The NSA, in collaboration with the CIA and FBI, routinely and secretly intercept shipping deliveries for laptops and PCs purchased online in order to install spy malware and bugs before they reach their owners.
According to a new report from Der Spiegel based on internal NSA documents, the intelligence agency’s elite hacking unit (TAO) is able to divert online shipping deliveries to its own “secret workshops” in a method they call interdiction.
Agents then install malware and spy bugs onto the laptops and PCs, giving US intelligence agencies remote access to the electronic devices, before re-sending the shipping delivery to its owner.
The Verge reports: One of the products the NSA appears to use to compromise target electronics is codenamed COTTONMOUTH, and has been available since 2009; it’s a USB “hardware implant” that secretly provides the NSA with remote access to the compromised machine.
This tool, among others, is available to NSA agents through what Der Spiegel describes as a mail-order spy catalog. The report indicates that the catalog offers backdoors into the hardware and software of the most prominent technology makers, including Cisco, Juniper Networks, Dell, Seagate, Western Digital, Maxtor, Samsung, and Huawei.
Many of the targets are American companies. The report indicates that the NSA can even exploit error reports from Microsoft’s Windows operating system; by intercepting the error reports and determining what’s wrong with a target’s computer, the NSA can then attack it with Trojans or other malware.
In response to Der Spiegel’s report, Cisco senior vice president John Stewart wrote that “we are deeply concerned with anything that may impact the integrity of our products or our customers’ networks,” and that the company does “not work with any government to weaken our products for exploitation.“
Other US companies have fired back against reports of NSA tampering in recent months, including Microsoft, which labeled the agency an “advanced persistent threat“ over its efforts to secretly collect private user data within the internal networks of Google and Yahoo.
The Der Spiegel report, which gives a broad look at TAO operations, also highlights the NSA’s cooperation with other intelligence agencies to conduct Hollywood-style raids. Unlike most of the NSA’s operations which allow for remote access to targets, Der Spiegel notes that the TAO’s programs often require physical access to targets.
To gain physical access, the NSA reportedly works with the CIA and FBI on sensitive missions that sometimes include flying NSA agents on FBI jets to plant wiretaps. “This gets them to their destination at the right time and can help them to disappear again undetected after even as little as a half hour’s work,” the report notes.
The NSA currently faces pressure from the public, Congress, federal courts, and privacy advocates over its expansive spying programs. Those programs, which include bulk telephone surveillance of American citizens, are said by critics to violate constitutional protections against unreasonable searches, and were uncovered earlier this year by whistleblower Edward Snowden.
Beyond the programs that scoop up data on American citizens, Snowden’s documents have also given a much closer look at how the spy agency conducts other surveillance operations, including tapping the phones of high-level foreign leaders.