DCSIMG

NSA can spy on computers when they’re not online

A computer workstation bears the National Security Agency (NSA) logo. Picture: AFP/Getty

A computer workstation bears the National Security Agency (NSA) logo. Picture: AFP/Getty

  • by DANIEL BATES IN NEW YORK
 

The US National Security Agency (NSA) has put spying software on 100,000 computers around the world that allows it to monitor them even if they are not connected to the internet, it was claimed yesterday.

The NSA is said to have developed a secret technology that uses radio waves to get past computer security and allows surveillance via a field station the size of a briefcase from up to eight miles away.

It is not clear if any of the affected machines are in the UK, but given the close co-operation between the two countries’ intelligence services, it would be surprising if not.

The claims in the New York Times give an astonishing insight into the methods used by the NSA to carry out its aims.

The government spy agency has since 2008 built a “digital highway” that would allow it to mount cyber-attacks around the globe from a network of machines.

Officials, speaking on condition of anonymity, used the Cold War analogy of submarines silently tracking other submarines, and claimed that it happened “all the time”.

The system works by agents or unwitting users inserting a USB card with a transmitting chip into the computer. Another method is to hide the chip in the cable that the target uses to connect to the internet.

When the computer is turned on, data is transmitted to the field station on an encrypted radio frequency and is then sent on to the NSA.

The NSA calls these efforts an “active defence” and says it has used them to monitor the Russian military, the Chinese army, drug cartels and countries such as Saudi Arabia and Pakistan.

But EU trade partners have also been put under surveillance using the programme, which is code-named Quantum.

It had previously been reported that the NSA had carried out 50,000 such “implants” but the real number is double that, the New York Times reported.

James Andrew Lewis, cybersecurity expert at the Centre for Strategic and International Studies in Washington, said: “What’s new here is the scale and the sophistication of the intelligence agency’s ability to get into computers and networks to which no one has ever had access before.

“Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the US a window it’s never had before.”

The details were revealed in documents leaked by former NSA contractor Ed Snowden and suggest that nowhere is safe from the spying.

The Guardian, which has reported much of the Snowden material, was so determined not to be monitored that it set up a special room with computers that were not connected to the internet to go through the files.

According to previous reports, Britain’s spying agency GCHQ has worked extensively with the NSA and helped install tracking software at the Belgian telecom provider Belgacom. It was then used to tap customers’ phone and data traffic.

The disclosure comes ahead of tomorrow’s announcement by US president Barack Obama about changing the practices of the NSA.

Mr Obama assembled an advisory panel in the wake of the Snowden revelations and will reportedly agree to its recommendation of increased limits on the NSA’s bulk collection of telephone data.

He will also supposedly give non-US citizens tighter safeguards and create a public advocate to speak at secret courts the NSA uses to get approval for surveillance.

NSA spokeswoman Vanee Vines said in a statement: “NSA activities are focused and specifically deployed against – and only against – valid foreign intelligence targets in response to intelligence requirements.”

In a thinly-veiled jab at China, which has been accused of using hackers for industrial espionage, she added: “We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies.”

 

Comments

 
 

Back to the top of the page