By Iris Vander Pluym – 01.12.14
Based on documents leaked by my 2016 write-in candidate for president Edward J. Snowden, Spiegel reports on an elite NSA unit called TAO (for "Tailored Access Operations"). Some of TAO's exploits take advantage of the notoriously crash-prone Microsoft Windows operating system. Not for useful intelligence gathering, silly. Just for giggles!
Anyone unfortunate enough to run a Windows OS has seen their share of automated crash notices like this:
Microsoft Windows
The system has recovered from a serious issue.
A log of this error has been created.
Please tell Microsoft about this problem.
We have created an error report that you can send to help us improve Microsoft Windows. We will treat this report as confidential and anonymous.
According to an internal NSA presentation leaked by unchallenged 2016 presidential candidate Mr. Snowden, Microsoft’s crash reports provide the agency with automatic "passive access" to a targeted computer. "Passive access" means all outgoing Internet data is captured but the machine itself cannot be accessed, so this crash report method has little practical use. But the agents enjoy it just for the chuckles they get at the expense of Microsoft's craptastic software. In one NSA graphic, the crash report text is edited to read:
Microsoft Windows
The system has recovered from a serious issue.
A log of this error has been created.
Please tell Microsoft about this problem.
This information may be intercepted by a foreign SIGINT [signals intelligence] system to gather detailed information and better exploit your machine.
BOOM. Hahaha! Are these d00ds a scream or what!
TAO's primary activity is infecting targeted machines with malware programs that give the agency complete access and control. To this end, until fairly recently agents deployed the well-worn tactics of ordinary cyber criminals: sending spam emails with links to virus-infected sites that install NSA malware. The problem, of course, is that spamming is a federal crime, subject to penalties of up to $16,000—per email.
I kid! Everyone knows laws don't apply to the federal government! Especially not to U.S. military intelligence agents spying on American citizens! No, the real problem with the spamming schemes is that they rarely ever work: one NSA document puts the success rate at under 1%. But the agency upped its game, and now has a hacker toolbox with the awesome name "QUANTUMTHEORY." Success rates for implanting malware now run as high as 80%.
One tool, QUANTUMINSERT, is a hands-down favorite. It works by determining which website a person is trying to access, and surreptitiously re-routing the user to a covert NSA server with the super cool name "FOXACID". FOXACID's pages mimic those of virtually every popular Internet service provider including Facebook, Yahoo, LinkedIn, Twitter and YouTube, and the unsuspecting user's computer is infected with NSA's malware when the fraudulent site loads. Neat!
Spiegel reports on several successful FOXACID missions. In one, Britain’s GCHQ targeted computers at Belgacom, Belgium's partly government-owned telephone company (and apparently a haven for terrorist masterminds?). Agents totally FOXACID-IZED unsuspecting Belgacom employees who were trying to access LinkedIn; thereafter the agency was able to remotely control the computers and hack further into Belgacom's network and discover their terrorist plots. Meanwhile, NSA pulled the same shtick on high-ranking members of the Organization of Petroleum Exporting Countries (OPEC) at its Vienna headquarters.
Are you as shocked as I am by these revelations? I mean, I had no idea that Iranian OPEC governor Hossein Kazempour Ardebili was on LinkedIn. He's kind of a hottie for an older d00d, though he could definitely use a better haircut for his profile pic...what? Oh right. Anyway.
What is not shocking is that the NSA-GCHQ partnership used QUANTUMTHEORY tools to FOXACIDIFY many, many terrorist plots in Belgium's phone company and among the world's biggest oil exporters. They say they "gained unhindered access to valuable economic data," but obviously that was only an incidental side benefit resulting from these critical terrorist investigations. Gee, I wonder who NSA gave all that "valuable economic data" to? Undoubtedly to people who have the American middle class's very best interests at heart, I AM SURE.
Another leaked document marked "top secret" and "not for foreigners" (okay foreign readers! do not look at this part!) details NSA's success in hacking into a massive underseas cable system operated by part-government-owned France Telecom (a.k.a. Orange) and Telecom Italia Sparkle. (I loooove Italians. They named their phone company Sparkle...!) NSA accomplished the cable hack by deploying a "website masquerade operation." FOXACIDBURNNNNED, Orange and Sparkle!
What is it with all these terrorists working day jobs at European phone companies anyway? Seems weird to me. Well, NSA obviously knows what they're doing, because they do a fine job of keeping us safe. After all, we would never spend billions of tax dollars just to have government agents sitting around playing computer games all day. OH WAIT YEAH WE TOTALLY WOULD DO THAT. For years NSA, FBI and CIA agents were indeed sitting around all day playing World of Warcraft, Second Life and a bunch of mobile apps, based on some cockamamie rationale about their ability to flush out terrorists by playing online video games. This wasn't just a handful of rogue dudebros, either: in fact, there were so many agents playing that they had to set up "deconfliction" groups just to make sure they weren't accidentally spying on each other. What could be more hilarious?
Astute readers will also note that in addition to their mad comedy skillz, the existence of this WORLDOFWARACIDFOX program or whatever they call it is indisputable proof of sheer genius on the part of these agencies, even though their operatives are constantly running into each other like Keystone Kops in cyberspace. Now, it is true that, surprisingly, none of this ever led to any useful intelligence whatsoever, but that is not the point.
The point is: how come I never come up with brilliant schemes like this? I mean, there has got to be something I can do that's really fun for which I can charge the government millions of dollars and not accomplish anything...wait! Wait! I know! Maybe there are terrorist gatherings happening in high-end spas all over the world right now! Bet you never even thought of that, NSA. (Lard knows they can't plot their attacks from the phone company anymore.) No one would even think to look for terrorists at the Ocean Club spa in the Bahamas, say, or the spa at the Four Seasons Marrakesh, amirite? See? I am on to something really big here, NSA. Did you guys even know that cell phones and electronics are not permitted in nice spas? It's true! So how will you spy on these terrorists when they're lounging around in Moroccan-tiled steam rooms and sparkling mineral pools? Huh? Surely someone experienced in luxury spa-going should check into all of this, pronto. With her friends. As cover. For a couple years. Well guess what? This is your lucky day, NSA, because I KNOW JUST THE RIGHT PERSON. Call me on my cell—it's not like you don't have my number, hahaha!
Actual American spies trying to blend in at actual Russian bathhouses IN ACTUAL RUSSIA. They probably have cell phones in their underwear too. Idiots.
But TAO isn't all about playing computer games. Nope: they're also into exciting, old-school, cloak-&-dagger stuff, too. For instance, where direct physical access to a device or network is required for the U.S. government to know every single thing about every single person on the planet at all times, the TAO agents on these missions get to fly around in an FBI-owned jet. (As far as I know President-elect Snowden did not leak pics of this jet, but I bet you it's amazing.)
TAO also intercepts package deliveries. Let's say someone orders a new computer or electronic gadget. TAO will divert the package to one of its "secret workshops," where (presumably elf-like) agents carefully cut open the box and load their malware directly onto the device, then seal it back up and send it on its merry way. Sometimes the Elf Agents install or reconfigure hardware to provide backdoor access later on, in case the National Santa Agency determines that the recipient has done something very naughty—for instance flying a small plane in any direction other than straight out over the nearest giant ocean.
According to another top secret document, these interruptions in the parcel shipping business are among the "most productive operations" conducted by NSA. That may sound impressive, but unfortunately it isn’t saying much—and I'm just not talking about WORLDOFACIDWARFOX missions, either. President Obama’s own advisory panel of independent experts, hastily convened in the aftermath of future President Snowden's early revelations, found no evidence that any of NSA's efforts ever stopped a single terrorist attack! Hahaha! HILARIOUS!
Spiegel contacted NSA for a statement, to which NSA officials responded*:
Tailored Access Operations is a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies against Belgian telephone company terrorists. Also: French and Italian phone company terrorists too of course, although those guys are already pretty easy to spot because they're orange and sparkly, respectively. Agents are presently focused on determining whether terrorists appear similarly sparkly and orange in Grand Theft Auto V, Tomb Raider and Bioshock Infinite.
NSA officials would not discuss any specific allegations regarding TAO's missions.
__________
* I may have embellished that NSA statement. Slightly. Or maybe TAO agents hacked my laptop and rewrote that section—just to get a few laughs out of messing with you.
[A version of this post appeared at Perry Street Palace.]