Der Spiegel – TAO hacking elite unit and NSA backdoor catalog revealed

Der Spiegel revealed that the TAO unit of NSA planted backdoors to access computers, hard drives, routers, and other devices from principal vendors.

Germany’s Der Spiegel has published another disturbing article on the NSA surveillance activities, the media agency has published an internal NSA catalog that offers spies backdoors into a wide range of equipment from major vendors.

The catalog includes backdoor for hard drives from Western Digital, Seagate, Maxtor and Samsung, for Juniper Networks firewalls, networking appliances from Cisco and Huawei, and unspecified equipment from Dell.

The backdoors appear to be the result of a high sophisticated hacking and cracking operations conducted by NSA,  all the product offered are designed by the Advanced/Access Network Technology (ANT) division of the NSA’s Tailored Access Operations (TAO) elite hacker unit.

Der Spiegel also reports that the ANT division of TAO has built capabilities to infect BIOS firmware of targeted systems for long-term cyber espionage.

The catalog includes base stations for fooling mobile networks and cellphones ($40,000), bugs disguised as USB plugs ($20,000) and also cheaper rigged monitor cables for spying on targets’ monitors.

“The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000. In the case of Juniper, the name of this particular digital lock pick is “FEEDTROUGH.” This malware burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers. Thanks to FEEDTROUGH, these implants can, by design, even survive “across reboots and software upgrades.” In this way, US government spies can secure themselves a permanent presence in computer networks. The catalog states that FEEDTROUGH “has been deployed on many target platforms.”

The TAO unit is a specialized  hacking unit already introduced when documents leaked by Snowden mentioned the existence of the FoxAcid infrastructure and the infiltration of more over 50000 foreign networks with malware based attacks. The secret team was also cited as support unit for the attack against Belgacom organized by the UK Intelligence.

The article also reveals how the NSA and its allies tapped major undersea cables analyzing bulk internet traffic.

“One document labeled “top secret” and “not for foreigners” describes the NSA’s success in spying on the “SEA-ME-WE-4” cable system. This massive underwater cable bundle connects Europe with North Africa and the Gulf states and then continues on through Pakistan and India, all the way to Malaysia and Thailand. The cable system originates in southern France, near Marseille. Among the companies that hold ownership stakes in it are France Telecom, now known as Orange and still partly government-owned, and Telecom Italia Sparkle.

The document proudly announces that, on Feb. 13, 2013, TAO “successfully collected network management information for the SEA-Me-We Undersea Cable Systems (SMW-4).” With the help of a “website masquerade operation,” the agency was able to “gain access to the consortium’s management website and collected Layer 2 network information that shows the circuit mapping for significant portions of the network.” reveals Der Spiegel.

The revelations on NSA surveillance and hacking activities are a never ending story, Glenn Greenwald, the journalist at the Guardian who first collaborated with Snowden to disclose the secret document in a video speech to the Chaos Communication Congress (CCC) in Hamburg on Friday declared:

“There are a lot more stories to come, a lot more documents that will be covered. It’s important that we understand what it is we’re publishing, so what we say about them is accurate.”

Let me suggest to watch it.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs –  NSA TAO hacking elite unit, surveillance)

[adrotate banner=”5″]

[adrotate banner=”13″]