Reports from Der Spiegel have suggested that the NSA’s elite hacking unit (TAO), has gone to serious lengths to spy on unsuspecting victims. The reports, which are based on internal NSA documents, indicate that shipping deliveries of laptops and other computer accessories, are regularly intercepted and implanted with bugs, all before they reach their intended destination.
Der Spiegel claims that the TAO group can divert shipments to “secret workshops”. It is here that the devices are loaded with malware or malicious hardware, which then gives US intelligence agencies remote access. All of this is done in collaboration with the CIA and FBI.
It would seem that to accomplish this invasion, the NSA uses a product codenamed COTTONMOUTH, which is a USB “hardware implant” that is able to give the NSA remote access to the device without anyone knowing. Der Spiegel says that the agency gets this tool from a “mail order spy catalog”, which offers a way into hardware and software belonging to some of the big names in the technology market, including Samsung, Huawei, Dell and Cisco.
The report also suggests that the NSA can intercept Microsoft Windows error reports, determine what the problem is and then attack it with Trojans or some other malware.
US companies have spoken out about the reports of NSA tampering, with Cisco’s senior vice president John Stewart saying “we are deeply concerned with anything that may impact the integrity of our products or our customers’ networks,” and that the company does “not work with any government to weaken our products for exploitation.”
Recently a US federal judge ruled that the NSA’s collection of telephone data was unlawful, which will add to the already growing pressure on the agency from the public, Congress and federal courts.
[Image via DW]