The National Security Agency (NSA) has installed malware on tens of thousands of computers worldwide, according to a new report from Dutch news Website NRC.
NRC drew its information from documents provided by government whistleblower Edward Snowden. Chief among those documents is a PowerPoint slide that allegedly depicts the NSA’s reach into the global telecommunications network underlying the Web; if the data listed on that slide is accurate, the agency has implanted malware on some 50,000 systems worldwide via its Computer Network Exploitation (CNE) efforts. That malware reportedly allows access to the targets’ data traffic.
According to the NSA’s own Website, CNE is a vital function of the agency’s Computer Network Operations, and “includes enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks.” In August, The Washington Post ran a lengthy piece detailing the NSA’s hacking unit, known as Tailored Access Operations (TAO), which reportedly features 600 members working out of the NSA headquarters in Fort Meade, Maryland. (Like NRC and other publications, the newspaper relied on documents provided by Snowden.) The Post cited one NSA senior network operator who claimed on his LinkedIn page that his employees had completed some 54,000 Global Network Exploitation (GNE) operations in support of agency objectives; if you extrapolate that level of activity to other TAO-linked employees, the number of potential infiltrations grows quite large.
Reports of NSA surveillance have led some of the world’s biggest Internet companies, most notably Google and Yahoo, to begin the laborious process of more tightly encrypting the data on their networks. The agency’s alleged hacking shows “the steps that the organization was willing to do without good judgment to pursue its mission and potentially violate people’s privacy,” Google chairman Eric Schmidt told The Wall Street Journal during a November interview in Hong Kong. “It’s not OK.”
But it’s questionable at this juncture whether the federal government will attempt to substantially rein in the NSA’s efforts, despite some very public calls to do so from lawmakers and activists in Washington, DC.