Secret radio technology allowed NSA to spy on PCs disconnected from the Internet

A secret technology which relied on radio transmissions has allowed the National Security Agency to spy on computers disconnected from the internet – a security measure known as an ‘air gap’, and commonly used to protect machines containing highly sensitive data, according to a New York Times report.

The agency has used the technology since 2008, according to documents released by Edward Snowden. Rather than access networks, the agency inserted tiny components into computers, either using agents or component manufacturers, to create a “covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards.”

The Register’s report notes that the transmitters would relay and receive data from a briefcase-sized array known as Nightstand, and had a range of around eight miles. The components could also alter data on host PCs, the site noted.

Targets of the technology, codenamed ‘Quantum’, included foreign military networks, drug cartels and trade institutes.

“The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack,” the Times reported.

“In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.”

News agency Reuters reported that there was no evidence the technology had been used within the USA.

“NSA’s activities are focused and specifically deployed against — and only against — valid foreign intelligence targets in response to intelligence requirements,” Business Insider quoted an agency spokesperson as saying.

Consumers have become increasingly concerned about privacy and spying in the wake of Snowden’s revelations, as reported in this year’s ESET Threat Trends Predictions for 2014, which was subtitled The Challenge of Internet Privacy.

 In the report, ESET’s experts warn that ensuring data is locked from prying eyes (by the use of encryption, for instance) is merely a good first step.

“The challenge to internet privacy has not meant a decrease in cases of people affected by any malicious code or other kind of computer threat,” the researchers write. “Concern about privacy is a good starting point, but it is essential for people to be aware of all aspects of Information Security. Otherwise, it is not possible to mitigate the impact of computer threats.”

 

Author Rob Waugh, We Live Security

  • Personal computer?

    But how trust in microsoft updates for “secure pc” if microsoft work together with nsa.
    Explained in your post: Microsoft’s new crime-fighting super-team.

    No more real privacy or security exists since all the big companies are coerced to work with nsa or even bought by them.

    I no longer believe in any technology.

  • Agen

    Looks like you all in trouble now

  • Jammer

    So with this and the use of speakers being used to distribute malware (In previous articles on the site), would it then be able to injected into the BIOS Rom from say a exe file and then use the speakers to communicate to the control agent? I mean if they need circuit boards or a usb card, could they just use whats already on most boards these days? Bios speakers perhaps?

  • Ciprian

    The solution is to buy an old laptop with a linux live cd and you are safe.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
15 Jan 2014
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.