Hot on the heels of Edward Snowden’s NSA-baiting talk at the South by Southwest (SXSW) Interactive Festival in Austin this week, The Intercept has released new documents which detail how the NSA infected thousands of computers (in July 2010 this numbered between 85 and 100 thousand) with malware implants.
So far, so NSA, but what is different about this project, dubbed TURBINE, is that it could boost these implants to mass-infect computers, scaling the NSA malware infection rate from tens of thousands to potentially millions, in order to address the problem that individual targets tend to only communicate (and thus have the potential to infect others) within only fairly limited circles,
‘One of the greatest challenges for active SIGINT/attack is scale. Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture).’
So instead of being aimed at a select group of targeted individuals, malware could be aggressively cranked out to infect huge numbers of untargeted individuals, allowing ‘the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.’
In addition to the privacy and proportionality implications of such blanket targeting, such measures are likely to undermine the foundations of the internet. Security expert and chief researcher at anti-malware outfit F-Secure described the news as ‘disturbing’, explaining that,
‘When they deploy malware on systems they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.’