[governance] FW: [Dewayne-Net] NSA Laughs at PCs, Prefers Hacking Routers and Switches

michael gurstein gurstein at gmail.com
Wed Sep 4 09:55:38 EDT 2013 


-----Original Message-----
From: listmom at warpspeed.com [mailto:listmom at warpspeed.com] On Behalf Of
Dewayne Hendricks
Sent: Wednesday, September 04, 2013 8:25 PM
To: Multiple recipients of Dewayne-Net - Sent by
Subject: [Dewayne-Net] NSA Laughs at PCs, Prefers Hacking Routers and
Switches

NSA Laughs at PCs, Prefers Hacking Routers and Switches By KIM ZETTER
09.04.13
<http://www.wired.com/threatlevel/2013/09/nsa-router-hacking/>

The NSA runs a massive, full-time hacking operation targeting foreign
systems, the latest leaks from Edward Snowden show. But unlike conventional
cybercriminals, the agency is less interested in hacking PCs and Macs.
Instead, America's spooks have their eyes on the internet routers and
switches that form the basic infrastructure of the net, and are largely
overlooked as security vulnerabilities.

Under a $652-million program codenamed "Genie," U.S. intel agencies have
hacked into foreign computers and networks to monitor communications
crossing them and to establish control over them, according to a secret
black budget document leaked to the Washington Post. U.S. intelligence
agencies conducted 231 offensive cyber operations in 2011 to penetrate the
computer networks of targets abroad.

This included not only installing covert "implants" in foreign desktop
computers but also on routers and firewalls - tens of thousands of machines
every year in all. According to the Post, the government planned to expand
the program to cover millions of additional foreign machines in the future
and preferred hacking routers to individual PCs because it gave agencies
access to data from entire networks of computers instead of just individual
machines.

Most of the hacks targeted the systems and communications of top adversaries
like China, Russia, Iran and North Korea and included activities around
nuclear proliferation.

The NSA's focus on routers highlights an often-overlooked attack vector with
huge advantages for the intruder, says Marc Maiffret, chief technology
officer at security firm Beyond Trust. Hacking routers is an ideal way for
an intelligence or military agency to maintain a persistent hold on network
traffic because the systems aren't updated with new software very often or
patched in the way that Windows and Linux systems are.

"No on updates their routers," he says. "If you think people are bad about
patching Windows and Linux (which they are) then they are . horrible about
updating their networking gear because it is too critical, and usually they
don't have redundancy to be able to do it properly."

He also notes that routers don't have security software that can help detect
a breach.

"The challenge [with desktop systems] is that while antivirus don't work
well on your desktop, they at least do something [to detect attacks]," he
says. "But you don't even have an integrity check for the most part on
routers and other such devices like IP cameras."

Hijacking routers and switches could allow the NSA to do more than just
eavesdrop on all the communications crossing that equipment. It would also
let them bring down networks or prevent certain communication, such as
military orders, from getting through, though the Post story doesn't report
any such activities. With control of routers, the NSA could re-route traffic
to a different location, or even alter it for disinformation campaigns, such
as planting information that would have a detrimental political effect or
altering orders to re-route troops or supplies in a military operation.

[snip]

Dewayne-Net RSS Feed: <http://dewaynenet.wordpress.com/feed/>

 


-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t

More information about the Governance mailing list