TURBINE (US government project)
TURBINE is the codename of an automated system which in essence enables the automated management and control of a large network of implants (a form of remotely transmitted malware on selected individual computer devices or in bulk on tens of thousands of devices).
The NSA has built an infrastructure which enables it to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process. As quoted by The Intercept, TURBINE is designed to "allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually."[1] The NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance – the United Kingdom, Canada, New Zealand, and Australia.
Among other things due to TURBINE and its control over the implants the NSA is capable of:
- breaking into targeted computers and to siphoning out data from foreign Internet and phone networks
- infecting a target's computer and exfiltrating files from a hard drive
- covertly recording audio from a computer's microphone and taking snapshots with its webcam
- launching cyberattacks by corrupting and disrupting file downloads or denying access to websites
- exfiltrating data from removable flash drives that connect to an infected computer
The TURBINE implants are linked to, and relies upon, a large network of clandestine surveillance "sensors" that the NSA has installed at locations across the world, including the agency's headquarters in Maryland (Fort George G. Meade) and eavesdropping bases used by the agency in Misawa, Japan (Misawa Air Base) and Menwith Hill, England (RAF Menwith Hill). Codenamed as TURMOIL, the sensors operate as a sort of high-tech surveillance dragnet, monitoring packets of data as they are sent across the Internet. When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or "tips" to TURBINE, enabling the initiation of a malware attack. To identify surveillance targets, the NSA uses a series of data "selectors" as they flow across Internet cables. These selectors can include email addresses, IP addresses, or the unique "cookies" containing a username or other identifying information that are sent to a user's computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter, unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16]
See also
References
- Ryan Gallagher and Greenwald (March 12, 2014). "How the NSA Plans to Infect 'Millions' of Computers with Malware". The Intercept. Retrieved March 12, 2014.
- Gallagher, Ryan (March 15, 2014). "Compare the NSA's Facebook Malware Denial to its Own Secret Documents". The Intercept. Retrieved March 23, 2014.
- Gallagher, Sean (March 12, 2014). "NSA's automated hacking engine offers hands-free pwning of the world". Ars Technica. Retrieved March 23, 2014.
- "Thousands of Implants". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "Industrial-Scale Exploitation". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "NSA Technology Directorate Analysis of Converged Data". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "There Is More Than One Way to Quantum". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "NSA Phishing Tactics and Man in the Middle Attacks". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "Quantum Insert Diagrams". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "TURBINE and TURMOIL". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "The NSA and GCHQ's QUANTUMTHEORY Hacking Tactics". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "Menwith Hill Station Leverages XKeyscore for Quantum Against Yahoo and Hotmail". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "Five Eyes Hacking Large Routers". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "Selector Types". The Intercept. March 12, 2012. Retrieved March 12, 2014.
- "VPN and VOIP Exploitation With HAMMERCHANT and HAMMERSTEIN". The Intercept. March 12, 2014. Retrieved March 12, 2014.
- "Thousands of Implants". The Intercept. March 12, 2014. Retrieved March 13, 2014.