FOCUS ON DEFENSE
In interviews, officials and experts said that a vast majority of such implants are intended only for surveillance and serve as an early warning system for cyberattacks directed at the US.
“How do you ensure that Cyber Command people” are able to look at “those that are attacking us?” a senior official, who compared it to submarine warfare, asked in an interview several months ago.
“That is what the submarines do all the time,” said the official, speaking on the condition of anonymity to describe policy. “They track the adversary submarines.” In cyberspace, he said, the US tries “to silently track the adversaries while they’re trying to silently track you.”
If tracking subs was a Cold War cat-and-mouse game with the Soviets, tracking malware is a pursuit played most aggressively with the Chinese.
The US has targeted Unit 61398, the Shanghai-based Chinese army unit believed to be responsible for many of the biggest cyberattacks on the US, in an effort to see attacks being prepared. With Australia’s help, one NSA document suggests, the US has also focused on another specific Chinese army unit.
Documents obtained by Snowden indicate that the US has set up two data centers in China — perhaps through front companies — from which it can insert malware into computers.
When the Chinese place surveillance software on US computer systems — and they have, on systems like those at the Pentagon and at the Times — the US usually regards it as a potentially hostile act, a possible prelude to an attack. Obama laid out America’s complaints about those practices to Chinese President Xi Jinping (習近平) in a long session at a summit meeting in California in June last year.
At that session, Obama tried to differentiate between conducting surveillance for national security — which the US argues is legitimate — and conducting it to steal intellectual property.
“The argument is not working,” said Peter Singer of the Brookings Institution, a co-author of a new book called Cybersecurity and Cyberwar. “To the Chinese, gaining economic advantage is part of national security. And the Snowden revelations have taken a lot of the pressure off” the Chinese.
Still, the US has banned the sale of computer servers from a major Chinese manufacturer, Huawei, for fear that they could contain technology to penetrate US networks.
The NSA’s efforts to reach computers unconnected to a network have relied on a century-old technology updated for modern times: radio transmissions.
In a catalog produced by the agency that was part of the Snowden documents released in Europe, there are page after page of devices using technology that would have brought a smile to Q, James Bond’s technology supplier.
One, called Cottonmouth I, looks like a normal USB plug, but has a tiny transceiver buried in it. According to the catalog, it transmits information swept from the computer “through a covert channel” that allows “data infiltration and exfiltration.” Another variant of the technology involves tiny circuit boards that can be inserted in a laptop computer — either in the field or when they are shipped from manufacturers — so that the computer is broadcasting to the NSA even while the computer’s user enjoys the false confidence that being walled off from the Internet constitutes real protection.