NSA surveillance reportedly hits offline PCs

News by Steve Gold

Almost 100,000 computers are said to be under active surveillance

Reports are circulating that the NSA can now remotely break into computers that are not connected to the Internet.

According to the New York Times and Reuters, the NSA has installed custom malware on "almost 100,000 computers around the world", in order to spy on the machines and "provide a digital highway for cyber attacks."

The Quantum malware is reported to date back to 2008 and relies on a covert channel of radio waves from "tiny circuit boards and USB cards secretly inserted in the computer."

That said, initial analysis suggests that this is similar to a strategy, known as ‘bypassing the air gap', employed in the past by the NSA to track dial-up modems and GSM handsets.

SCMagazineUK.com notes that when dial-modems and GSM (2G) mobile handsets were the norm in the early 1990s, the viruses of the day used any and all means of propagation -- including the use of floppy disks, IRC (Internet Relay Chat) and other communications methodologies -- to spread themselves around and communicate back-to-base, a process that could take days or weeks.

Andrew Rose, principal analyst for security and risk with Forrester Research, agrees that the techniques used by the NSA's Quantum project are actually nothing new, as the methodology is designed to jump the air gap.

'Air gapping', which is also known as 'air walling', is a network security measure that relies on the physically isolation of a computer from unsecured networks, such as the Internet or an unsecured local area network.

"It's really not that new, even though the media thinks otherwise,” Rose told SCMagazineUK.com.

“Stuxnet used this approach and there are a number of other less high-profile attack vectors that use this approach," he said, adding that the irony of the situation is that telecoms hardware from China has been blamed in the past for leaking information back to malware and bad firmware code creators.

"These days the `bad guy' finger pointing is not just confined to the Chinese - it's also the Americans. In some ways the Americans are worse than the Chinese in terms of surveillance. And it is reports like these that call into question the security of all of the technology we use today.”

Rose says that the bottom line is that you cannot truly trust the technology you are using.

"Encryption offers some degree of protection, but ultimately, the data has to be decrypted for viewing and analysing - and even if the data is only viewed on a monitor, it's still a collection of bits and bytes, so could be relayed using a surveillance process.

“As this is a state-sponsored [security] game, you have to presume the worst and, whilst you can reduce the risk of eavesdropping and surveillance, you can never remove the risk entirely."

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews