Government // Cybersecurity
News
3/14/2014
10:04 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

NSA Denies Impersonating Facebook To Serve Malware

Facebook's Zuckerberg speaks out after Snowden leak suggests NSA server posed as social media site to infect millions of computers with surveillance malware.

The National Security Agency (NSA) on Thursday shot down as "inaccurate" a media report that the agency may have planted malware on millions of computers worldwide and even impersonated Facebook and other websites to lure potential targets.

The Intercept news site reported Wednesday that classified documents pilfered by former NSA contractor Edward Snowden showed that the NSA had built technology to automatically infect "potentially millions of computers" around the world with malware in order for the agency to glean data from foreign Internet and phone networks. The so-called implant operation reportedly started out as an isolated program for a few hundred targets, but the NSA over the past 10 years has automated some aspects of the program to reach targets on a wider scale, according to The Intercept.

Dubbed TURBINE, the automated system was built to "allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually," the report quotes NSA documents as saying. Examples included NSA setting up a server posting as a Facebook server to infect a target and grab files from its hard drive, and also using other man-in-the-middle type attacks that reroute victims to the NSA's computers that then inject the "implant" malware.

Read the rest of this story on Dark Reading.

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
3/14/2014 | 10:15:52 AM
Spare me
Social media is awash with people virtually linking hands with Zuckerberg and singing Kumbaya in solidarity. It's somewhat amusing. Let's all remember that Facebook makes money by mining and selling every scrap of user data that it thinks it can get away with. And, if you don't think FB (and many other big Internet companies) have been, and maybe still are, complicit with the NSA on programs like PRISM, I have a nice bridge for sale.

Oh, and at what point do we stop taking every scrap of information that Snowden leaks as gospel?
pmoore520
50%
50%
pmoore520,
User Rank: Apprentice
3/14/2014 | 12:49:16 PM
Re: Spare me
I certainly would not put more credence into what the NSA is saying over what Snowden has said.

The NSA has already been proven to 'not tell the truth' about it's surveillance programs. 
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
3/14/2014 | 12:55:49 PM
Re: Spare me
I think a good operational stance is to not trust any entity but instead follow the money.
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
3/14/2014 | 3:35:10 PM
Re: Spare me
>I think a good operational stance is to not trust any entity but instead follow the money.

This explains perhaps why intelligence budgets are classified.
WKash
50%
50%
WKash,
User Rank: Author
3/19/2014 | 6:10:00 PM
Re: Spare me
Snowden, for better or worse, has created a long tail of revelations that fits perfectly into the media's need to feed the news beast every day.  But it remains curious how much companies like Facebook have escaped greater scrutiny on just how much they are learning about each of us.  One imagines their file data on each of their members would  cause at least as much of an uproar as the NSA is, if American's could get a real glimpse at it.  We need an Edward Snowden to emerge from FB.

 
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
3/20/2014 | 10:33:43 AM
Re: Spare me
Wyatt, that's a column!
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.