fbpx
Wikipedia

Tailored Access Operations

January 01, 1970

The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32,[1] is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA).[2] It has been active since at least 1998, possibly 1997, but was not named or structured as TAO until "the last days of 2000," according to General Michael Hayden.[3][4][5]

Tailored Access Operations
AbbreviationTAO
Formationc. 1997–2001[1]
TypeAdvanced persistent threat
PurposeCyberespionage, cyberwarfare
HeadquartersFort Meade
Region
United States
MethodsZero-days, spyware
Official language
English
Parent organization
S3 Data Acquisition
A reference to Tailored Access Operations in an XKeyscore slide

TAO identifies, monitors, infiltrates, and gathers intelligence on computer systems being used by entities foreign to the United States.[6][7][8][9]

History edit

See also: Signals intelligence

TAO is reportedly "the largest and arguably the most important component of the NSA's huge Signals Intelligence Directorate (SID),[10] consisting of more than 1,000 military and civilian computer hackers, intelligence analysts, targeting specialists, computer hardware and software designers, and electrical engineers. The office is currently known as Office of Computer Network Operations (OCNO). ".[4]

Snowden leak edit

A document leaked by former NSA contractor Edward Snowden describing the unit's work says TAO has software templates allowing it to break into commonly used hardware, including "routers, switches, and firewalls from multiple product vendor lines".[11] TAO engineers prefer to tap networks rather than isolated computers, because there are typically many devices on a single network.[11]

Organization edit

TAO's headquarters are termed the Remote Operations Center (ROC) and are based at the NSA headquarters at Fort Meade, Maryland. TAO also has expanded to NSA Hawaii (Wahiawa, Oahu), NSA Georgia (Fort Eisenhower, Georgia), NSA Texas (Joint Base San Antonio, Texas), and NSA Colorado (Buckley Space Force Base, Denver).[4]

  • S321 – Remote Operations Center (ROC) In the Remote Operations Center, 600 employees gather information from around the world.[12][13]
  • S323 – Data Network Technologies Branch (DNT) : develops automated spyware
    • S3231 – Access Division (ACD)
    • S3232 – Cyber Networks Technology Division (CNT)
    • S3233 –
    • S3234 – Computer Technology Division (CTD)
    • S3235 – Network Technology Division (NTD)
  • Telecommunications Network Technologies Branch (TNT) : improve network and computer hacking methods[14]
  • Mission Infrastructure Technologies Branch: operates the software provided above[15]
  • S328 – Access Technologies Operations Branch (ATO): Reportedly includes personnel seconded by the CIA and the FBI, who perform what are described as "off-net operations", which means they arrange for CIA agents to surreptitiously plant eavesdropping devices on computers and telecommunications systems overseas so that TAO's hackers may remotely access them from Fort Meade.[4] Specially equipped submarines, currently the USS Jimmy Carter,[16] are used to wiretap fibre optic cables around the globe.
    • S3283 – Expeditionary Access Operations (EAO)
    • S3285 – Persistence Division

Virtual locations edit

Details[17] on a program titled QUANTUMSQUIRREL indicate NSA ability to masquerade as any routable IPv4 or IPv6 host.[18] This enables an NSA computer to generate false geographical location and personal identification credentials when accessing the Internet utilizing QUANTUMSQUIRREL.[19]

Leadership edit

From 2013 to 2017,[20] the head of TAO was Rob Joyce, a 25-plus year employee who previously worked in the NSA's Information Assurance Directorate (IAD). In January 2016, Joyce had a rare public appearance when he gave a presentation at the Usenix’s Enigma conference.[21]

 
QUANTUMSQUIRREL image from an NSA presentation explaining the QUANTUMSQUIRREL IP host spoofing ability

NSA ANT catalog edit

Main article: NSA ANT catalog

The NSA ANT catalog is a 50-page classified document listing technology available to the United States National Security Agency (NSA) Tailored Access Operations (TAO) by the Advanced Network Technology (ANT) Division to aid in cyber surveillance. Most devices are described as already operational and available to US nationals and members of the Five Eyes alliance. According to Der Spiegel, which released the catalog to the public on December 30, 2013, "The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets' data." The document was created in 2008.[22] Security researcher Jacob Appelbaum gave a speech at the Chaos Communications Congress in Hamburg, Germany, in which he detailed techniques that the simultaneously published Der Spiegel article he coauthored disclosed from the catalog.[22]

QUANTUM attacks edit

 
Lolcat image from an NSA presentation explaining in part the naming of the QUANTUM program
 
NSA's QUANTUMTHEORY overview slide with various codenames for specific types of attack and integration with other NSA systems

The TAO has developed an attack suite they call QUANTUM. It relies on a compromised router that duplicates internet traffic, typically HTTP requests, so that they go both to the intended target and to an NSA site (indirectly). The NSA site runs FOXACID software which sends back exploits that load in the background in the target web browser before the intended destination has had a chance to respond (it's unclear if the compromised router facilitates this race on the return trip). Prior to the development of this technology, FOXACID software made spear-phishing attacks the NSA referred to as spam. If the browser is exploitable, further permanent "implants" (rootkits etc.) are deployed in the target computer, e.g. OLYMPUSFIRE for Windows, which gives complete remote access to the infected machine.[23] This type of attack is part of the man-in-the-middle attack family, though more specifically it is called man-on-the-side attack. It is difficult to pull off without controlling some of the Internet backbone.[24]

There are numerous services that FOXACID can exploit this way. The names of some FOXACID modules are given below:[25]

By collaboration with the British Government Communications Headquarters (GCHQ) (MUSCULAR), Google services could be attacked too, including Gmail.[26]

Finding machines that are exploitable and worth attacking is done using analytic databases such as XKeyscore.[27] A specific method of finding vulnerable machines is interception of Windows Error Reporting traffic, which is logged into XKeyscore.[28]

QUANTUM attacks launched from NSA sites can be too slow for some combinations of targets and services as they essentially try to exploit a race condition, i.e. the NSA server is trying to beat the legitimate server with its response.[29] As of mid-2011, the NSA was prototyping a capability codenamed QFIRE, which involved embedding their exploit-dispensing servers in virtual machines (running on VMware ESX) hosted closer to the target, in the so-called Special Collection Sites (SCS) network worldwide. The goal of QFIRE was to lower the latency of the spoofed response, thus increasing the probability of success.[30][31][32]

COMMENDEER [sic] is used to commandeer (i.e. compromise) untargeted computer systems. The software is used as a part of QUANTUMNATION, which also includes the software vulnerability scanner VALIDATOR. The tool was first described at the 2014 Chaos Communication Congress by Jacob Appelbaum, who characterized it as tyrannical.[33][34][35]

QUANTUMCOOKIE is a more complex form of attack which can be used against Tor users.[36]

Targets and collaborations edit

Suspected, alleged and confirmed targets of the Tailored Access Operations unit include national and international entities like China,[4] Northwestern Polytechnical University.,[37] OPEC,[38] and Mexico's Secretariat of Public Security.[28]

The group has also targeted global communication networks via SEA-ME-WE 4 – an optical fibre submarine communications cable system that carries telecommunications between Singapore, Malaysia, Thailand, Bangladesh, India, Sri Lanka, Pakistan, United Arab Emirates, Saudi Arabia, Sudan, Egypt, Italy, Tunisia, Algeria and France.[34] Additionally, Försvarets radioanstalt (FRA) in Sweden gives access to fiber optic links for QUANTUM cooperation.[39][40]

TAO's QUANTUM INSERT technology was passed to UK services, particularly to GCHQ's MyNOC, which used it to target Belgacom and GPRS roaming exchange (GRX) providers like the Comfone, Syniverse, and Starhome.[28] Belgacom, which provides services to the European Commission, the European Parliament and the European Council discovered the attack.[41]

In concert with the CIA and FBI, TAO is used to intercept laptops purchased online, divert them to secret warehouses where spyware and hardware is installed, and send them on to customers.[42] TAO has also targeted internet browsers Tor and Firefox.[24]

According to a 2013 article in Foreign Policy, TAO has become "increasingly accomplished at its mission, thanks in part to the high-level cooperation it secretly receives from the 'big three' American telecom companies (AT&T, Verizon and Sprint), most of the large US-based Internet service providers, and many of the top computer security software manufacturers and consulting companies."[43] A 2012 TAO budget document claims that these companies, on TAO's behest, "insert vulnerabilities into commercial encryption systems, IT systems, networks and endpoint communications devices used by targets".[43] A number of US companies, including Cisco and Dell, have subsequently made public statements denying that they insert such back doors into their products.[44] Microsoft provides advance warning to the NSA of vulnerabilities it knows about, before fixes or information about these vulnerabilities is available to the public; this enables TAO to execute so-called zero-day attacks.[45] A Microsoft official who declined to be identified in the press confirmed that this is indeed the case, but said that Microsoft cannot be held responsible for how the NSA uses this advance information.[46]

See also edit

References edit

  1. ^ Nakashima, Ellen (1 December 2017). "NSA employee who worked on hacking tools at home pleads guilty to spy charge". The Washington Post. Retrieved 4 December 2017.
  2. ^ Loleski, Steven (2018-10-18). "From cold to cyber warriors: the origins and expansion of NSA's Tailored Access Operations (TAO) to Shadow Brokers". Intelligence and National Security. 34 (1): 112–128. doi:10.1080/02684527.2018.1532627. ISSN 0268-4527. S2CID 158068358.
  3. ^ Hayden, Michael V. (23 February 2016). Playing to the Edge: American Intelligence in the Age of Terror. Penguin Press. ISBN 978-1594206566. Retrieved 1 April 2021.
  4. ^ a b c d e Aid, Matthew M. (10 June 2013). "Inside the NSA's Ultra-Secret China Hacking Group". Foreign Policy. Retrieved 11 June 2013.
  5. ^ Paterson, Andrea (30 August 2013). "The NSA has its own team of elite hackers". The Washington Post. Retrieved 31 August 2013.
  6. ^ Kingsbury, Alex (June 19, 2009). "The Secret History of the National Security Agency". U.S. News & World Report. Retrieved 22 May 2013.
  7. ^ Kingsbury, Alex; Mulrine, Anna (November 18, 2009). "U.S. is Striking Back in the Global Cyberwar". U.S. News & World Report. Retrieved 22 May 2013.
  8. ^ Riley, Michael (May 23, 2013). . Bloomberg Businessweek. Archived from the original on May 25, 2013. Retrieved 23 May 2013.
  9. ^ Aid, Matthew M. (8 June 2010). The Secret Sentry: The Untold History of the National Security Agency. Bloomsbury USA. p. 311. ISBN 978-1-60819-096-6. Retrieved 22 May 2013.
  10. ^ "FOIA #70809 (released 2014-09-19)" (PDF).
  11. ^ a b Gellman, Barton; Nakashima, Ellen (August 30, 2013). "U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show". The Washington Post. Retrieved 7 September 2013. Much more often, an implant is coded entirely in software by an NSA group called, Tailored Access Operations (TAO). As its name suggests, TAO builds attack tools that are custom-fitted to their targets. The NSA unit's software engineers would rather tap into networks than individual computers because there are usually many devices on each network. Tailored Access Operations has software templates to break into common brands and models of "routers, switches, and firewalls from multiple product vendor lines," according to one document describing its work.
  12. ^ . Computerworld. 2013-06-11. Archived from the original on 2014-01-25. Retrieved 2014-01-27.
  13. ^ Rothkopf, David. "Inside the NSA's Ultra-Secret China Hacking Group". Foreign Policy. Retrieved 2014-01-27.
  14. ^ "Hintergrund: Die Speerspitze des amerikanischen Hackings - News Ausland: Amerika". Tages-Anzeiger. tagesanzeiger.ch. Retrieved 2014-01-27.
  15. ^ "Inside the NSA's Ultra-Secret Hacking Group". Atlantic Council. 2013-06-11. Retrieved 2023-07-27.
  16. ^ noahmax (2005-02-21). . Defense Tech. Archived from the original on 2014-02-20. Retrieved 2014-01-27.
  17. ^ https://www.eff.org/files/2014/04/09/20140312-intercept-the_nsa_and_gchqs_quantumtheory_hacking_tactics.pdf (slide 8)
  18. ^ Dealer, Hacker. "Dealer, Hacker, Lawyer, Spy: Modern Techniques and Legal Boundaries of Counter-cybercrime Operations". The European Review of Organised Crime.
  19. ^ "The NSA and GCHQ's QUANTUMTHEORY Hacking Tactics". firstlook.org. 2014-07-16. Retrieved 2014-07-16.
  20. ^ Landler, Mark (April 10, 2018). "Thomas Bossert, Trump's Chief Adviser on Homeland Security, Is Forced Out". New York Times. Retrieved March 9, 2022.
  21. ^ Thomson, Iain (January 28, 2016). "NSA's top hacking boss explains how to protect your network from his attack squads". The Register.
  22. ^ a b This section copied from NSA ANT catalog; see there for sources
  23. ^ "Quantumtheory: Wie die NSA weltweit Rechner hackt". Der Spiegel. 2013-12-30. Retrieved 2014-01-18.
  24. ^ a b Schneier, Bruce (2013-10-07). "How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID". Schneier.com. Retrieved 2014-01-18.
  25. ^ Fotostrecke (2013-12-30). "NSA-Dokumente: So knackt der Geheimdienst Internetkonten". Der Spiegel. Retrieved 2014-01-18.
  26. ^ "NSA-Dokumente: So knackt der Geheimdienst Internetkonten". Der Spiegel. 2013-12-30. Retrieved 2014-01-18.
  27. ^ Gallagher, Sean (August 1, 2013). "NSA's Internet taps can find systems to hack, track VPNs and Word docs". Retrieved August 8, 2013.
  28. ^ a b c "Inside TAO: Targeting Mexico". Der Spiegel. 2013-12-29. Retrieved 2014-01-18.
  29. ^ Fotostrecke (2013-12-30). "QFIRE - die "Vorwärtsverteidigng" der NSA". Der Spiegel. Retrieved 2014-01-18.
  30. ^ "QFIRE - die "Vorwärtsverteidigng" der NSA". Der Spiegel. 2013-12-30. Retrieved 2014-01-18.
  31. ^ "QFIRE - die "Vorwärtsverteidigng" der NSA". Der Spiegel. 2013-12-30. Retrieved 2014-01-18.
  32. ^ "QFIRE - die "Vorwärtsverteidigng" der NSA". Der Spiegel. 2013-12-30. Retrieved 2014-01-18.
  33. ^ ""Chaos Computer Club CCC Presentation" at 28:34". YouTube.
  34. ^ a b Thomson, Iain (2013-12-31). "How the NSA hacks PCs, phones, routers, hard disks 'at speed of light': Spy tech catalog leaks". The Register. London. Retrieved 2014-08-15.
  35. ^ Mick, Jason (2013-12-31). . DailyTech. Archived from the original on 2014-08-24. Retrieved 2014-08-15.
  36. ^ Weaver, Nicholas (2013-03-28). "Our Government Has Weaponized the Internet. Here's How They Did It". Wired. Retrieved 2014-01-18.
  37. ^ "China Accuses US of Repeated Hacks on Polytechnic University". Bloomberg. September 5, 2022 – via www.bloomberg.com.
  38. ^ Gallagher, Sean (2013-11-12). "Quantum of pwnness: How NSA and GCHQ hacked OPEC and others". Ars Technica. Retrieved 2014-01-18.
  39. ^ "Läs dokumenten om Sverige från Edward Snowden - Uppdrag Granskning". SVT.se. Retrieved 2014-01-18.
  40. ^ "What You Wanted to Know" (PDF). documentcloud.org. Retrieved 2015-10-03.
  41. ^ . Network World. 2013-11-11. Archived from the original on 2014-01-15. Retrieved 2014-01-18.
  42. ^ "Inside TAO: The NSA's Shadow Network". Der Spiegel. 2013-12-29. Retrieved 2014-01-27.
  43. ^ a b Aid, Matthew M. (2013-10-15). "The NSA's New Code Breakers". Foreign Policy. Retrieved 2023-07-27.
  44. ^ Farber, Dan (2013-12-29). "NSA reportedly planted spyware on electronics equipment | Security & Privacy". CNET News. Retrieved 2014-01-18.
  45. ^ Schneier, Bruce (2013-10-04). "How the NSA Thinks About Secrecy and Risk". The Atlantic. Retrieved 2014-01-18.
  46. ^ Riley, Michael (2013-06-14). "U.S. Agencies Said to Swap Data With Thousands of Firms". Bloomberg. Retrieved 2014-01-18.

External links edit

  • Inside TAO: Documents Reveal Top NSA Hacking Unit
  • NSA 'hacking unit' infiltrates computers around the world – report
  • NSA Tailored Access Operations
  • NSA Laughs at PCs, Prefers Hacking Routers and Switches
  • N.S.A. Devises Radio Pathway Into Computers
  • Getting the 'Ungettable' Intelligence: An Interview with TAO's Teresa Shea

January 01, 1970
tailored, access, operations, office, computer, network, operations, structured, cyber, warfare, intelligence, gathering, unit, national, security, agency, been, active, since, least, 1998, possibly, 1997, named, structured, until, last, days, 2000, according,. The Office of Tailored Access Operations TAO now Computer Network Operations and structured as S32 1 is a cyber warfare intelligence gathering unit of the National Security Agency NSA 2 It has been active since at least 1998 possibly 1997 but was not named or structured as TAO until the last days of 2000 according to General Michael Hayden 3 4 5 Tailored Access OperationsAbbreviationTAOFormationc 1997 2001 1 TypeAdvanced persistent threatPurposeCyberespionage cyberwarfareHeadquartersFort MeadeRegionUnited StatesMethodsZero days spywareOfficial languageEnglishParent organizationS3 Data Acquisition A reference to Tailored Access Operations in an XKeyscore slide TAO identifies monitors infiltrates and gathers intelligence on computer systems being used by entities foreign to the United States 6 7 8 9 Contents 1 History 1 1 Snowden leak 2 Organization 2 1 Virtual locations 2 2 Leadership 3 NSA ANT catalog 3 1 QUANTUM attacks 4 Targets and collaborations 5 See also 6 References 7 External linksHistory editSee also Signals intelligence TAO is reportedly the largest and arguably the most important component of the NSA s huge Signals Intelligence Directorate SID 10 consisting of more than 1 000 military and civilian computer hackers intelligence analysts targeting specialists computer hardware and software designers and electrical engineers The office is currently known as Office of Computer Network Operations OCNO 4 Snowden leak edit A document leaked by former NSA contractor Edward Snowden describing the unit s work says TAO has software templates allowing it to break into commonly used hardware including routers switches and firewalls from multiple product vendor lines 11 TAO engineers prefer to tap networks rather than isolated computers because there are typically many devices on a single network 11 Organization editTAO s headquarters are termed the Remote Operations Center ROC and are based at the NSA headquarters at Fort Meade Maryland TAO also has expanded to NSA Hawaii Wahiawa Oahu NSA Georgia Fort Eisenhower Georgia NSA Texas Joint Base San Antonio Texas and NSA Colorado Buckley Space Force Base Denver 4 S321 Remote Operations Center ROC In the Remote Operations Center 600 employees gather information from around the world 12 13 S323 Data Network Technologies Branch DNT develops automated spyware S3231 Access Division ACD S3232 Cyber Networks Technology Division CNT S3233 S3234 Computer Technology Division CTD S3235 Network Technology Division NTD Telecommunications Network Technologies Branch TNT improve network and computer hacking methods 14 Mission Infrastructure Technologies Branch operates the software provided above 15 S328 Access Technologies Operations Branch ATO Reportedly includes personnel seconded by the CIA and the FBI who perform what are described as off net operations which means they arrange for CIA agents to surreptitiously plant eavesdropping devices on computers and telecommunications systems overseas so that TAO s hackers may remotely access them from Fort Meade 4 Specially equipped submarines currently the USS Jimmy Carter 16 are used to wiretap fibre optic cables around the globe S3283 Expeditionary Access Operations EAO S3285 Persistence Division Virtual locations edit Details 17 on a program titled QUANTUMSQUIRREL indicate NSA ability to masquerade as any routable IPv4 or IPv6 host 18 This enables an NSA computer to generate false geographical location and personal identification credentials when accessing the Internet utilizing QUANTUMSQUIRREL 19 Leadership editFrom 2013 to 2017 20 the head of TAO was Rob Joyce a 25 plus year employee who previously worked in the NSA s Information Assurance Directorate IAD In January 2016 Joyce had a rare public appearance when he gave a presentation at the Usenix s Enigma conference 21 nbsp QUANTUMSQUIRREL image from an NSA presentation explaining the QUANTUMSQUIRREL IP host spoofing abilityNSA ANT catalog editMain article NSA ANT catalog The NSA ANT catalog is a 50 page classified document listing technology available to the United States National Security Agency NSA Tailored Access Operations TAO by the Advanced Network Technology ANT Division to aid in cyber surveillance Most devices are described as already operational and available to US nationals and members of the Five Eyes alliance According to Der Spiegel which released the catalog to the public on December 30 2013 The list reads like a mail order catalog one from which other NSA employees can order technologies from the ANT division for tapping their targets data The document was created in 2008 22 Security researcher Jacob Appelbaum gave a speech at the Chaos Communications Congress in Hamburg Germany in which he detailed techniques that the simultaneously published Der Spiegel article he coauthored disclosed from the catalog 22 QUANTUM attacks edit nbsp Lolcat image from an NSA presentation explaining in part the naming of the QUANTUM program nbsp NSA s QUANTUMTHEORY overview slide with various codenames for specific types of attack and integration with other NSA systems The TAO has developed an attack suite they call QUANTUM It relies on a compromised router that duplicates internet traffic typically HTTP requests so that they go both to the intended target and to an NSA site indirectly The NSA site runs FOXACID software which sends back exploits that load in the background in the target web browser before the intended destination has had a chance to respond it s unclear if the compromised router facilitates this race on the return trip Prior to the development of this technology FOXACID software made spear phishing attacks the NSA referred to as spam If the browser is exploitable further permanent implants rootkits etc are deployed in the target computer e g OLYMPUSFIRE for Windows which gives complete remote access to the infected machine 23 This type of attack is part of the man in the middle attack family though more specifically it is called man on the side attack It is difficult to pull off without controlling some of the Internet backbone 24 There are numerous services that FOXACID can exploit this way The names of some FOXACID modules are given below 25 alibabaForumUser doubleclickID rocketmail hi5 HotmailID LinkedIn mailruid msnMailToken64 Tencent QQ Facebook Twitter Yahoo Gmail YouTube By collaboration with the British Government Communications Headquarters GCHQ MUSCULAR Google services could be attacked too including Gmail 26 Finding machines that are exploitable and worth attacking is done using analytic databases such as XKeyscore 27 A specific method of finding vulnerable machines is interception of Windows Error Reporting traffic which is logged into XKeyscore 28 QUANTUM attacks launched from NSA sites can be too slow for some combinations of targets and services as they essentially try to exploit a race condition i e the NSA server is trying to beat the legitimate server with its response 29 As of mid 2011 the NSA was prototyping a capability codenamed QFIRE which involved embedding their exploit dispensing servers in virtual machines running on VMware ESX hosted closer to the target in the so called Special Collection Sites SCS network worldwide The goal of QFIRE was to lower the latency of the spoofed response thus increasing the probability of success 30 31 32 COMMENDEER sic is used to commandeer i e compromise untargeted computer systems The software is used as a part of QUANTUMNATION which also includes the software vulnerability scanner VALIDATOR The tool was first described at the 2014 Chaos Communication Congress by Jacob Appelbaum who characterized it as tyrannical 33 34 35 QUANTUMCOOKIE is a more complex form of attack which can be used against Tor users 36 Targets and collaborations editSuspected alleged and confirmed targets of the Tailored Access Operations unit include national and international entities like China 4 Northwestern Polytechnical University 37 OPEC 38 and Mexico s Secretariat of Public Security 28 The group has also targeted global communication networks via SEA ME WE 4 an optical fibre submarine communications cable system that carries telecommunications between Singapore Malaysia Thailand Bangladesh India Sri Lanka Pakistan United Arab Emirates Saudi Arabia Sudan Egypt Italy Tunisia Algeria and France 34 Additionally Forsvarets radioanstalt FRA in Sweden gives access to fiber optic links for QUANTUM cooperation 39 40 TAO s QUANTUM INSERT technology was passed to UK services particularly to GCHQ s MyNOC which used it to target Belgacom and GPRS roaming exchange GRX providers like the Comfone Syniverse and Starhome 28 Belgacom which provides services to the European Commission the European Parliament and the European Council discovered the attack 41 In concert with the CIA and FBI TAO is used to intercept laptops purchased online divert them to secret warehouses where spyware and hardware is installed and send them on to customers 42 TAO has also targeted internet browsers Tor and Firefox 24 According to a 2013 article in Foreign Policy TAO has become increasingly accomplished at its mission thanks in part to the high level cooperation it secretly receives from the big three American telecom companies AT amp T Verizon and Sprint most of the large US based Internet service providers and many of the top computer security software manufacturers and consulting companies 43 A 2012 TAO budget document claims that these companies on TAO s behest insert vulnerabilities into commercial encryption systems IT systems networks and endpoint communications devices used by targets 43 A number of US companies including Cisco and Dell have subsequently made public statements denying that they insert such back doors into their products 44 Microsoft provides advance warning to the NSA of vulnerabilities it knows about before fixes or information about these vulnerabilities is available to the public this enables TAO to execute so called zero day attacks 45 A Microsoft official who declined to be identified in the press confirmed that this is indeed the case but said that Microsoft cannot be held responsible for how the NSA uses this advance information 46 See also editAdvanced persistent threat Cyberwarfare in the United States Equation Group Magic Lantern software MiniPanzer and MegaPanzer PLA Unit 61398 Stuxnet Syrian Electronic Army Unit 8200 WARRIOR PRIDEReferences edit Nakashima Ellen 1 December 2017 NSA employee who worked on hacking tools at home pleads guilty to spy charge The Washington Post Retrieved 4 December 2017 Loleski Steven 2018 10 18 From cold to cyber warriors the origins and expansion of NSA s Tailored Access Operations TAO to Shadow Brokers Intelligence and National Security 34 1 112 128 doi 10 1080 02684527 2018 1532627 ISSN 0268 4527 S2CID 158068358 Hayden Michael V 23 February 2016 Playing to the Edge American Intelligence in the Age of Terror Penguin Press ISBN 978 1594206566 Retrieved 1 April 2021 a b c d e Aid Matthew M 10 June 2013 Inside the NSA s Ultra Secret China Hacking Group Foreign Policy Retrieved 11 June 2013 Paterson Andrea 30 August 2013 The NSA has its own team of elite hackers The Washington Post Retrieved 31 August 2013 Kingsbury Alex June 19 2009 The Secret History of the National Security Agency U S News amp World Report Retrieved 22 May 2013 Kingsbury Alex Mulrine Anna November 18 2009 U S is Striking Back in the Global Cyberwar U S News amp World Report Retrieved 22 May 2013 Riley Michael May 23 2013 How the U S Government Hacks the World Bloomberg Businessweek Archived from the original on May 25 2013 Retrieved 23 May 2013 Aid Matthew M 8 June 2010 The Secret Sentry The Untold History of the National Security Agency Bloomsbury USA p 311 ISBN 978 1 60819 096 6 Retrieved 22 May 2013 FOIA 70809 released 2014 09 19 PDF a b Gellman Barton Nakashima Ellen August 30 2013 U S spy agencies mounted 231 offensive cyber operations in 2011 documents show The Washington Post Retrieved 7 September 2013 Much more often an implant is coded entirely in software by an NSA group called Tailored Access Operations TAO As its name suggests TAO builds attack tools that are custom fitted to their targets The NSA unit s software engineers would rather tap into networks than individual computers because there are usually many devices on each network Tailored Access Operations has software templates to break into common brands and models of routers switches and firewalls from multiple product vendor lines according to one document describing its work Secret NSA hackers from TAO Office have been pwning China for nearly 15 years Computerworld 2013 06 11 Archived from the original on 2014 01 25 Retrieved 2014 01 27 Rothkopf David Inside the NSA s Ultra Secret China Hacking Group Foreign Policy Retrieved 2014 01 27 Hintergrund Die Speerspitze des amerikanischen Hackings News Ausland Amerika Tages Anzeiger tagesanzeiger ch Retrieved 2014 01 27 Inside the NSA s Ultra Secret Hacking Group Atlantic Council 2013 06 11 Retrieved 2023 07 27 noahmax 2005 02 21 Jimmy Carter Super Spy Defense Tech Archived from the original on 2014 02 20 Retrieved 2014 01 27 https www eff org files 2014 04 09 20140312 intercept the nsa and gchqs quantumtheory hacking tactics pdf slide 8 Dealer Hacker Dealer Hacker Lawyer Spy Modern Techniques and Legal Boundaries of Counter cybercrime Operations The European Review of Organised Crime The NSA and GCHQ s QUANTUMTHEORY Hacking Tactics firstlook org 2014 07 16 Retrieved 2014 07 16 Landler Mark April 10 2018 Thomas Bossert Trump s Chief Adviser on Homeland Security Is Forced Out New York Times Retrieved March 9 2022 Thomson Iain January 28 2016 NSA s top hacking boss explains how to protect your network from his attack squads The Register a b This section copied from NSA ANT catalog see there for sources Quantumtheory Wie die NSA weltweit Rechner hackt Der Spiegel 2013 12 30 Retrieved 2014 01 18 a b Schneier Bruce 2013 10 07 How the NSA Attacks Tor Firefox Users With QUANTUM and FOXACID Schneier com Retrieved 2014 01 18 Fotostrecke 2013 12 30 NSA Dokumente So knackt der Geheimdienst Internetkonten Der Spiegel Retrieved 2014 01 18 NSA Dokumente So knackt der Geheimdienst Internetkonten Der Spiegel 2013 12 30 Retrieved 2014 01 18 Gallagher Sean August 1 2013 NSA s Internet taps can find systems to hack track VPNs and Word docs Retrieved August 8 2013 a b c Inside TAO Targeting Mexico Der Spiegel 2013 12 29 Retrieved 2014 01 18 Fotostrecke 2013 12 30 QFIRE die Vorwartsverteidigng der NSA Der Spiegel Retrieved 2014 01 18 QFIRE die Vorwartsverteidigng der NSA Der Spiegel 2013 12 30 Retrieved 2014 01 18 QFIRE die Vorwartsverteidigng der NSA Der Spiegel 2013 12 30 Retrieved 2014 01 18 QFIRE die Vorwartsverteidigng der NSA Der Spiegel 2013 12 30 Retrieved 2014 01 18 Chaos Computer Club CCC Presentation at 28 34 YouTube a b Thomson Iain 2013 12 31 How the NSA hacks PCs phones routers hard disks at speed of light Spy tech catalog leaks The Register London Retrieved 2014 08 15 Mick Jason 2013 12 31 Tax and Spy How the NSA Can Hack Any American Stores Data 15 Years DailyTech Archived from the original on 2014 08 24 Retrieved 2014 08 15 Weaver Nicholas 2013 03 28 Our Government Has Weaponized the Internet Here s How They Did It Wired Retrieved 2014 01 18 China Accuses US of Repeated Hacks on Polytechnic University Bloomberg September 5 2022 via www bloomberg com Gallagher Sean 2013 11 12 Quantum of pwnness How NSA and GCHQ hacked OPEC and others Ars Technica Retrieved 2014 01 18 Las dokumenten om Sverige fran Edward Snowden Uppdrag Granskning SVT se Retrieved 2014 01 18 What You Wanted to Know PDF documentcloud org Retrieved 2015 10 03 British spies reportedly spoofed LinkedIn Slashdot to target network engineers Network World 2013 11 11 Archived from the original on 2014 01 15 Retrieved 2014 01 18 Inside TAO The NSA s Shadow Network Der Spiegel 2013 12 29 Retrieved 2014 01 27 a b Aid Matthew M 2013 10 15 The NSA s New Code Breakers Foreign Policy Retrieved 2023 07 27 Farber Dan 2013 12 29 NSA reportedly planted spyware on electronics equipment Security amp Privacy CNET News Retrieved 2014 01 18 Schneier Bruce 2013 10 04 How the NSA Thinks About Secrecy and Risk The Atlantic Retrieved 2014 01 18 Riley Michael 2013 06 14 U S Agencies Said to Swap Data With Thousands of Firms Bloomberg Retrieved 2014 01 18 External links editInside TAO Documents Reveal Top NSA Hacking Unit NSA hacking unit infiltrates computers around the world report NSA Tailored Access Operations NSA Laughs at PCs Prefers Hacking Routers and Switches N S A Devises Radio Pathway Into Computers Getting the Ungettable Intelligence An Interview with TAO s Teresa Shea Retrieved from https en wikipedia org w index php title Tailored Access Operations amp oldid 1226694352, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.