US National Security Agency have made headlines again, after Snowden’s latest leaked documents revealed the Agency had undercover agents in China, Germany and South Korea. Document obtained by The Intercept revealed the undercover operatives used “Physical subversion” tactics to infiltrate and compromise networks and devices.
“The documents, leaked by former NSA agent Edward Snowden, also indicate that the agency used “under cover” operatives to gain access to sensitive data and systems in the global communications industry, and that these secret agents may have even dealt with American firms,” writes The Intercept.
Apparently the US spy master runs a slew of clandestine activities codenamed “core secrets”, secretly spying on internet users, a fact know only by a select few outside the agency. Majority of the revealed “core secrets” shows the Agency colluding with domestic and foreign corporation to gain back door access to sensitive data without the knowledge of the host countries.
Previously leaked NSA Documents revealed the agency was working with US corporations to access vast amounts of users’ digital data and weaken encryption. The latest leaks shows the NSA is also working with foreign commercial entities to spy on users. That means customers who had ditched the US Tech companies to avoid NSA spying are now trapped in between the proverbial rock and hard place.
“In addition to so-called “close access”, the NSA’s “core secrets” include the fact that the agency works with U.S. and foreign companies to weaken their encryption systems; the fact that the NSA spends “hundreds of millions of dollars” on technology to defeat commercial encryption; and the fact that the agency works with U.S. and foreign companies to penetrate computer networks, possibly without the knowledge of the host countries,” reported the Intercept
According to Snowden’s latest documents, the revealed “core secrets” involve six different programs categorized under “Sentry Eagle” an umbrella term used by NSA to refer to its most sensitive operations to protect America’s cyberspace.
All the projects of Sentry Eagle were allegedly ongoing by 2012. They include “Sentry Hawk (for activities involving computer network exploitation, or spying), Sentry Falcon (computer network defense), Sentry Osprey (cooperation with the CIA and other intelligence agencies), Sentry Raven (breaking encryption systems), Sentry Condor (computer network operations and attacks), and Sentry Owl (collaborations with private companies),” writes The Intercept.
A 13 page brief sheet about “Sentry Eagle” released by the Intercept, revealed the program (Sentry Eagle) constitute a combination of the greatest number of highly sensitive facts related to NSA/CSS’s overall cryptologic mission. “Unauthorized disclosure…will cause exceptionally grave damage to U.S. national security. The loss of this information could critically compromise highly sensitive cryptologic U.S. and foreign relationships, multi-year past and future NSA investments, and the ability to exploit foreign adversary cyberspace while protecting U.S. cyberspace,” states the document.
One of the most notable exposé is Sentry Osprey, involving NSA’s Human Intelligent Programs “HUMMIT”-NSA undercover agents working with other CIA and FBI agents in undercover operations. Agents under HUMMT masquerades as businessman, employees in foreign countries or diplomats working in US oversees embassies. The brief sheet on Sentry Eagle indicates the NSA “employs its own HUMINT assets (Target Exploitation—TAREX) to support SIGINT operations.”
Target Exploration- TAREX, which is funded and directed by NSA “conducts worldwide clandestine Signals Intelligence (SIGINT) close-access operations and overt and clandestine Human Intelligence (HUMINT) operations,” according to a 2012 classification guide. The guide reveals that TAREX personnel are part of CIA and FBI operations some of which include, implanting surveillance beacons which communicates directly with NSA servers from identified target locations.
Although, the actual job description of TEREX personnel is unclear, the guide reports that NSA has a “Forward based TAREX presence” in countries such as China, South Korea and Germany where telecommunication Industry is robust. The TAREX operations usually consists of “Small-unit, up-close, intelligence-gathering operatives. Usually two-to-three man units,” according to book by Lt. Col. Anthony Shaffer, a former Defense intelligence Agent.
The revelation that NSA had infiltrated its undercover agents in certain “commercial entities” have caused a shudder in the corporate world. Technology executives are very troubled to know they might be having NSA agents in their payrolls The leaked document does not clarify the nature of the commercial entities or whether the clandestine agents were full time employees in the commercial entities. All the same, it is evident the employees were secretly working for NSA, possibility sharing highly sensitive data or stealing encryption keys.
It is not entirely surprising that NSA would deploy its Agents to masquerade as employees, especially at a time when tech companies are fighting to encrypt their users’ data. “As more and more communications become encrypted, the attraction for intelligence agencies of stealing an encryption key becomes irresistible,” says Matthew Green, a cryptographer at Johns Hopkins University. “It’s such a juicy target,” he adds.
NSA on its part refused to comment on the exposé. The agency only released a statement saying. “It should come as no surprise that NSA conducts targeted operations to counter increasingly agile adversaries.” The Agency further said it “takes into account the globalization of trade, investment and information flows, and the commitment to an open, interoperable, and secure global Internet.”