Twenty-five years ago, when assistants were still called secretaries, I had a secretary who used to demand the maintenance people remove the fluorescent lights above her head. “Jeff” she would say, “that’s how they track you, those bulbs send out evil radio waves that get into your head.” Now personally I always thought it was the 40 cats Ethel had at home that got it into her head, but the latest NSA news suggests Ethel may not have been that far off.
According to a report in the New York Times, the National Security Agency has loaded software in nearly 100,000 computers around the world that not only allows the agency to spy on those machines but they can also use those computers as a digital highway for launching cyberattacks.
Here’s where Ethel comes in the N.S.A. is also using a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.
The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.
The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.
Apparently China, not Ethel is the most frequent target of this radio technology.
Among the most frequent targets of the N.S.A. and its Pentagon partner,United States Cyber Command, have been units of the Chinese Army, which the United States has accused of launching regular digital probes and attacks on American industrial and military targets, usually to steal secrets or intellectual property. But the program, code-named Quantum, has also been successful in inserting software into Russian military networks and systems used by the Mexican police and drug cartels, trade institutions inside the European Union, and sometime partners against terrorism like Saudi Arabia, India and Pakistan, according to officials and an N.S.A. map that indicates sites of what the agency calls “computer network exploitation.”
“What’s new here is the scale and the sophistication of the intelligence agency’s ability to get into computers and networks to which no one has ever had access before,” said James Andrew Lewis, the cybersecurity expert at the Center for Strategic and International Studies in Washington. “Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the U.S. a window it’s never had before.”
In the end this report raises a few questions like how can we trust that the NSA hasn’t inserted this software, and using the radio technology in the computers of Americans? After the last few months of revelations the trust level is simply not there.
The other thing of course is now that we know Ethel wasn’t that off, I wonder how many cats the NSA has.