesperson states that any disclosure of classified material is harmful to our national security.” reported NRC.

The news is not surprising but once again raises the debate on the effrontery US surveillance program that created a complex and efficient global spying machine.

The documents include a presentation dated 2012 that details how the NSA operates worldwide to steal information exploiting Computer Network Exploitation (CNE) in more than 50000 networks.

Computer Network Exploitation is a secret system malware based used to compromise the computers within targeted networks and steal sensitive data. Security experts believe that the telecoms were the most likely targets for the malware, they are confident that the CNE was used in September 2013 to hack the Belgium telecom provider Belgacom. The GCHQ (British Government Communications Headquarters) used fake LinkedIn and Slashdot to hack Belgacom, OPEC & others GRX providers, the cyber espionage operation was conducted to install malware in the Belgacom network in order to tap their customers’ communications and data traffic.

NSA’s Computer Network Operations program describes Computer Network Exploitation as a key part of the program’s mission that “includes enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks.”

The slides recently published report on top and bottom a stripe reads, “REL TO USA, AUS, CAN, GBR, NZL”, known as five eyes nations that include the U.S., U.K., Canada, Australia, and New Zealand. Those countries work together conducting intelligence operations and sharing the same orientation on surveillance matter, they recently were opposed to the United Nations’ anti-surveillance, right-to-privacy draft resolution called “The Right to Privacy in the Digital Age“.

The US hacking campaigns are performed by a special department of US cyber units known as called TAO (Tailored Access Operations) that I also mentioned when I described the FOXACID architecture. TAO employs more than a thousand high profile hackers, in August the Washington Post reported that the NSA installed an estimated 20,000 ‘implants’ as early as 2008, by mid-2012 this number had more than doubled to 50,000.

The malware used for cyber espionage are software agents that could remain undetected for a long time, the NSA-presentation shows their CNE-operations in countries such as Venezuela and Brazil.

Since now the NSA declined to comment and referred to the US Government, the NRC concludes its article remarking that the Dutch government’s intelligence service has also its own hacking unit, but that it’s prohibited by law the hack on foreign networks to conduct similar cyber operations.

Pierluigi Paganini

(Security Affairs – NSA, 50000 networks)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

6 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

17 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

21 hours ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

1 day ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

1 day ago

Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to…

1 day ago

This website uses cookies.