ShortBytes: In a recent find out, it has been revealed how NSA implants trojan firmware in the networking devices being delivered to the targeted customers. You can also read an interesting description from an NSA manager about how it works.
Ahoarded document which was fetched from the National Security Agency files released with Glenn Greenwald’s book ‘No Place to Hide’, shows how NSA’s Tailored Access Operations (TAO) unit and other NSA employees intercept computer networking devices which are on the way for shipment. These devices include servers, routers, and other network gears which are being shipped to the targeted organizations.
NSA’s TAO implants firmware onto them before being delivered for surveillance and covert operations.
These Trojan horse firmware were described by an NSA manager as being “some of the most productive operations in TAO because they pre-position access points into hard target networks around the world.”
In the picture, you can clearly see NSA employees opening the shipping box for a Cisco router and installing beacon firmware with a “load station” designed specifically for the task.
Shipments of computer network devices (servers, routers, etc,) being delivered to our targets throughout the world are intercepted. Next, they are redirected to a secret location where Tailored Access Operations/Access Operations (AO-S326) employees, with the support of the Remote Operations Center (S321), enable the installation of beacon implants directly into our targets’ electronic devices. These devices are then repackaged and placed back into transit to the original destination. All of this happens with the support of Intelligence Community partners and the technical wizards in TAO.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.