Tailored Access Operations
Zero-days, spyware | |
Official language | English |
---|---|
Parent organization | S3 Data Acquisition |
National Security Agency surveillance |
---|
The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32,
TAO identifies, monitors, infiltrates, and gathers intelligence on computer systems being used by entities foreign to the United States.[6][7][8][9]
History
TAO is reportedly "the largest and arguably the most important component of the NSA's huge Signals Intelligence Directorate (SID),[10] consisting of more than 1,000 military and civilian computer hackers, intelligence analysts, targeting specialists, computer hardware and software designers, and electrical engineers. The office is currently known as Office of Computer Network Operations (OCNO). ".[4]
Snowden leak
A document leaked by former NSA contractor Edward Snowden describing the unit's work says TAO has software templates allowing it to break into commonly used hardware, including "routers, switches, and firewalls from multiple product vendor lines".[11] TAO engineers prefer to tap networks rather than isolated computers, because there are typically many devices on a single network.[11]
Organization
TAO's headquarters are termed the Remote Operations Center (ROC) and are based at the NSA headquarters at
- S321 – Remote Operations Center (ROC) In the Remote Operations Center, 600 employees gather information from around the world.[12][13]
- S323 – Data Network Technologies Branch (DNT) : develops automated spyware
- S3231 – Access Division (ACD)
- S3232 – Cyber Networks Technology Division (CNT)
- S3233 –
- S3234 – Computer Technology Division (CTD)
- S3235 – Network Technology Division (NTD)
- Telecommunications Network Technologies Branch (TNT) : improve network and computer hacking methods[14]
- Mission Infrastructure Technologies Branch: operates the software provided above[15]
- S328 – Access Technologies Operations Branch (ATO): Reportedly includes personnel seconded by the CIA and the FBI, who perform what are described as "off-net operations", which means they arrange for CIA agents to surreptitiously plant eavesdropping devices on computers and telecommunications systems overseas so that TAO's hackers may remotely access them from Fort Meade.[4] Specially equipped submarines, currently the USS Jimmy Carter,[16] are used to wiretap fibre optic cables around the globe.
- S3283 – Expeditionary Access Operations (EAO)
- S3285 – Persistence Division
Virtual locations
Details[17] on a program titled QUANTUMSQUIRREL indicate NSA ability to masquerade as any routable IPv4 or IPv6 host.[18] This enables an NSA computer to generate false geographical location and personal identification credentials when accessing the Internet utilizing QUANTUMSQUIRREL.[19]
Leadership
From 2013 to 2017,[20] the head of TAO was Rob Joyce, a 25-plus year employee who previously worked in the NSA's Information Assurance Directorate (IAD). In January 2016, Joyce had a rare public appearance when he gave a presentation at the Usenix’s Enigma conference.[21]
NSA ANT catalog
The
QUANTUM attacks
The TAO has developed an attack suite they call QUANTUM. It relies on a compromised
There are numerous services that FOXACID can exploit this way. The names of some FOXACID modules are given below:[25]
By collaboration with the British
Finding machines that are exploitable and worth attacking is done using analytic databases such as XKeyscore.[27] A specific method of finding vulnerable machines is interception of Windows Error Reporting traffic, which is logged into XKeyscore.[28]
QUANTUM attacks launched from NSA sites can be too slow for some combinations of targets and services as they essentially try to exploit a
COMMENDEER [sic] is used to commandeer (i.e. compromise) untargeted computer systems. The software is used as a part of QUANTUMNATION, which also includes the software vulnerability scanner VALIDATOR. The tool was first described at the 2014 Chaos Communication Congress by Jacob Appelbaum, who characterized it as tyrannical.[33][34][35]
QUANTUMCOOKIE is a more complex form of attack which can be used
Targets and collaborations
Suspected, alleged and confirmed targets of the Tailored Access Operations unit include national and international entities like
The group has also targeted global communication networks via
TAO's QUANTUM INSERT technology was passed to UK services, particularly to
In concert with the
According to a 2013 article in
See also
- Advanced persistent threat
- Cyberwarfare in the United States
- Equation Group
- Magic Lantern (software)
- MiniPanzer and MegaPanzer
- PLA Unit 61398
- Stuxnet
- Syrian Electronic Army
- Unit 8200
- WARRIOR PRIDE
References
- ^ Nakashima, Ellen (1 December 2017). "NSA employee who worked on hacking tools at home pleads guilty to spy charge". The Washington Post. Retrieved 4 December 2017.
- S2CID 158068358.
- ISBN 978-1594206566. Retrieved 1 April 2021.
- ^ a b c d e Aid, Matthew M. (10 June 2013). "Inside the NSA's Ultra-Secret China Hacking Group". Foreign Policy. Retrieved 11 June 2013.
- ^ Paterson, Andrea (30 August 2013). "The NSA has its own team of elite hackers". The Washington Post. Retrieved 31 August 2013.
- ^ Kingsbury, Alex (June 19, 2009). "The Secret History of the National Security Agency". U.S. News & World Report. Retrieved 22 May 2013.
- ^ Kingsbury, Alex; Mulrine, Anna (November 18, 2009). "U.S. is Striking Back in the Global Cyberwar". U.S. News & World Report. Retrieved 22 May 2013.
- ^ Riley, Michael (May 23, 2013). "How the U.S. Government Hacks the World". Bloomberg Businessweek. Archived from the original on May 25, 2013. Retrieved 23 May 2013.
- ISBN 978-1-60819-096-6. Retrieved 22 May 2013.
- ^ "FOIA #70809 (released 2014-09-19)" (PDF).
- ^ a b Gellman, Barton; Nakashima, Ellen (August 30, 2013). "U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show". The Washington Post. Retrieved 7 September 2013.
Much more often, an implant is coded entirely in software by an NSA group called, Tailored Access Operations (TAO). As its name suggests, TAO builds attack tools that are custom-fitted to their targets. The NSA unit's software engineers would rather tap into networks than individual computers because there are usually many devices on each network. Tailored Access Operations has software templates to break into common brands and models of "routers, switches, and firewalls from multiple product vendor lines," according to one document describing its work.
- ^ "Secret NSA hackers from TAO Office have been pwning China for nearly 15 years". Computerworld. 2013-06-11. Archived from the original on 2014-01-25. Retrieved 2014-01-27.
- ^ Rothkopf, David. "Inside the NSA's Ultra-Secret China Hacking Group". Foreign Policy. Retrieved 2014-01-27.
- ^ "Hintergrund: Die Speerspitze des amerikanischen Hackings - News Ausland: Amerika". Tages-Anzeiger. tagesanzeiger.ch. Retrieved 2014-01-27.
- ^ "Inside the NSA's Ultra-Secret Hacking Group". Atlantic Council. 2013-06-11. Retrieved 2023-07-27.
- ^ noahmax (2005-02-21). "Jimmy Carter: Super Spy?". Defense Tech. Archived from the original on 2014-02-20. Retrieved 2014-01-27.
- ^ https://www.eff.org/files/2014/04/09/20140312-intercept-the_nsa_and_gchqs_quantumtheory_hacking_tactics.pdf (slide 8)
- ^ Dealer, Hacker. "Dealer, Hacker, Lawyer, Spy: Modern Techniques and Legal Boundaries of Counter-cybercrime Operations". The European Review of Organised Crime.
- ^ "The NSA and GCHQ's QUANTUMTHEORY Hacking Tactics". firstlook.org. 2014-07-16. Retrieved 2014-07-16.
- ^ Landler, Mark (April 10, 2018). "Thomas Bossert, Trump's Chief Adviser on Homeland Security, Is Forced Out". New York Times. Retrieved March 9, 2022.
- ^ Thomson, Iain (January 28, 2016). "NSA's top hacking boss explains how to protect your network from his attack squads". The Register.
- ^ NSA ANT catalog; see there for sources
- ^ "Quantumtheory: Wie die NSA weltweit Rechner hackt". Der Spiegel. 2013-12-30. Retrieved 2014-01-18.
- ^ a b Schneier, Bruce (2013-10-07). "How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID". Schneier.com. Retrieved 2014-01-18.
- ^ Fotostrecke (2013-12-30). "NSA-Dokumente: So knackt der Geheimdienst Internetkonten". Der Spiegel. Retrieved 2014-01-18.
- ^ "NSA-Dokumente: So knackt der Geheimdienst Internetkonten". Der Spiegel. 2013-12-30. Retrieved 2014-01-18.
- ^ Gallagher, Sean (August 1, 2013). "NSA's Internet taps can find systems to hack, track VPNs and Word docs". Retrieved August 8, 2013.
- ^ a b c "Inside TAO: Targeting Mexico". Der Spiegel. 2013-12-29. Retrieved 2014-01-18.
- ^ Fotostrecke (2013-12-30). "QFIRE - die "Vorwärtsverteidigng" der NSA". Der Spiegel. Retrieved 2014-01-18.
- ^ "QFIRE - die "Vorwärtsverteidigng" der NSA". Der Spiegel. 2013-12-30. Retrieved 2014-01-18.
- ^ "QFIRE - die "Vorwärtsverteidigng" der NSA". Der Spiegel. 2013-12-30. Retrieved 2014-01-18.
- ^ "QFIRE - die "Vorwärtsverteidigng" der NSA". Der Spiegel. 2013-12-30. Retrieved 2014-01-18.
- ^ ""Chaos Computer Club CCC Presentation" at 28:34". YouTube.
- ^ a b Thomson, Iain (2013-12-31). "How the NSA hacks PCs, phones, routers, hard disks 'at speed of light': Spy tech catalog leaks". The Register. London. Retrieved 2014-08-15.
- ^ Mick, Jason (2013-12-31). "Tax and Spy: How the NSA Can Hack Any American, Stores Data 15 Years". DailyTech. Archived from the original on 2014-08-24. Retrieved 2014-08-15.
- ^ Weaver, Nicholas (2013-03-28). "Our Government Has Weaponized the Internet. Here's How They Did It". Wired. Retrieved 2014-01-18.
- ^ "China Accuses US of Repeated Hacks on Polytechnic University". Bloomberg. September 5, 2022 – via www.bloomberg.com.
- ^ Gallagher, Sean (2013-11-12). "Quantum of pwnness: How NSA and GCHQ hacked OPEC and others". Ars Technica. Retrieved 2014-01-18.
- ^ "Läs dokumenten om Sverige från Edward Snowden - Uppdrag Granskning". SVT.se. Retrieved 2014-01-18.
- ^ "What You Wanted to Know" (PDF). documentcloud.org. Retrieved 2015-10-03.
- ^ "British spies reportedly spoofed LinkedIn, Slashdot to target network engineers". Network World. 2013-11-11. Archived from the original on 2014-01-15. Retrieved 2014-01-18.
- ^ "Inside TAO: The NSA's Shadow Network". Der Spiegel. 2013-12-29. Retrieved 2014-01-27.
- ^ a b Aid, Matthew M. (2013-10-15). "The NSA's New Code Breakers". Foreign Policy. Retrieved 2023-07-27.
- ^ Farber, Dan (2013-12-29). "NSA reportedly planted spyware on electronics equipment | Security & Privacy". CNET News. Retrieved 2014-01-18.
- ^ Schneier, Bruce (2013-10-04). "How the NSA Thinks About Secrecy and Risk". The Atlantic. Retrieved 2014-01-18.
- ^ Riley, Michael (2013-06-14). "U.S. Agencies Said to Swap Data With Thousands of Firms". Bloomberg. Retrieved 2014-01-18.
External links
- Inside TAO: Documents Reveal Top NSA Hacking Unit
- NSA 'hacking unit' infiltrates computers around the world – report
- NSA Tailored Access Operations
- NSA Laughs at PCs, Prefers Hacking Routers and Switches
- N.S.A. Devises Radio Pathway Into Computers
- Getting the 'Ungettable' Intelligence: An Interview with TAO's Teresa Shea