The German Magazine Der Spiegel has published an article that details one of the National Security Agency’s most powerful operations units – the Office of Tailored Access Operations (TAO). According to the report TAO is a special unit that is called in when other units’ access to a target is blocked. The “digital plumbers” are called in to unblock or hack in to the target.
Der Spiegel quotes a former TAO official who notes that the TAO are expected to get targets that seem impossible and that many of the NSA’s biggest successes have come from the unit. She also notes the role the NSA sees itself as playing in the internet age in which hacking or “Computer Network Exploitation (CNE)” will play a leading role in NSA operations.
Defining the future of her unit at the time, she wrote that TAO “needs to continue to grow and must lay the foundation for integrated Computer Network Operations,” and that it must “support Computer Network Attacks as an integrated part of military operations.” To succeed in this, she wrote, TAO would have to acquire “pervasive, persistent access on the global network.” An internal description of TAO’s responsibilities makes clear that aggressive attacks are an explicit part of the unit’s tasks. In other words, the NSA’s hackers have been given a government mandate for their work.
Though TAO was created relatively recently in 1997 it has become one of the NSA’s most important units. TAO is said to have gained access to 258 targets in 89 countries in the last decade with 279 operations in 2010 alone.
Previously the NSA was forced to use tactics common to most criminal hackers – using emails that seem like spam to direct targets to virus laden websites that would install NSA software programs onto the person’s computer.
But now the NSA has reportedly greatly increased its capacities to hack into computer systems using a toolbox named “QUANTUMTHEORY.” The QUANTUM missions are said to have a success rate as high as 80%. In a presentation Der Spiegel viewed the world’s most popular internet services – Facebook, Yahoo, Twitter, and Youtube – were listed as being exploitable with QUANTUM. With the best results coming from “Yahoo, Facebook and static IP addresses.”
The NSA noted it had some trouble in targeting users of Google services but don’t worry, thanks to the Five Eyes intelligence network the NSA has access to your Google information from GCHQ. Triangulation for the win.
Though TAO is new and mostly an internet based unit traditional intelligence methods of informants are used to help them gain access to computer systems not on the internet as well as the interdiction of shipping deliveries that allows the NSA to install spyware.
If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called “load stations,” agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.
These minor disruptions in the parcel shipping business rank among the “most productive operations” conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks “around the world.”
It remains unknown if TAO goes through any legal process to “interdict” these packages for American citizens or anyone else. A federal offense for some is a day at the office for others.
What we do know is that the NSA is escalating cyber warfare every day which will not only help secure future funding for their budget but help former NSA directors and officials now in the private sector remain prosperous.