New Snowden Interview in Wired
There’s a new article on Edward Snowden in Wired. It’s written by longtime NSA watcher James Bamford, who interviewed Snowden in Moscow.
There’s lots of interesting stuff in the article, but I want to highlight two new revelations. One is that the NSA was responsible for a 2012 Internet blackout in Syria:
One day an intelligence officer told him that TAO—a division of NSA hackers—had attempted in 2012 to remotely install an exploit in one of the core routers at a major Internet service provider in Syria, which was in the midst of a prolonged civil war. This would have given the NSA access to email and other Internet traffic from much of the country. But something went wrong, and the router was bricked instead—rendered totally inoperable. The failure of this router caused Syria to suddenly lose all connection to the Internet—although the public didn’t know that the US government was responsible….
Inside the TAO operations center, the panicked government hackers had what Snowden calls an “oh shit” moment. They raced to remotely repair the router, desperate to cover their tracks and prevent the Syrians from discovering the sophisticated infiltration software used to access the network. But because the router was bricked, they were powerless to fix the problem.
Fortunately for the NSA, the Syrians were apparently more focused on restoring the nation’s Internet than on tracking down the cause of the outage. Back at TAO’s operations center, the tension was broken with a joke that contained more than a little truth: “If we get caught, we can always point the finger at Israel.”
The other is something called MONSTERMIND, which is an automatic strike-back system for cyberattacks.
The program, disclosed here for the first time, would automate the process of hunting for the beginnings of a foreign cyberattack. Software would constantly be on the lookout for traffic patterns indicating known or suspected attacks. When it detected an attack, MonsterMind would automatically block it from entering the country—a “kill” in cyber terminology.
Programs like this had existed for decades, but MonsterMind software would add a unique new capability: Instead of simply detecting and killing the malware at the point of entry, MonsterMind would automatically fire back, with no human involvement.
A bunch more articles and stories on MONSTERMIND.
And there’s this 2011 photo of Snowden and former NSA Director Michael Hayden.
ygjdsfvc • August 14, 2014 1:48 AM
The CloudFlare blog posted in 2012 a detailed analysis of the Syria internet outage that happened on November 29 that year. In the post, CloudFlare noted how there were also brief ~15 minute internet drops for most of Syria 4 both days and 2 days prior to the full outage. So perhaps NSA was modding that router on those 2 days in preparation for their firmware upload on the 29th.
http://blog.cloudflare.com/how-syria-turned-off-the-internet
Amazing that a country operates with just one central router.