Schneier on Security
A blog covering security and security technology.
« Breaking Up the NSA |
| DDoSing a Cell Phone Network »
February 25, 2014
EBSR: NSA Exploit of the Day
Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog:
(S//SI//REL) Multi-purpose, Pico class, tri-band active GSM base station with internal 802.11/GPS/handset capability.
(S//SI//REL) Operational Restrictions exist for equipment deployment.
- LxT Model: 900/1800/1900MHz
- LxU Model: 850/1800/1900MHz
- Pico-class (1Watt) Base station
- Optional Battery Kits
- Highly Mobile and Deployable
- Integrated GPS, MS, & 802.11
- Voice & High-speed Data
- SMS Capability
- 1.9"H x 8.6"W x 6.3"D
- Approximately 3 lbs
- Actively cooled for extreme environments
(S//SI//REL) EBSR System Kit:
- EBSR System
- AC/DC power converter
- Antenna to support MS, GPS, WIFI, & RF
- LAN, RF, & USB cables
- Pelican Case
- (Field Kit only) Control Laptop and Accessories
(S//SI//REL) Separately Priced Options:
(S//SI//REL) Base Station Router Platform:
- Multiple BSR units can be interconnected to form a macro network using 802.3 and 802.11 back-haul.
- Supports Landshark/Candygram capabilities.
Unit Cost: $40K
Page, with graphics, is here. General information about TAO and the catalog is here.
In the comments, feel free to discuss how the exploit works, how we might detect it, how it has probably been improved since the catalog entry in 2008, and so on.
Posted on February 25, 2014 at 2:11 PM
• 6 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
You forgot to mention another reason "control" of other agencies operations...
If you look at the catalog pages you will see that some equipment is for sale and some only for "rent".
I've not analysed it but there may be a correlation between the addition of restrictions on usage and change to hire that can give an indication of the reasons.
However TAO may be doing the old trick of getting other agencies "dependent" on their product and then exploiting it to their advantage.
For instance getting another agency to tell you some or all of the operational details of their current and future "covert" activities offers a potential level of political power few in that business would pass up given the opportunity.
The equipment may even have ET (call home) and backdoor control functions added so that TAO have secret control of the equipment... afterall if TAO uses "cracker mentlity" people the chances are they will continue to have the same atitude when building systems...
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.