NSA Intercepting Laptops Bought Online to Install Spy Malware

The NSA's TAO hacking unit is considered to be the intelligence agency's top secret weapon
Common Dreams
Dec. 29, 2013

This National Security Agency complex in San Antonio, Texas, located in a former Sony chip factory, is one of the central offices of the intelligence agency's Tailored Access Operations, the NSA's top operative unit. It's something like a squad of plumbers that can be called in when normal access to a target is blocked.

Germany's Der Spiegel is reporting Sunday that the US National Security Agency (NSA), working with the CIA and FBI, has been intercepting laptops and other electronics bought online before delivery to install malware and other spying tools.

According to Der Spiegel, the NSA diverts shipping deliveries to its own "secret workshops" to install the software before resending the deliveries to their purchasers.

Elite hackers working for the NSA's Tailored Access Operations (TAO) division are considered to be the intelligence agency's top secret weapon.

The NSA's TAO reportedly has backdoor access to many hardware and software systems from major tech companies such as Cisco, Dell, and Western Digital and others. The NSA exploits Microsoft Windows error reports to find weak spots in compromised machines in order to install Trojans and other viruses.

The Der Spiegel report also notes that the NSA has successfully tapped into some of the massive, under-sea fiber-optic cables that connect the global data infrastructure, in particular the “SEA-ME-WE-4″ cable system.

“This massive underwater cable bundle connects Europe with North Africa and the Gulf states and then continues on through Pakistan and India,” Der Spiegel reports, ”all the way to Malaysia and Thailand. The cable system originates in southern France, near Marseille. Among the companies that hold ownership stakes in it are France Telecom, now known as Orange and still partly government-owned, and Telecom Italia Sparkle.”

From Der Spiegel:

To conduct those types of operations, the NSA works together with other intelligence agencies such as the CIA and FBI, which in turn maintain informants on location who are available to help with sensitive missions. This enables TAO to attack even isolated networks that aren't connected to the Internet. If necessary, the FBI can even make an agency-owned jet available to ferry the high-tech plumbers to their target. This gets them to their destination at the right time and can help them to disappear again undetected after even as little as a half hour's work.

Responding to a query from SPIEGEL, NSA officials issued a statement saying, "Tailored Access Operations is a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies." The statement added that TAO's "work is centered on computer network exploitation in support of foreign intelligence collection." The officials said they would not discuss specific allegations regarding TAO's mission.

Sometimes it appears that the world's most modern spies are just as reliant on conventional methods of reconnaissance as their predecessors.

Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called "load stations," agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.

These minor disruptions in the parcel shipping business rank among the "most productive operations" conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks "around the world."

Even in the Internet Age, some traditional spying methods continue to live on.