27th February 2014

By Ezra Van Auken

Guest Writer for Wake Up World

What’s been said about the National Security Agency (NSA) since the Edward Snowden leaks is certainly frightening to privacy and civil libertarian advocates. Whether these leaks are a positive or negative move by whistleblower is debatable, but the fact remains that what Snowden did has changed the landscape of government discussion.

NSA’s Surveillance State Revealed

Digging right in…. In December 2013, computer hackers and gurus converged on Brazil for the 2013 Chaos Communication Conference (CCC), the thirtieth year in a row the event has taken place. Of course though, this year, government spying revelations have hit tech junkies and privacy backers like a ton of bricks. Featured at the CCC event were speakers well known to the current tech community such as Jacob Applebaum and Julian Assange.

Given the current government surveillance debate, Applebaum and Assage were pretty much expected, considering both have dealt heavily with intrusive spying. During the event, Assange video-chatted into the Brazilian conference and offered solution, telling hackers and computer gurus to fight against state-sanctioned surveillance. What Applebaum had to offer though, is what brought down the house for listeners.

Just moments before Applebaum’s CCC speech, Germany’s newspaper Der Spiegel dropped new revelations – probably the most revealing yet – showing the NSA’s vast backdoor access into systems worldwide. Applebaum, member of the Tor project, which is an Internet web browser dedicated to increasing anonymity, decided to gear his speech around the latest revelations. What came during Applebaum’s hour-long speech turned wake-up call, shook the room and YouTube views.

To begin, Applebaum revealed a handful of programs, tools and backdoor hacks, which the  NSA uses to monitor  people’s systems and data. Let’s take a detailed look into each.

The RAGEMASTER Implant

The first newly leaked NSA component called “RAGEMASTER” is a hardware implant that detects and seizes image signals from VGA monitors. The implant itself is hidden in the ferrite insulation of the monitor cable, behind the plug. What is even more mind numbing is the way it works.

When RAGEMASTER is illuminated by the radar unit, the signal is inflected with the red video information. As explained on the released slide:

This information is re-radiated, where it is picked up at the radar, demodulated, and passed onto the processing unit and an external monitor

This then recreates the horizontal and vertical sync of the monitor, giving NSA personnel the ability to see exactly what’s on the monitor.

The  SURLYSPAWN Hack

Now that we’ve learned how the NSA is able to view exactly what is on your monitor, let’s take a look at “SURLYSPAWN”. This particular hack allows NSA personnel to record and analyze keystrokes, even when the computer isn’t connected to the Internet. SURLYSPAWN is a hardware implant as well, and assists in the transmitting of what a user is typing. The slide noted that:

An invisible signal emitted by the implant is modified by every keystroke, and then a radar signal emitted by a device located outside the building makes the implant’s invisible signal visible.

Once the signal is visible, personnel around the target can see everything being stroked on the keyboard. Using similar processes as RAGEMASTER, the SURLYSPAWN hack requires the implant onto a keyboard.

The COTTONMOUTH Implant

Then there’s “COTTONMOUTH”: another hardware implant inserted into a USB drive. It is disguised as either a keyboard’s USB plug or a USB extension cord that can be connected between a device and the intended computer. Its role is either to intercept communications or to interject Trojans, while also being able to respond to other already-implanted COTTONMOUTH implants. COTTONMOUTH can monitor the network as well as command the computer and network.

The GINSU Hack

Switching over to the computer in its entirety, “GINSU” is a software hack, which allows other NSA hardware and software programs like BULLDOZER and KONGUR to maintain its stay in the system. When installed, GINSU can catch system reboots and upgrades, so that when the upgrade or reboot takes place, the software is restored to the system. Leaving the target entirely infected, rebooted or not.

And don’t think your wireless LAN is free from constraint. Der Spiegel explains:

The NSA’s ANT division also develops methods for gaining access to wireless LAN networks from the outside, allowing them to tap into these networks and plant their own software on them.

The NIGHTSTAND Data Insert

This brings us to the NSA’s “NIGHTSTAND”, which can remotely insert data packets into various Windows systems. The list includes insertions of malware into the wireless networks’ traffic. NIGHTSTAND’s process is mobile and works up to 8 miles.

Some of the targets that NIGHTSTAND can successfully exploit include Win2k, WinXP and WinXPS1P2 running IE, and the packet injection can go after either one target or multiple targets, remaining undetectable by users. Overall, the NIGHTSTAND packet injection would be used during situations when the intended target has no access to a wired connection.

Other Back Doors

Der Spiegel, its journalists involved and Applebaum didn’t stop here. Other NSA backdoors include phone software/hardware hacks, which allow the remote ability to control the hotmic, camera, voicemail details and other areas in the mobile phone. In addition, it’s been revealed that the NSA’s personnel have successfully exploited larger server systems and firewalls with programs such as IRONCHEF and JETPLOW.

The latest Snowden leaks are only confirming what  those concerned with state spying could previously only speculate about. From reading a user’s monitor, to keyboard stroke detection, to hacking wireless LANs, your footsteps on the Internet are being constantly preserved and stored by the watchers: the NSA. In the end, as government spying grows, it’ll be left up to the market of hackers, computer gurus and other specialists to block, exploit and encrypt around the NSA’s prying eyes, which even now seems like a stretch.

This article courtesy of BenSwann.com