Quantum of pwnness: How NSA and GCHQ hacked OPEC and others

Documents provided by former National Security Agency contractor Edward Snowden have revealed that the NSA and its partner, Great Britain’s GCHQ, have done a whole lot more than just passively monitor what passes over the Internet. Using their surveillance tools, the intelligence agencies have been able to identify and target individuals at organizations of interest—not just suspected terrorist cells.

The latest target of these “tailored access” efforts to come to light is OPEC, the Organization of Petroleum Exporting Countries. Brazil’s Petrobras, Belgium’s Belgacom, and many others have been targeted as well, based on documents provided by Snowden. According to a report in Der Spiegel, the NSA and GCHQ have had access to OPEC’s internal networks and systems since January of 2008, allowing the NSA to provide intelligence on individual members of OPEC and the countries’ negotiations and tactics. As with the GHCQ hack of engineers at Belgian telecom provider Belgacom, the infiltration of OPEC took advantage of partnerships with international telecommunications providers to reroute Internet traffic to and from targeted users within the organization, including Saudi Arabia’s OPEC governor, through network equipment controlled by the intelligence agencies. That allowed the NSA and GCHQ to perform “man-in-the-middle” attacks that let them install malware onto the target computers and gain access to OPEC’s internal network—even gaining administrative privileges for the network and access to file servers.

The attack, called a “Quantum insert,” is just part of an arsenal of network monitoring and attack tools that the NSA and GCHQ have created that have essentially turned the global Internet into a weapons system that can scan for, identify, target, and attack nearly anyone of interest who connects to Internet services across borders.

Read 14 remaining paragraphs | Comments


Ars Technica » Technology Lab