NSA’s automated hacking engine offers hands-free pwning of the world
With Turbine, no humans are required to exploit phones, PCs, routers, VPNs.
by Sean Gallagher – Mar 12 2014, 3:20pm EDT
Since 2010, the National Security Agency has kept a push-button hacking system called Turbine that allows the agency to scale up the number of networks it has access to from hundreds to potentially millions. The news comes from new Edward Snowden documents published by Ryan Gallagher and Glenn Greenwald inThe Intercept today. The leaked information details how the NSA has used Turbine to ramp up its hacking capacity to “industrial scale,” plant malware that breaks the security on virtual private networks (VPNs) and digital voice communications, and collect data and subvert targeted networks on a once-unimaginable scale.
Turbine is part of Turbulence, the collection of systems that also includes the Turmoil network surveillance system that feeds the NSA’s XKeyscore surveillance database. While it is controlled from NSA and GCHQ headquarters, it is a distributed set of attack systems equipped with packaged “exploits” that take advantage of the ability the NSA and GCHQ have to insert themselves as a “man in the middle” at Internet chokepoints. Using that position of power, Turbine can automate functions of Turbulence systems to corrupt data in transit between two Internet addresses, adding malware to webpages being viewed or otherwise attacking the communications stream.
Since Turbine went online in 2010, it has allowed the NSA to scale up from managing hundreds of hacking operations each day to handling millions of them. It does so by taking people out of the loop of managing attacks, instead using software to identify, target, and attack Internet-connected devices by installing malware referred to as “implants.” According to the documents, NSA analysts can simply specify the type of information required and let the system figure out how to get to it without having to know the details of the application being attacked.