From Part 3 of Der Spiegel’s article on the NSA:
The insert method and other variants of QUANTUM are closely linked to a shadow network operated by the NSA alongside the Internet, with its own, well-hidden infrastructure comprised of “covert” routers and servers. It appears the NSA also incorporates routers and servers from non-NSA networks into its covert network by infecting these networks with “implants” that then allow the government hackers to control the computers remotely. (Click here to read a related article on the NSA’s “implants”.)
Just when you think you’ve heard it all…
So, the NSA suckers people into visiting their own Web sites—disguised as something like LinkedIn—in order to install malware on your computer.
This NSA server coerces the user into connecting to NSA covert systems rather than the intended sites. In the case of Belgacom engineers, instead of reaching the LinkedIn page they were actually trying to visit, they were also directed to FOXACID servers housed on NSA networks. Undetected by the user, the manipulated page transferred malware already custom tailored to match security holes on the target person’s computer.
The technique can literally be a race between servers, one that is described in internal intelligence agency jargon with phrases like: “Wait for client to initiate new connection,” “Shoot!” and “Hope to beat server-to-client response.” Like any competition, at times the covert network’s surveillance tools are “too slow to win the race.” Often enough, though, they are effective. Implants with QUANTUMINSERT, especially when used in conjunction with LinkedIn, now have a success rate of over 50 percent, according to one internal document.
Or… when you order a new machine, they simply steal the package from the shipper (Dell, Gateway, etc.) open it up, install some nasties, and give it right back to FedEx, or whomever, to be delivered as a full-on spying machine to your door, and into your home.
Sometimes it appears that the world’s most modern spies are just as reliant on conventional methods of reconnaissance as their predecessors.
Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called “load stations,” agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.
These minor disruptions in the parcel shipping business rank among the “most productive operations” conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks “around the world.”
Of course, we know the angels at the NSA would never, ever, ever, ever, do this on behalf of a powerful Senator or Congressman who needs a little intel or dirt on a political opponent, or a loudmouth reporter who knows too much. Noooooo, that could never happen.
And if you believe that…