NSA May Have Undercover Operatives in Foreign Companies

As a much-anticipated documentary about NSA whistleblower Edward Snowden premiers in New York this evening, new revelations are being published simultaneously that expose more information about the NSAs work to compromise computer networks and devices.

Newly-brought-to-light documents leaked by Snowden discuss operations by the NSA working inside China, Germany and South Korea to help physically subvert and compromise foreign networks and equipment, according to a report published by The Intercept. They also suggest the NSA may have undercover agents planted inside companies to provide assistance in gaining access to systems in the global communications industry. And they bolster previous reports that the NSA works with U.S. and foreign companies to weaken their encryption systems.

The new report is written by Peter Maass and Laura Poitras. Poitras is the celebrated documentary filmmaker who Snowden contacted in 2013 to provide her with a trove of NSA documents and who has interviewed him in Hong Kong and Moscow for her film CitizenFour.

Among the new documents, which are seen in the film, is a 13-page brief dating from 2004 about Sentry Eagle, a term the NSA used to describe a collection of closely held programs whose details were so tightly controlled that, according to the document, they could be disclosed only to a limited number of people approved by senior intelligence officials.

Unauthorized disclosure . . .will cause exceptionally grave damage to U.S. national security, the document states. The loss of this information could critically compromise highly sensitive cryptologic U.S. and foreign relationships, multi-year past and future NSA investments, and the ability to exploit foreign adversary cyberspace while protecting U.S. cyberspace.

The brief reveals new details about six categories of NSA operations that fall under the Sentry Eagle rubric. These are also known as the NSAs core secrets and are identified as:

Sentry Hawkwhich involves computer network exploitation (aka CNE), the governments term for digital espionage. (For example, programs like Flame would fall into this category.)

Sentry Falconwhich involves computer network defense.

Sentry Ospreywhich appears to involve overseeing NSA clandestine operations conducted in conjunction with the CIA, FBI, the Defense Intelligence Agency and Army intelligence. These operations involve human intelligence assets, or HUMINT assets (Target ExploitationTAREX) to support signals intelligence (SIGINT) operations.

This is one of the biggest reveals of the report. Apparently, under Sentry Osprey, people responsible for target exploitation operations are embedded in operations conducted by the CIA, Defense Intelligence Agency, and FBI to provide technical expertise these agencies lack. This would include covert or clandestine field activities as well as interception, or interdiction of devices in the supply chain to modify equipment or implant bugs or beacons in hardware. The TAREX group specializes in physical subversionthat is, subversion through physical access to a device or facility, rather than by implanting spyware remotely over the internet. The report doesnt indicate if the kinds of modifications made to equipment involve sabotage, but its possible the alterations made could include planting logic bombs in software to destroy data or equipment, as the Stuxnet worm did in Iran.

View original post here:
NSA May Have Undercover Operatives in Foreign Companies