Inside TAO: Documents Reveal Top NSA Hacking Unit

For more on SCADAs, please see the following previous posts:

Exclusive: Cyberattack leaves natural gas pipelines vulnerable to sabotage

UPDATE 3: U.S. probes cyber attack on water system

Security backdoor found in China-made US military chip

 

The NSA’s TAO hacking unit is considered to be the intelligence agency’s top secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting.

In January 2010, numerous homeowners in San Antonio, Texas, stood baffled in front of their closed garage doors. They wanted to drive to work or head off to do their grocery shopping, but their garage door openers had gone dead, leaving them stranded. No matter how many times they pressed the buttons, the doors didn’t budge. The problem primarily affected residents in the western part of the city, around Military Drive and the interstate highway known as Loop 410. Continue reading →

Exclusive: Cyberattack leaves natural gas pipelines vulnerable to sabotage

For further information on SCADAs, please see the following Global Geopolitics entries that were ahead of the curve:

• Security backdoor found in China-made US military chip
• UPDATE 3: U.S. probes cyber attack on water system

“Red Dragon Rising: Communist China’s Military Threat to America” from 1999 is a highly recommended read. The United States is in more vulnerable than most people know, and longer than most people would have thought.

Cyberspies linked to China’s military targeted nearly two dozen US natural gas pipeline operators over a recent six-month period, stealing information that could be used to sabotage US gas pipelines, according to a restricted US government report and a source familiar with the government investigation.

From December 2011 through June 2012, cyberspies targeted 23 gas pipeline companies with e-mails crafted to deceive key personnel into clicking on malicious links or file attachments that let the attackers slip into company networks, says the Department of Homeland Security (DHS) report.

The report does not mention China, but the digital signatures of the attacks have been identified by independent cybersecurity researchers as belonging to a particular espionage group recently linked to China’s military.

The confluence of these factors –  along with the sensitive operational and technical details that were stolen – make the cyberbreaches perhaps among the most serious so far, some experts say. The stolen information could give an adversary all the insider knowledge necessary to blow up not just a few compressor stations but perhaps many of them simultaneously, effectively holding the nation’s gas infrastructure hostage. Nearly 30 percent of the nation’s power grid now relies on natural gas generation.

“This theft of key information is about hearing the footsteps get closer and closer,” says William Rush, a retired scientist formerly with the Gas Technology Institute who chaired the effort to create a cybersecurity standard applicable to the gas pipeline industry.

“Anyone can blow up a gas pipeline with dynamite. But with this stolen information, if I wanted to blow up not one, but 1,000 compressor stations, I could,” he adds. “I could put the attack vectors in place, let them sit there for years, and set them all off at the same time. I don’t have to worry about getting people physically in place to do the job, I just pull the trigger with one mouse click.” Continue reading →