A new Snowden leak sheds more light on Tailored Access Operations, a catalog of standard attacks against routers and other Internet infrastructure.
The new leak details the deployment of malware against 50,000 computer networks worldwide, in cooperation with GCHQ, the British spy agency. The program dates back to 1998, and the infected networks are referred to internally as "sleeper cells" that can be switched on or off at will.
Cyber operations are increasingly important for the NSA. Computer hacks are relatively inexpensive and provide the NSA with opportunities to obtain information that they otherwise would not have access to. The NSA-presentation shows their CNE-operations in countries such as Venezuela and Brazil. The malware installed in these countries can remain active for years without being detected.
'Sleeper cells' can be activated with a single push of a button
The malware can be controlled remotely and be turned on and off at will. The 'implants' act as digital 'sleeper cells' that can be activated with a single push of a button. According to the Washington Post, the NSA has been carrying out this type of cyber operation since 1998.
NSA infected 50,000 computer networks with malicious software [Floor Boon, Steven Derix and Huib Modderkolk/NRC]