The latest round of revelations comes from a document dating from 2012 that shows the extent of the NSA’s worldwide surveillance network.
Published by Dutch newspaper NRC Handelsblad, it points out more than 50,000 locations, where the NSA used ‘Computer Network Exploitation’ (CNE) and implanted malicious software into the networks.
According to the NSA website CNE “includes enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks.”
Once the computer has been infected, the ‘implants’ act as digital ‘sleeper cells’ that can be remotely turned on or off with a single push of a button, the Dutch paper reported. The malware can remain active for years without being detected, the newspaper added. The malicious operations reportedly were carried out in many countries including China, Russia, Venezuela and Brazil.
The hacking is conducted by the Tailored Access Operations (TAO), a special unit within the NSA tasked with gaining access to foreign computer systems.
According to the Dutch media, one of the examples of the CNE operation is the reported attack against Belgian telecom company Belgacom that was discovered in September 2013. The attack was previously reported to have been carried out by British intelligence agency GCHQ that worked in cooperation with its American counterpart.
GCHQ injected malware in the Belgacom network to tap their customers’ telephone and data traffic. The agency implemented a technique known as Quantum Insert, placing Belgacom’s servers in strategic spots where they could intercept and redirect target traffic to a fake LinkedIn professional social network’s website.
Public sources show that TAO employs more than a thousand hackers. The task force has been active since at least 1998, according to Washington Post.
Documents acquired by the NRC newspaper also reveal that NSA spied on the Netherlands from 1946 to 1968. However the report does not indicate the specific intentions.
Dutch interior affairs minister Ronald Plasterk has recently confirmed that the NSA monitors mail and phone traffic in the Netherlands and exchanges data with Dutch security organization AIVD.