According to former NSA contractor Edward Snowden leaked latest compilation of national security saying NSA of US impersonated Facebook to try to dupe Internets into downloading malicious code in an attempt to install malware on hundreds and thousands of systems.NSA deployed malware code especially designed to target specific computers. Once inside, NSA gained complete control of the machine and it dubbed the Facebook tactic as 'QUANTUMHAND'.
Tis operation started out as an isolated program for a few hundred targets, but the NSA over the past 10 years has automated some aspects of the program to reach targets on a wider scale, according to The Intercept.
Mikko Hypponen, Chief Research Officer of Finnish security firm F-Secure, is an Expert in malware calls the disclosure, made by Snowden's leaked details, "disturbing".
According to techdirt, he warns that surveillance techniques of NSA could accidentally weaken the Internet's security. Targeting of Facebook by NSA may be due to declining success of other techniques of malware injection.
Hypponen says that when they install malware on machines, they potentially construct new vulnerabilities in these systems making them more prone to assaults from third parties.
In a few cases NSA has shamed as a phony Facebook server employing the social media website as a launch pad, contaminating the target's computer and exfiltrating files from a HD (hard drive).
In others, NSA has distributed spam emails maligned with malware that can be drafted to secretly record audio from a microphone of a computer and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting the downloading of files or denying access to websites.
The NSA said,"Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating U.S. social media or other websites, are inaccurate."
"NSA uses its technical capabilities only to support lawful and appropriate foreign intelligence operations, all of which must be carried out in strict accordance with its authorities. Technical capability must be understood within the legal, policy, and operational context within which that capability must be employed."
The agency said it does not "use its technical capabilities to impersonate U.S. company websites" and it only targets users under proper legal authority.
According to the NSA,"Reports of indiscriminate computer exploitation operations are simply false."
NSA’s authorities require that its foreign intelligence operations support valid national security requirements, protect the legitimate privacy interests of all persons, and be as tailored as feasible."
Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter
No comments:
Post a Comment