p*******r
发帖数: 2204 | 1 Deep within the National Security Agency, an elite, rarely discussed team of
hackers and spies is targeting America's enemies abroad.
BY MATTHEW M. AID | JUNE 10, 2013
http://www.foreignpolicy.com/articles/2013/06/10/inside_the_nsa
This weekend, President Barack Obama sat down for a series of meetings with
China's newly appointed leader, Xi Jinping. We know that the two leaders
spoke at length about the topic du jour -- cyber espionage -- a subject that
has long frustrated officials in Washington, and is now front and center
with the revelations of sweeping U.S. data mining. The media has focused at
length on China's aggressive attempts to electronically steal U.S. military
and commercial sectrets, but Xi pushed back at the "shirtsleeves" summit,
noting that China, too, was the recipient of cyber espionage. But what Obama
probably neglected to mention is that he has his own hacker army, and it
has burrowed its way deep, deep into China's networks.
When the agenda for the meeting at the Sunnylands Estate outside Palm
Springs, California was agreed to several months ago, both parties agreed
that it would be a nice opportunity for President Xi, who assumed his post
in March, to discuss a wide range of security and economic issues of concern
to both countries. According to diplomatic sources, the issue of cyber
security was not one of the key topics to be discussed at the summit. Sino-
American economic relations, climate change, and the growing threat posed by
North Korea were supposed to dominate the discussions.
Then, two weeks ago, White House officials leaked to the press that
President Obama intended to raise privately with Xi the highly contentious
issue of China's widespread use of computer hacking to steal U.S. government
, military, and commercial secrets. According to a Chinese diplomat in
Washington who spoke in confidence, Beijing was furious about the sudden
elevation of cyber security and Chinese espionage on the meeting agenda.
According to a diplomatic source in Washington, the Chinese government was
even angrier that the White House leaked the new agenda item to the press
before Washington bothered to tell them about it.
So the Chinese began to hit back. Senior Chinese officials have publicly
accused the U.S. government of hypocrisy, and alleged that Washington is
also actively engaged in cyber espionage. When the latest allegation of
Chinese cyber espionage was leveled in late May in a front page article in
the Washington Post , which alleged that hackers employed by the Chinese
military had stolen the blueprints of over three dozen American weapons
systems, the Chinese government's top Internet official, Huang Chengqing,
shot back that Beijing possessed "mountains of data" showing that the U.S.
has engaged in widespread hacking designed to steal Chinese government
secrets. This weekend's revelations about the National Security Agency's
PRISM and Verizon metadata collection from a 29-year-old former Central
Intelligence Agency (CIA) undercover operative named Edward J. Snoden, who
is now living in Hong Kong, only add fuel to Beijing's position.
But Washington never publicly responded to Huang's allegation, and nobody in
the U.S. media seems to have bothered to ask the White House if there was a
modicum of truth to the Chinese charges.
It turns out that the Chinese government's allegations are essentially
correct. According to a number of confidential sources, a highly secretive
unit of the National Security Agency (NSA), the U.S. government's huge
electronic eavesdropping organization, called the Office of Tailored Access
Operations, or TAO, has successfully penetrated Chinese computer and
telecommunications systems for almost 15 years, generating some of the best
and most reliable intelligence information about what is going on inside the
People's Republic of China.
Hidden away inside the massive NSA headquarters complex at Fort Meade,
Maryland, in a large suite of offices segregated from the rest of the agency
, TAO is a mystery to many NSA employees. Relatively few NSA officials have
complete access to information about TAO because of the extraordinary
sensitivity of its operations, and it requires a special security clearance
to gain access to the unit's work spaces inside the NSA operations complex.
The door leading to its ultra-modern operations center is protected by armed
guards, an imposing steel door which can only be entered by entering the
correct six digit code into a key pad, and a retinal scanner to ensure that
only those individuals specially cleared for access get through the door.
According to former NSA officials interviewed for this article, TAO's
mission is simple. It collects intelligence information on foreign targets
by surreptitiously hacking into their computers and telecommunications
systems, cracking passwords, compromising the computer security systems
protecting the targeted computer, stealing the data stored on computer hard
drives, and then copying all the message and data traffic passing within the
targeted e-mail and text messaging systems. The technical term-of-art used
by NSA to describe these operations is Computer Network Exploitation (CNE).
TAO is also responsible for developing the information which would allow
the United States to destroy or damage foreign computer and
telecommunications systems with a cyber attack if so directed by the
president. The organization responsible for conducting such a cyber attack
is U.S. Cyber Command (CYBERCOM), whose headquarters is located at Fort
Meade and whose chief is the director of NSA, Gen. Keith Alexander.
Commanded since April of this year by Robert Joyce, who formerly was the
deputy director of NSA's Information Assurance Directorate (responsible for
protecting the U.S. government communications and computer systems), sources
say that TAO is now the largest, and arguably the most important component
of NSA's huge Signal Intelligence (SIGINT) Directorate, consisting of over 1
,000 military and civilian computer hackers, intelligence analysts,
targeting specialists, computer hardware and software designers, and
electrical engineers.
The sanctum sanctorum of TAO is its ultra-modern operations center at Fort
Meade called the Remote Operations Center (ROC), which is where the unit's
600 or so military and civilian computer hackers (they themselves CNE
operators) work in rotating shifts 24-hours-a-day, seven days a week.
These operators spend their days (or nights) searching the ether for
computers systems and supporting telecommunications networks being utilized
by, for example, foreign terrorists to pass messages to its members or
sympathizers. Once these computers have been identified and located, the
computer hackers working in the ROC break into the targeted computer systems
electronically using special software designed by TAO's own corps of
software designers and engineers specifically for this purpose, download the
contents of the computer's hard drives, and place software implants or
other devices called "buggies" inside the computer's operating system, which
allows TAO intercept operators at Fort Meade to continuously monitor the e-
mail and/or text messaging traffic coming in and out of the computer or hand
-held device.
TAO's work would not be possible without the team of gifted computer
scientists and software engineers belonging to the Data Network Technologies
Branch, who develop the sophisticated computer software that allows the
unit's operators to perform their intelligence collection mission. A
separate unit within TAO called the Telecommunications Network Technologies
Branch, or TNT for short, develops the techniques that allows TAO's hackers
to covertly gain access to targeted computer systems and telecommunications
networks without being detected. Meanwhile, TAO's Mission Infrastructure
Technologies Branch develops and builds the sensitive computer and
telecommunications monitoring hardware and support infrastructure that keeps
the effort up and running.
TAO even has its own small clandestine intelligence gathering unit called
the Access Technologies Operations Branch, which includes personnel seconded
by the CIA and the FBI, who perform what are described as "off-net
operations," which is a polite way of saying that they arrange for CIA
agents to surreptitiously plant eavesdropping devices on computers and/or
telecommunications systems overseas so that TAO's hackers can remotely
access them from Fort Meade. |
|
