Before you click “Like” on that cute little kitten your best friend sent you on Facebook, you may want to think about the possibility that it’s a gateway into the spy world of NSA.
Edward Snowden spoke to attendees at SXSW (South by Southwest) recently via the web from somewhere in Russia. The whistleblower, who dropped a bombshell a year ago that has reverberated in countries globally, has basically told the world that the thousands of apps and games available through the globe’s largest social media site, may not be so innocuous after all.
The National Security Agency has been breaking into computers worldwide and implanting malware to spy on the user’s web surfing as well as offline activities. NSA’s malware is not restrained by human oversight and once implanted on a target computer, could be free to duplicate itself and spread unchecked to any computer that ever signs onto the internet.
And NSA is wearing its Facebook mask to make it all look believable.
Using Facebook as a platform to zero in on a computer, the NSA has sent emails filled with malware to unsuspecting recipients. The malware can be customized to include audio from the computer’s microphone as well as take photographs with the computer’s webcam.The system used by the NSA to hack computers has also allowed the spy agency to perform cyber attacks by disrupting downloads and denying access to websites.
Using Facebook’s ubiquitous appeal, the NSA has successfully tricked targets into logging onto a look-a-like site. Once the target has entered the copycat website, the NSA can plant the malware which takes control of the microphone and camera. The NSA also can copy complete hard drives without the target realizing their information has been compromised.
Harley Geiger, senior counsel at the Center for Democracy and Technology, says the NSA is acting like a spambot. Geiger feels that it would be permissible to target specific threats under highly controlled conditions, but the mass surveillance the NSA is doing puts millions of innocent internet users at risk. Left on its own, the spambot can’t tell the difference between a terrorist buying backpacks online and a family doing research for an upcoming camping trip.
In 2009, the NSA built a self-directed system codenamed TURBINE to almost totally reduce the level of human oversight needed for the spying to work. With the spyware implantation automated, the NSA could potentially infect millions of computers around the globe. Analysts estimate that as many as 100,000 computers were infected under TURBINE before the program was folded into QUANTUMHAND.
As internet surfers became more aware of malware’s deliverability through email, the NSA had to find a more covert way to zero in on targets. Stealing the code from Facebook, the NSA set about putting up their own phony Facebook pages on bogus Facebook servers.
Using a forged Facebook server, the NSA can fool a target into logging onto a Facebook site. Concealing the malware behind the mask of what appears to be a typical page, the NSA can then hack into the computer and grab the data from the target’s hard drive.
QUANTUMHAND started in October 2010. The NSA first beta-tested the program on a dozen targets and then expanded it to integrate with the TURBINE program. The problem gets potentially more lethal when it’s realized that the NSA software may not work correctly. When it does work as intended, there is no oversight once the malware is set loose to wander across the world wide web. Even with the more sophisticated form of encryption, HTTPS, that Facebook now uses, it was only put into place in 2013. Machines infected prior to last year are still vulnerable to attacks.
Facebook has stated often that system upgrades are constantly being completed to protect users. In the high-tech game of computer security, the NSA will certainly try to stay one step ahead. That cute kitten your aunt sent you may not be so cute after all.
By Jerry Nelson