Hackers Build Spy Tools From Leaked NSA Designs

Admiral Michael 'Mike' Rogers, director of the National Security Agency (NSA) and commander of U.S. Cyber Command, pauses during a Bloomberg Government cyber-security conference in Washington, D.C., U.S., on Tuesday, June 3, 2014.

The NSA doesn't just have powerful Internet surveillance technologies, it also has old-school spying tools like bugs and gadgets that give the spies a wide array of ways to hack into a target's computer or cellphone.
Some of these James Bond-like tools were revealed last year when Der Spiegel published a 48-page catalog, created in 2008 by the NSA and later obtained by the German newsmagazine. Now, a group of hackers is trying to build these NSA spying gadgets with open source hardware.

The group, who has named the project the 'NSA Playset', wants to show other hackers and makers how to build the spying tools — and to protect against them.
"To someone who is not an expert in the field, the capabilities in the catalog might seem far-fetched or ultra high-tech," one of the hackers who's part of the project, Michael Ossmann, toldMashable. "What we want to show is that these capabilities are very much achievable and practical. And by pointing out how easy they are to achieve, we hope that we can raise awareness of security threats in our computer system."
The idea to work on this project came from security researcher Dean Pierce, who wanted to see how easy it would be to make the devices with Ossman and others joining the initiative shortly after. The hackers soon realized that most of the NSA tools in the catalog weren't that hard to reproduce.
"There's nothing really unique in what the NSA is doing, they just have the dollars to make more sophisticated equipment," Josh Datko, the founder of Cryptotronix, an open source hardware company, and also part of the NSA Playset project, told Mashable
"It's kind of surprisingly easy to recreate them."
"It's kind of surprisingly easy to recreate them."

Ossmann has been focusing on something called "retro reflector." An implant that when attached to a computer's VGA cable, for example, can capture and transmit what's being displayed on a screen and send it over-the-air to a nearby spy. Ossman explained that it's essentially a "bug."
Datko, for his part, has been trying to reproduce a device called WAGONBED, another malicious bug that when implanted in a computer or a server allows its operator to access it remotely via cellphone network, making the spying harder to detect.
Pierce, Ossmann, and Datko will be joined by a handful of other security researchers to showcase and release all the details of their creations in four talks at the Def Con hacking conference that will be held in Las Vegas in August.
The researchers want their NSA Playset to be a collaborative project and encourage others to get involved.
The full NSA ANT, which presumably stands for Advanced or Access Network Technology, catalog is embedded below.
Have something to add to this story? Share it in the comments.

No comments:


© 2012 Học Để ThiBlog tài liệu