NSA denies infecting millions of PCs with malware, says reports it spoofed websites are wrong

NSA denies infecting millions of PCs with malware, says reports it spoofed websites are wrong

Summary: The US National Security Agency (NSA) has denied claims that it conducts indiscriminate hacking and says it doesn’t impersonate US social media or websites.

SHARE:
TOPICS: Security, Malware
17

Just because the NSA has the systems to hijack millions of computers across the world, it doesn't mean it's actually doing so, the US spy agency has said.

"Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating US social media or other websites, are inaccurate," the NSA said in a statement to media yesterday.

The statement followed reports based on classified NSA documents from whistleblower Edward Snowden that revealed the existence of Turbine, an NSA system that allowed the agency to perform automated control malware implants "by groups instead of individually".

The Turbine capabilities appeared around 2009, marking a departure from its old approach where manually deployed implants were reserved for targets that couldn’t be monitored through traditional wiretaps, according to the report on Tuesday by The Intercept.

According to the report, Turbine was built to compensate for the human limitations around hacking at scale. Turbine became part of its elite hacking squad, the Tailored Access operations unit, enabling it conduct "industrial-scale exploitation" and manage "millions of implants".

The Intercept's report did not allege NSA actually used the system to infect millions of people's computers and points to previous reports based on Snowden documents that put the number of implants deployed by the agency at between 85,000 to 100,000.

And while Turbine may make it capable of attacking users by group rather than individually, the NSA has denied it operates indiscriminate cyber attacks. It also appears to have denied a claim that it had spoofed a Facebook server to phish its targets.

"NSA's authorities require that its foreign intelligence operations support valid national security requirements, protect the legitimate privacy interests of all persons, and be as tailored as feasible. NSA does not use its technical capabilities to impersonate U.S. company websites. Nor does NSA target any user of global Internet services without appropriate legal authority. Reports of indiscriminate computer exploitation operations are simply false," it said.

"NSA uses its technical capabilities only to support lawful and appropriate foreign intelligence operations, all of which must be carried out in strict accordance with its authorities. Technical capability must be understood within the legal, policy, and operational context within which that capability must be employed."

The nominee to head up the NSA US Navy vice admiral Michael S Rogers earlier this week outlined how the agency handles zero day flaws in software and devices, which are one of the key assets it uses to exploit computers.

According to Rogers, the NSA's default position is to disclose software vulnerabilities to vendors of the affected product.

But that position stands in contrast the $25m it spent on acquiring zero day flaws from third-party security firms, which could otherwise have sold or reported them to the vendor.

Read more on the NSA

Topics: Security, Malware

Liam Tung

About Liam Tung

Liam Tung is an Australian business technology journalist living a few too many Swedish miles north of Stockholm for his liking. He gained a bachelors degree in economics and arts (cultural studies) at Sydney's Macquarie University, but hacked (without Norse or malicious code for that matter) his way into a career as an enterprise tech, security and telecommunications journalist with ZDNet Australia. These days Liam is a full time freelance technology journalist who writes for several publications.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

17 comments
Log in or register to join the discussion
  • The "weasel words" and the 4th Amendment

    These are what MUST be focused on..

    "Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating US social media or other websites, are inaccurate,"

    First, NSA doesn't consider the things they plant on private computers to be "malware". Second, NSA believes that since the USA essentially "owns" the internet, they are not "impersonating" anything. Finally, the people at NSA trained to believe that the word "is" has multiple meanings are fully capable of splitting hairs about the "number" and the "accuracy" of the numbers. After all, 1.9999999999999 million really wouldn't be "millions".

    "NSA uses its technical capabilities only to support lawful and appropriate foreign intelligence operations, all of which must be carried out in strict accordance with its authorities. Technical capability must be understood within the legal, policy, and operational context within which that capability must be employed."

    The real issue that even this article misses is that the LAW(S) that NSA uses to determine "appropriate legal authority" is/are fundamentally UNCONSTITUTIONAL on their face.

    The 4th Amendment clearly calls for the government to:
    1. First have "probable cause" that a crime has been or is going to be committed.
    2. Take that evidence to an INDEPENDENT Judge and specifically name the "places to be searched and the things or people to be seized".
    3. Then the Judge decides IF the evidence supports the breadth of the warrant before issuing it.

    The current system turns the 4th Amendment upside down.

    The FISA court is in NO WAY INDEPENDENT and unlikely to be "technically astute", so there is NO ONE to evaluate the appropriateness of the mass collection of data or the likelihood that unneeded information will be swept up in the process

    There is no specificity of either the "places" to be searched or the "things" to be seized.

    There is no credible "probable cause" to suspect EVERY user of EVERY wireless communication system to be a terrorist even if they are ALL only foreign nationals on foreign soil, which we know very few Verizon or Comcast or Time Warner customers are.

    So, the ONLY solution is to repeal all the laws that are currently being used as cover to violate the 4th Amendment.
    blankballot2004
    • Mr./Ms. Blank,

      For argument's sake, suppose I and millions with me agree with you, and everything you just listed is done. All the laws which might possibly be a cover for 4th amendment affronts have been repealed. What does the NSA do next?

      1. Tens of thousands of smart, motivated people are facing their greatest challenge yet, since they believe you and others have greatly emboldened the bad guys, who have already picked the planes and football stadiums they plan to blow up. Therefore, they will ... MOVE!
      2. In Great Britain, Australia, some small Caribbean country, etc. where they land, they will reconstruct the majority of all you hate that they are doing now, only this time, they will not be constrained by US law.
      3. By advising and partnering with the intelligence services of host countries, added to the deep knowledge they already have of US IT infrastructure, they will be possibly even more effective (and more dangerous?) than they are now.

      IOW, the Law of Unintended Consequences will come roaring back at you out of the thicket, and the world will get even more interesting.

      Then, there's the Bad Guys... can't forget them. Vast resources, supported by hostile countries, completely unconstrained by US law... are they on vacation during this whole upheaval? Can the NSA & others effectively protect you (me, our families) from them while the 4th amendment handcuffs are being applied? Possibly, due to your steely eyed realism, you are willing to forgo a measure of protection for the sake of 4th amendment respect. In fact, you are willing send you family on a plane to oblivion, since the NSA/CIA/FBI has become distracted and missed the terror plot to use a remote drone to drop C4 in one engine just as their plane was taking off. Very well.

      In the future, please add a PS to this effect to your statements, stating that you are willing for all of us to suffer terrible things so that we can be free. Finally, I repeat: I tend to agree with you. Nevertheless, such views may come with a very high price...
      ClearCreek
      • Mr/Mrs Clear

        Let's be clear... the boogiemen that are creeping all over our shores, airlines, docks and posrts are infiltering our country to do what? kill us?... might it just be possible that there really is no threat except the secret ones these spooks make up! Afterall, without them, they wouldn't exist. And either way, it will come with a high price! I vote to ratify our constitution and execute ANYONE that violates it! Whatch say?
        SpankyFrost
  • Everyone should be equal

    I won't mind agencies being able to access all my data, as long as I can also access theirs.

    So how about exposing everything to everyone. None of us has privacy. I think that will be FAIR.
    learn_new
  • Non Believer!

    "NSA denies infecting millions of PCs with malware, says reports it spoofed websites are wrong"

    And, I should believe this because? Get real!!!!!!!
    r1r1p1@...
    • They also deny having an alien spacecraft at area 51

      so who should we believe, those that say it's true?

      Because.....?
      William.Farrel
  • NSA never did anything wrong

    Lying to Congress AND the United States people seems to be the plan. Why indeed should we believe anything you do or claim or say is on the up and up?

    Hey, is that secret AT&T operation to listen to all our phone calls still working?

    I am ashamed of our current government.
    EricMJones
    • current government ?

      This has been going on for many years in many forms by many governments domestic and abroad.
      Of course none of them will admit to anything, that would be ludicrous.
      Shadowed
    • You mean Operation Ernestine?

      Lily Tomlin always made us laugh with that one!
      jallan32
  • Yeah, right - and NSA credibility is HOW good????

    Reminds me of the old P.T. Barnum saying about fooling people.....
    Oh, and BTW, NSA is NOT the one who defines "malware" - USERS are!!!!
    Willnott
  • This is what I felt after reading this article.

    .
    "When any government becomes corrupt, it will corrupt completely."
    As in individual, Hoover had taken it to the N'th level.
    Our government learned and is now taking it to a much-much higher level.
    .
    fm.usa
    • furthermore

      Question is, when and or who will stop this?
      .
      Snowden is showing us the facts.
      Will we take action to stop this Monster?
      (enter Steppenwolf's tune: ''Monster'')
      https://www.youtube.com/watch?v=FaNsDx-xmnw
      .
      fm.usa
    • Hoover considered everyone's business his business.

      He knew about Lucille Ball's pregnancy before Desi did. In fact, he called Desi before his wife had a chance to call him! And there was absolutely NO rational crime-fighting or national security reason to keep a file on them (except his paranoia that they may have been Communists or something). Basically, if you were well enough known for your name to appear in anything bigger than a small town newspaper, you were spied upon.
      jallan32
  • Fixed.

    "Nor does NSA target any user of global Internet services without appropriate legal authority, but we have no problems gaining the authority, so we do it all the time."

    Fixed.
    CobraA1
  • In Other Words

    ""Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating US social media or other websites, are inaccurate,"

    In other words: "Oh we're doing it, just not the way they say we are."?
    Badgered
  • NSA has lied so many times.

    Broke so many laws, trust is earned not given. Who in their right mind would believe.
    "We are telling you the truth this time, Honest"
    csumbler
  • Don't fix it yet

    "According to Rogers, the NSA's default position is to disclose software vulnerabilities to vendors of the affected product."

    I imagine that's true - "We found this zero day exploit, here's a court order to stop any work you may have planned to fix it - you are not allowed to talk about this court order."
    Sacr