Inside TAO: Documents Reveal Top NSA Hacking Unit

Read all of this By SPIEGEL staff here.

Excerpt below:

Part 2: Targeting Mexico
Mexico’s Secretariat of Public Security, which was folded into the new National Security Commission at the beginning of 2013, was responsible at the time for the country’s police, counterterrorism, prison system and border police. Most of the agency’s nearly 20,000 employees worked at its headquarters on Avenida Constituyentes, an important traffic artery in Mexico City. A large share of the Mexican security authorities under the auspices of the Secretariat are supervised from the offices there, making Avenida Constituyentes a one-stop shop for anyone seeking to learn more about the country’s security apparatus.
Operation WHITETAMALE
That considered, assigning the TAO unit responsible for tailored operations to target the Secretariat makes a lot of sense. After all, one document states, the US Department of Homeland Security and the United States’ intelligence agencies have a need to know everything about the drug trade, human trafficking and security along the US-Mexico border. The Secretariat presents a potential “goldmine” for the NSA’s spies, a document states. The TAO workers selected systems administrators and telecommunications engineers at the Mexican agency as their targets, thus marking the start of what the unit dubbed Operation WHITETAMALE.
Workers at NSA’s target selection office, which also had Angela Merkel in its sights in 2002 before she became chancellor, sent TAO a list of officials within the Mexican Secretariat they thought might make interesting targets. As a first step, TAO penetrated the target officials’ email accounts, a relatively simple job. Next, they infiltrated the entire network and began capturing data.
Soon the NSA spies had knowledge of the agency’s servers, including IP addresses, computers used for email traffic and individual addresses of diverse employees. They also obtained diagrams of the security agencies’ structures, including video surveillance. It appears the operation continued for years until SPIEGEL first reported on it in October.
The technical term for this type of activity is “Computer Network Exploitation” (CNE). The goal here is to “subvert endpoint devices,” according to an internal NSA presentation that SPIEGEL has viewed. The presentation goes on to list nearly all the types of devices that run our digital lives — “servers, workstations, firewalls, routers, handsets, phone switches, SCADA systems, etc.” SCADAs are industrial control systems used in factories, as well as in power plants. Anyone who can bring these systems under their control has the potential to knock out parts of a country’s critical infrastructure.

RSS feed for comments on this post. TrackBack URI

Leave a Reply