1 of 17Image
ANT: Just one of NSA's crack development teams
Last week I wrote up a leak of an NSA document describing DEITYBOUNCE, a tool for flashing malicious BIOS on Dell servers. Not until the next day did I realize that it was part of a much larger set of descriptions of such hacks. In this image gallery I describe many of the most interesting ones.
The leaked documents were first described in an article in Der Spiegel, the German magazine. Most are in the same spirit as DEITYBOUNCE and have similar code names. Many are for hacking into mainstream computing hardware like the Dell PowerEdge servers hacked by DEITYBOUNCE, or for big-name networking hardware from the likes of Cisco, Juniper and Huawei.
There are also devices for tapping into video cables, wireless networks and USB ports. There are devices meant to capture audio in a room and send it elsewhere. There are devices which I just don't understand. Quite a bit of it looks stereotypically James Bond-like.
These documents are all rather old, dating from 2007 to 2009. It's likely that many, if not most, are obsolete. Certainly DEITYBOUNCE is not likely to be useful anymore. We have no reason to believe that the NSA gave up on this sort of espionage, so it's reasonable to assume there are more current devices and descriptions out there. Perhaps Snowden and his buddies in the press are holding them back for future leakage.
The tools are the work of a group called ANT, which Der Spiegel says "...presumably stands for Advanced or Access Network Technology." The descriptions of ANT's tools make it clear that there are other groups at the NSA doing similar, related work and perhaps their descriptions are still to come.
Many of the tools, both hardware and software, need some sort of insider help for installation. There are many places this can be done, such as the manufacturer, a distributor, an intercepted shipment, or even the company's own IT, perhaps even after a bribe or blackmail.
One of the tools, DROPOUTJEEP, got a lot of attention about a week ago because it provides a hack for iPhones.
IRONCHEF: Hacking the HP Proliant 380DL G5 server
Superficially just like DEITYBOUNCE in that it's designed to be a persistent compromise of a common server platform. There is a software component but, instead of flashing a BIOS, IRONCHEF uses a "hardware implant." Like the flashed BIOS, the hardware device can reinstall the software component at boot time.
The document is dated 7/14/2008.