NSA 'hijacks' botnets to install spyware

2014-03-13 09:00
(File, AFP)

(File, AFP)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

San Francisco - While US law enforcement agencies have long tried to stamp out networks of compromised computers used by cyber criminals, the National Security Agency has been hijacking the so-called botnets as a resource for spying.

The NSA has "co-opted" more than 140 000 computers since August 2007 for the purpose of injecting them with spying software, according to a slide leaked by former NSA contractor Edward Snowden and published by The Intercept news website on Wednesday.

Botnets are typically used by criminals to steal financial information from infected machines, to relay spam messages, and to conduct "denial-of-service" attacks against websites by having all the computers try to connect simultaneously, thereby overwhelming them.

In November, Federal Bureau of Investigation Director James Comey told the Senate that botnets had "emerged as a global cyber security threat" and that the agency had developed a "comprehensive public-private approach to eliminate the most significant botnet activity and increase the practical consequences for those who use botnets for intellectual property theft or other criminal activities".

According to the NSA slide published by The Intercept, one technique the intelligence agency used was called Quantumbot, which "finds computers belonging to botnets, and hijacks the command and control channel". The program was described as "highly successful".

Eavesdropping capability

Reuters reported in May that US agencies had tapped botnets to harvest data from the machines' owners or to maintain the ability to issue the infected computers new commands.

The slide leaked by Snowden is the first confirmation of the practice, and underscores the complications for the NSA of balancing its major mission of providing eavesdropping capability with the less well-funded missions of protecting critical national assets and assisting law enforcement.

The Top Secret slide was marked for distribution to the "Five Eyes" intelligence alliance, which includes the US and Britain.

The NSA declined to confirm or deny the existence of the programme. It is not known if the botnets hijacked by the agency were in other counties or in the United States, or if the botnets could have been recaptured by criminals.

Many botnet operations disable the machines' security software, leaving them vulnerable to new attacks by others.

In a written statement, an NSA spokesperson said: "As the President affirmed on 17 January, signals intelligence shall be collected exclusively where there is a foreign intelligence or counterintelligence purpose to support national and departmental missions, and not for any other purposes.

"Moreover, Presidential Policy Directive 28 affirms that all persons - regardless of nationality - have legitimate privacy interests in the handling of their personal information, and that privacy and civil liberties shall be integral considerations in the planning of US signals intelligence activities."

Wide scope

The Intercept article and supporting slides showed that the NSA had sought the means to automate the deployment of its tools for capturing e-mail, browsing history and other information in order to reach as many as millions of machines.

It did not say whether such widespread efforts, which included impersonating web pages belonging to Facebook and other companies, were limited to computers overseas.

If it did pursue US computers, the NSA also could have minimised information about those users.
Read more on:    nsa  |  us  |  cybercrime  |  online privacy
NEXT ON NEWS24X
SHARE:

Read News24’s Comments Policy

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
0 comments
Add your comment
Comment 0 characters remaining

Inside News24

 
/News

Jobs in Cape Town [change area]

Property [change area]

Travel - Look, Book, Go!

Kalahari.com - shop online today

Deal of the week!

Petrol generators from R1399, save up to R350. While stocks last. Shop now!

30% off Pampers!

Save 30% when you buy 3 or more selected pampers products. While stocks last. Shop now!

This week only - 30% off books!

Get 30% off when you buy 2 or more books. Many titles to choose from. While stocks last. Shop now!

New range of Samsung smartphones!

Samsung Galaxy A3, A5 and Alpha now available at kalahari.com. while stocks last. Shop now!

Buy 3 eBooks & only pay for 2!

The cheapest of the 3 titles will be free. Many more titles to choose from. While stocks last. Shop now!

Horoscopes
Aquarius
Aquarius

You are on form and you may like an audience to share your ideas and concepts with. Drama and creativity flavour your...read more

There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.




Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.