Report reveals NSA hacking tactics

A German magazine has revealed new information about the US spy agency’s hacking unit, reporting that American spies intercepted computer deliveries, and even hijacked Microsoft’s internal reporting system to spy on their targets.

Der Spiegel’s revelations on Sunday relate to a division of the National Security Agency known as Tailored Access Operations, or TAO, which is described as an elite team of hackers specialising in stealing data from the toughest of targets.

Citing internal NSA documents, the magazine said that TAO’s mission was “getting the ungettable,” and quoted an unnamed intelligence official as saying that TAO had gathered “some of the most significant intelligence our country has ever seen.”

Der Spiegel said TAO had a catalogue of hi-tech gadgets for particularly hard-to-crack cases, including computer monitor cables specially modified to record what is being typed across the screen.

USB sticks were also secretly fitted with radio transmitters to broadcast stolen data over the airwaves, and fake base stations intended to intercept mobile phone signals on the go.

Der Spiegel did not explicitly say where its cache NSA documents had come from, although the magazine has previously published a series of stories based on documents leaked by Edward Snowden, a former NSA private contractor.

One of Snowden’s key contacts, American documentary film-maker Laura Poitras, was also listed among the article’s six authors.

Exploiting weaknesses

One of the most striking reported revelations concerned the NSA’s alleged ability to spy on Microsoft Corp.’s crash reports, familiar to many users of the Windows operating system as the dialogue box which pops up when a game freezes or a Word document dies.

The reporting system is intended to help Microsoft engineers improve their products and fix bugs, but Der Spiegel said the NSA was also sifting through the reports to help spies break into machines running Windows.

One NSA document cited by the magazine appeared to poke fun at Microsoft’s expense, replacing the software giant’s standard error report message with the words: “This information may be intercepted by a foreign sigint (signals intelligence) system to gather detailed information and better exploit your machine.”

Some of the attacks described by Der Spiegel exploit weaknesses in the architecture of the internet to deliver malicious software to specific computers.

Others take advantage of weaknesses in hardware or software distributed by some of the world’s leading information technology companies, including Cisco Systems, Inc. and China’s Huawei Technologies Ltd., the magazine reported.

The magazine suggested that the agency was “compromising the technology and products of American companies.”

No one was immediately available at Der Spiegel to clarify whether Snowden was the source for the latest story.