Ryan Gallagher and Peter Maas at The Intercept have an important story about how the NSA has been hunting and hacking the systems administrators of companies.
Across the world, people who work as system administrators keep computer networks in order – and this has turned them into unwitting targets of the National Security Agency for simply doing their jobs. According to a secret document provided by NSA whistleblower Edward Snowden, the agency tracks down the private email and Facebook accounts of system administrators (or sys admins, as they are often called), before hacking their computers to gain access to the networks they control.
By infiltrating the computers of system administrators who work for foreign phone and Internet companies, the NSA can gain access to the calls and emails that flow over their networks.
The classified posts reveal how the NSA official aspired to create a database that would function as an international hit list of sys admins to potentially target. Yet the document makes clear that the admins are not suspected of any criminal activity – they are targeted only because they control access to networks the agency wants to infiltrate. “Who better to target than the person that already has the ‘keys to the kingdom’?” one of the posts says.
The NSA wants more than just passwords. The document includes a list of other data that can be harvested from computers belonging to sys admins, including network maps, customer lists, business correspondence and, the author jokes, “pictures of cats in funny poses with amusing captions.” The posts, boastful and casual in tone, contain hacker jargon (pwn, skillz, zomg, internetz) and are punctuated with expressions of mischief. “Current mood: devious,” reads one, while another signs off, “Current mood: scheming.”
As The Intercept revealed last week, clandestine hacking has become central to the NSA’s mission in the past decade. The agency is working to aggressively scale its ability to break into computers to perform what it calls “computer network exploitation,” or CNE: the collection of intelligence from covertly infiltrated computer systems. Hacking into the computers of sys admins is particularly controversial because unlike conventional targets – people who are regarded as threats – sys admins are not suspected of any wrongdoing.
Why is this important? Because sys admins are the people best suited to thwart the NSA’s spying efforts and this information is likely to really irk them, especially since the documents reveal that the people who work for the NSA have little respect for hackers who do not work for the government and disdain them. Nobody likes being taken advantage of and in the world that these people live in, being hacked by someone else implies that your skills are inferior to theirs.
Technical people are in the best position to build in as the default in systems the kinds of safeguards that would create greater levels of privacy protection. Up to now, they have been largely anonymous and viewed as apolitical lower-rung cogs in the machine, just carrying out policies that are set at higher levels. What their fellow sys admin Edward Snowden has showed is that they can be important political players if they become radicalized.
In one session at the 30C3 conference held in Germany in December 2013 where the audience seemed to consist of many technical people at the sys admin level, the call by Jacob Appelbaum, Sarah Harrison, and Julian Assange for sys admins of the world to unite to defeat the NSA’s efforts was received with applause. And this was before the recent revelation that the NSA essentially perceives sys admins as targets to be hacked.
I cannot imagine that this latest Snowden revelation made the sys admins feel any warmer towards the NSA.