According to a slide released by NSA nemesis, hero Edward Snowden, and published by Dutch newspaper NRC Handelsblad, by mid-2012 the NSA had infected over 50,000 computer networks with malware, and estimated that by the end of 2013 as many as 85,000 ‘implants’ could be deployed.
Not content with simply snooping on just about everybody’s email, web habits, phone calls, VoIP, and IM chat, the Tailored Access Operations (TAO) department of the NSA took more active measures and deployed ‘Computer Network Exploitation (CNE)’ – known within the NSA as ‘implants’ – across many thousands of networks worldwide, with the aim of subverting routers firewalls, switches (and more) so that data transmitted to these devices would be routed to the NSA.
Very worrying is the fact that the installed malware, known as ‘sleepers’ can remain dormant and undetectable for years, turnable on and off at will by the NSA.
A good example of this kind of hacking was discovered by Belgian telecoms company Belgacom (whose customers include the European Commission, the European Council and the European Parliament) in September this year, when it was revealed that GHCQ had infected its system with malware after employees were lured to fake LinkedIn page.
It should be remembered that it was less four years ago (the CNE program has been running since 2008) when in a highly hypocritical statement Hilary Clinton sharply criticised China for engaging in similar acts of cyber-espionage,
‘In an interconnected world, an attack on one nation’s networks can be an attack on all. Countries or individuals that engage in cyber attacks should face consequences and international condemnation. By reinforcing that message, we can create norms of behaviour among states and encourage respect for the global networked commons.’