Bruce Schneier leads a discussion of HEADWATER, the NSA's tool for compromising Huawei routers over the Internet and turning them into snoops. It's one of the entries from the notorious TAO catalog:
(TS//SI//REL) HEADWATER is a Persistent Backdoor (PDB) software implant for selected Huawei routers. The implant will enable covert functions to be remotely executed within the router via an Internet connection.
(TS//SI//REL) HEADWATER PBD implant will be transferred remotely over the Internet to the selected target router by Remote Operations Center (ROC) personnel. After the transfer process is complete, the PBD will be installed in the router's boot ROM via an upgrade command. The PBD will then be activated after a system reboot. Once activated, the ROC operators will be able to use DNT's HAMMERMILL Insertion Tool (HIT) to control the PBD as it captures and examines all IP packets passing through the host router.
(TS//SI//REL) HEADWATER is the cover term for the PBD for Huawei Technologies routers. PBD has been adopted for use in the joint NSA/CIA effort to exploit Huawei network equipment. (The cover name for this joint project is TURBOPANDA.)
STATUS: (U//FOUO) On the shelf ready for deployment.
HEADWATER: NSA Exploit of the Day
Amazingly, this is an improvement on last year, when hackers took 300,000 taxpayers’ records from the IRS.
A basic best-practice for email servers is to use TLS (Transport Layer Security) when they connect to one another, which guards against “man in the middle” attacks that would allow attackers to read or change emails while they travel between mail-servers.
The White House released an announcement today on President Obama’s Cybersecurity National Action Plan. In thousands of not actually bad at all words about cybersecurity, they managed not to say the word “encryption” once.
Hackers are people too. And sometimes, they’re the good guys. The fundamentals of hacking have created an entire new level to the security industry and one that you can totally dominate with this certification training course that’s 98% off now. To know how to protect something, you have to be able to see how it’s […]
Light used to just be one of two things: on or off. Simple as that. Either a flood of yellow or total darkness. Then the dimmer switch happened and you could adjust the brightness to meet your seductive needs and suddenly everyone looked a little better in the gentler light. And now your luminary universe […]
Projects will always need management. And now with the tech gold rush it feels like there are more projects than ever with fewer managers than there’s demand for. But it takes too much time and money to go back to school full time so luckily the Project Management Professional certification training course is now 96% […]